Improving SCADA Security using IDS and MikroTIK

Industries have realized that SCADA System was built without considering the security aspect. It was believed that there are no attacks to the scada plant. Unfortunately, in this era, SCADA network needs to be connected to the Internet to increase its performance. In this case, the protection of Supervisory Control and Data Acquisition (SCADA) is needed against cyber-attacks. Much research has seen the big lost as cyber-attack happens at critical infrastructure. In this research, we simulated a test bed environment of SCADA system to monitor and mitigate the attack as well as give fast response report to the operator. We used Network Based Intrusion Detection System using SNORT rule, which is integrated with MikroTik for Deep Packet Inspection (DPI). This system inspects all traffic data going through the scada system. Results from the experiment show that the testbed environment was able to detect attacks effectively and efficiently.

[1]  Sandip C. Patel,et al.  Improving the cyber security of SCADA communication networks , 2009, CACM.

[2]  Eric D. Knapp,et al.  Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems , 2011 .

[3]  Henrik Sandberg,et al.  The VIKING project: An initiative on resilient control of power networks , 2009, 2009 2nd International Symposium on Resilient Control Systems.

[4]  Ulf Lindqvist,et al.  Using Model-based Intrusion Detection for SCADA Networks , 2006 .

[5]  Aiko Pras,et al.  A first look into SCADA network traffic , 2012, 2012 IEEE Network Operations and Management Symposium.

[6]  James D. Gilsinn,et al.  IT Security for Industrial Control Systems: Requirements Specification and Performance Testing Presented at the 2004 NDIA Homeland Security Symposium & Exhibition Hyatt Regency, Crystal City, Virginia, May 25-27, 2004 , 2004 .

[7]  Walid Ibrahim,et al.  A Hands-on Approach for Teaching Denial of Service Attacks: A Case Study , 2013 .

[8]  José M. Fernandez,et al.  An isolated virtual cluster for SCADA network security research , 2013, ICS-CSR.

[9]  Bruno Dutertre Formal Modeling and Analysis of the Modbus Protocol , 2007, Critical Infrastructure Protection.

[10]  Timothy Grance,et al.  Guide to Supervisory Control and Data Acquisition (SCADA) and Other Industrial Control System Security , 2006 .

[11]  Aditya Ashok,et al.  Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid , 2013, IEEE Transactions on Smart Grid.