Blog
About

299
views
0
recommends
+1 Recommend
1 collections
    8
    shares
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Towards A Stateful Analysis Framework for Smart Grid Network Intrusion Detection

      , ,

      4th International Symposium for ICS & SCADA Cyber Security Research 2016 (ICS-CSR)

      Cyber Security Research

      23 - 25 August 2016

      Framework, Network intrusion detection system, Stateful analysis, Smart grid

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Cybersecurity is a primary issue in the development of smarter grid systems. Smart grid systems utilize a number of application protocols in order to implement their devices and services, and the information in the application protocols is useful for intrusion detection which is one of major security solutions. Stateful analysis based intrusion detection monitors network and system behaviours and keeps tracks of the behaviours in order to make detection decisions. In smart grid systems, monitoring these behaviours requires expert knowledge and tailoring for particular application protocols. In this paper, we present a framework for smart grid intrusion detection allowing stateful analysis methods to define its stateful rules that can be run on an open source network intrusion detection system, Suricata, in order to process their stateful analysis. A stateful rule defines a particular state of smart grid devices and will be examined with incoming network traffic in order to find any match. We also develop an application for IEC 61850 stateful analysis to show how the proposed framework can be implemented and work.

          Related collections

          Most cited references 16

          • Record: found
          • Abstract: not found
          • Article: not found

          Anomaly-based network intrusion detection: Techniques, systems and challenges

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            The real story of stuxnet

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              An Intrusion Detection System for IEC61850 Automated Substations

                Bookmark

                Author and article information

                Contributors
                Conference
                August 2016
                August 2016
                : 124-131
                Affiliations
                Centre for Secure Information Technologies, Queen’s University Belfast

                Belfast Northern Ireland, United Kingdom
                Article
                10.14236/ewic/ICS2016.14
                © Kang et al. Published by BCS Learning & Development Ltd. Proceedings of the 4th International Symposium for ICS & SCADA Cyber Security Research 2016

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                4th International Symposium for ICS & SCADA Cyber Security Research 2016
                ICS-CSR
                4
                Queen’s Belfast University, UK
                23 - 25 August 2016
                Electronic Workshops in Computing (eWiC)
                Cyber Security Research
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article