Alarm Based Anomaly Detection of Insider Attacks in SCADA System

被引:0
|
作者
Nasr, Payam Mahmoudi [1 ]
Varjani, Ali Yazdian [1 ]
机构
[1] Tarbiat Modares Univ, Elect & Comp Engn Dept, Tehran, Iran
来源
2014 SMART GRID CONFERENCE (SGC) | 2014年
关键词
Insider attack; anomaly detection; security; SCADA;
D O I
暂无
中图分类号
TE [石油、天然气工业]; TK [能源与动力工程];
学科分类号
0807 ; 0820 ;
摘要
Insider attacks are one of the most dangerous threats on security of critical infrastructures. An insider attack occurs when an authorized operator misuse the permissions, and brings catastrophic damages by sending legitimate control commands. Therefore, insider attacks have great impact and higher success rate, and it is difficult to predict and protect against them. This paper, by study on the SCADA alarms, proposes a new alarm based statistical anomaly detection method to identify potential insider attacks at substations and total transmission system in power grid. To demonstrate the proposed method, two insider attack scenarios have been simulated at both substations level and transmission system. Experimental scenarios illustrate proposed method is effective, and anomalies can be detected by minimum number of alarms.
引用
收藏
页数:6
相关论文
共 50 条
  • [1] Petri Net Model of Insider Attacks in SCADA System
    Nasr, Payam Mahmoudi
    Varjani, Ali Yazdian
    2014 11TH INTERNATIONAL ISC CONFERENCE ON INFORMATION SECURITY AND CRYPTOLOGY (ISCISC), 2014, : 55 - 60
  • [2] An unsupervised anomaly-based detection approach for integrity attacks on SCADA systems
    Almalawi, Abdulmohsen
    Yu, Xinghuo
    Tari, Zahir
    Fahad, Adil
    Khalil, Ibrahim
    COMPUTERS & SECURITY, 2014, 46 : 94 - 110
  • [3] Power System Reliability Analysis Considering External and Insider Attacks on the SCADA System
    Tang, Sirui
    Liu, Zhaoxi
    Wang, Lingfeng
    2020 IEEE/PES TRANSMISSION AND DISTRIBUTION CONFERENCE AND EXPOSITION (T&D), 2020,
  • [4] SCADA Networks Anomaly-based Intrusion Detection System
    Almehmadi, Abdulaziz
    11TH INTERNATIONAL CONFERENCE ON SECURITY OF INFORMATION AND NETWORKS (SIN 2018), 2018,
  • [5] A General and Expandable Insider Threat Detection System Using Baseline Anomaly Detection and Scenario-driven Alarm Filters
    Yang, Guang
    Cai, Lijun
    Yu, Aimin
    Meng, Dan
    2018 17TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (IEEE TRUSTCOM) / 12TH IEEE INTERNATIONAL CONFERENCE ON BIG DATA SCIENCE AND ENGINEERING (IEEE BIGDATASE), 2018, : 763 - 773
  • [6] Wind Turbine Anomaly Detection Using Mahalanobis Distance and SCADA Alarm Data
    Liu, Jui-Hung
    Corbita, Nelson T., Jr.
    Lee, Rong-Mao
    Wang, Chun-Chieh
    APPLIED SCIENCES-BASEL, 2022, 12 (17):
  • [7] Maintaining Defender's Reputation in Anomaly Detection Against Insider Attacks
    Zhang, Nan
    Yu, Wei
    Fu, Xinwen
    Das, Sajal K.
    IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART B-CYBERNETICS, 2010, 40 (03): : 597 - 611
  • [8] Development Trend of Insider Anomaly Detection System
    Kim, MinKyu
    Kim, KiHwan
    Lee, HoonJae
    2018 20TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT), 2018, : 373 - 376
  • [9] An Alarm Based Access Control Model for SCADA System
    Nasr, Payam Mahmoudi
    Varjani, Ali Yazdian
    2015 SMART GRID CONFERENCE (SGC 2015), 2015, : 145 - 151
  • [10] Trust Based Intrusion Detection System to Detect Insider Attacks in IoT Systems
    Ambili, K. N.
    Jose, Jimmy
    INFORMATION SCIENCE AND APPLICATIONS, 2020, 621 : 631 - 638
12345