Novel Approach for Detecting Network Anomalies for Substation Automation based on IEC 61850
作者: Hyunguk Yoo , Taeshik Shon
DOI: 10.1007/S11042-014-1870-0
关键词:
摘要: An SA (Substation Automation) system based on IEC 61850 is an intelligent substation; it has been receiving considerable attention as a core component of smart grid. The explosive increase threats to cyber security expanded critical national infrastructures including the power Substation Automation also become main target cyber-attacks. Currently, various countermeasures such firewalls, IDS (Intrusion Detection System)s, and anti-virus solutions have developed, but date, these not sufficiently reflected inherent features 61850. This study suggests method anomaly detection for MMS (Manufacturing Message Specification) GOOSE (Generic Object Oriented Events) packets, communication protocols Automation. 3-Phase preprocessing, EM (Expect Maximization), one-class SVM (Support Vector Machine) techniques are applied. effectiveness suggested evaluated through experiments.
springer.com
acm.org
sci-hub.se 参考文章(14)
Bruno Dutertre, Steven Cheung, Martin Fong, Alfonso Valdes, Ulf Lindqvist, Keith Skinner, Using Model-based Intrusion Detection for SCADA Networks ,(2006)
Iñaki Garitano, Roberto Uribeetxeberria, Urko Zurutuza, A Review of SCADA Anomaly Detection Systems Soft Computing. pp. 357- 366 ,(2011) , 10.1007/978-3-642-19644-7_38
Filip De Turck, Burkhard Stiller, Mechanisms for Autonomous Management of Networks and Services ,(2011)
Christof Störmann, Jan Kästner, Patrick Düssel, Christian Gehl, Pavel Laskov, Jens-Uwe Bußer, Cyber-Critical Infrastructure Protection Using Real-Time Payload-Based Anomaly Detection Critical Information Infrastructures Security. ,vol. 6027, pp. 85- 97 ,(2010) , 10.1007/978-3-642-14379-3_8
Upeka Premaratne, Jagath Samarabandu, Tarlochan Sidhu, Bob Beresh, Jian-Cheng Tan, Evidence Theory based Decision Fusion for Masquerade Detection in IEC61850 Automated Substations international conference on information and automation. pp. 194- 199 ,(2008) , 10.1109/ICIAFS.2008.4783971
Taeshik Shon, Jongsub Moon, A hybrid machine learning approach to network anomaly detection Information Sciences. ,vol. 177, pp. 3799- 3821 ,(2007) , 10.1016/J.INS.2007.03.025
Rafael Ramos Regis Barbosa, Ramin Sadre, Aiko Pras, Towards periodicity based anomaly detection in SCADA networks emerging technologies and factory automation. pp. 1- 4 ,(2012) , 10.1109/ETFA.2012.6489745
A. P. Dempster, N. M. Laird, D. B. Rubin, Maximum Likelihood from Incomplete Data Via theEMAlgorithm Journal of the Royal Statistical Society: Series B (Methodological). ,vol. 39, pp. 1- 22 ,(1977) , 10.1111/J.2517-6161.1977.TB01600.X
Intrusion Monitoring in Process Control Systems hawaii international conference on system sciences. pp. 1- 7 ,(2009) , 10.1109/HICSS.2009.273
Chee-Wooi Ten, Junho Hong, Chen-Ching Liu, Anomaly Detection for Cybersecurity of the Substations IEEE Transactions on Smart Grid. ,vol. 2, pp. 865- 873 ,(2011) , 10.1109/TSG.2011.2159406