Alarm Based Anomaly Detection of Insider Attacks in SCADA System

被引:0
作者
Nasr, Payam Mahmoudi [1 ]
Varjani, Ali Yazdian [1 ]
机构
[1] Tarbiat Modares Univ, Elect & Comp Engn Dept, Tehran, Iran
来源
2014 SMART GRID CONFERENCE (SGC) | 2014年
关键词
Insider attack; anomaly detection; security; SCADA;
D O I
暂无
中图分类号
TE [石油、天然气工业]; TK [能源与动力工程];
学科分类号
0807 ; 0820 ;
摘要
Insider attacks are one of the most dangerous threats on security of critical infrastructures. An insider attack occurs when an authorized operator misuse the permissions, and brings catastrophic damages by sending legitimate control commands. Therefore, insider attacks have great impact and higher success rate, and it is difficult to predict and protect against them. This paper, by study on the SCADA alarms, proposes a new alarm based statistical anomaly detection method to identify potential insider attacks at substations and total transmission system in power grid. To demonstrate the proposed method, two insider attack scenarios have been simulated at both substations level and transmission system. Experimental scenarios illustrate proposed method is effective, and anomalies can be detected by minimum number of alarms.
引用
收藏
页数:6
相关论文
共 50 条
[21]   A New Approach for Detection of Insider Attacks [J].
Sen, Sevil .
2013 21ST SIGNAL PROCESSING AND COMMUNICATIONS APPLICATIONS CONFERENCE (SIU), 2013,
[22]   Predictive maintenance based on anomaly detection in photovoltaic system using SCADA data and machine learning [J].
Syamsuddin, Agussalim ;
Adhi, Andrew Cahyo ;
Kusumawardhani, Amie ;
Prahasto, Toni ;
Widodo, Achmad .
RESULTS IN ENGINEERING, 2024, 24
[23]   Insider Threat Detection Based on User Behavior Modeling and Anomaly Detection Algorithms [J].
Kim, Junhong ;
Park, Minsik ;
Kim, Haedong ;
Cho, Suhyoun ;
Kang, Pilsung .
APPLIED SCIENCES-BASEL, 2019, 9 (19)
[24]   SPEAR: A systematic approach for connection pattern-based anomaly detection in SCADA systems [J].
Rusu, Dorin Adrian ;
Genge, Bela ;
Siaterlis, Christos .
7TH INTERNATIONAL CONFERENCE INTERDISCIPLINARITY IN ENGINEERING (INTER-ENG 2013), 2014, 12 :168-173
[25]   A leak detection system based SCADA [J].
Yihu, Huang ;
Ximei, Jia ;
Bin, Guo .
PROCEEDINGS OF THE 14TH INTERNATIONAL CONFERENCE ON INDUSTRIAL ENGINEERING AND ENGINEERING MANAGEMENT, VOLS A AND B: BUILDING CORE COMPETENCIES THROUGH IE&EM, 2007, :1570-1573
[26]   Detection of Insider Attacks in Cloud based e-Healthcare Environment [J].
Garkoti, Gaurav ;
Peddoju, Sateesh K. ;
Balasubramanian, R. .
2014 INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY (ICIT), 2014, :195-200
[27]   Network Anomaly Detection for m-connected SCADA Networks [J].
Kim, Si-Jung ;
Kim, Bong-Han ;
Yeo, Sang-Soo ;
Cho, Do-Eun .
2013 EIGHTH INTERNATIONAL CONFERENCE ON BROADBAND, WIRELESS COMPUTING, COMMUNICATION AND APPLICATIONS (BWCCA 2013), 2013, :351-354
[28]   Anomaly Detection for DDoS Attacks Based on Gini Coefficient [J].
Liu, Yun ;
Jiang, Siyu ;
Huang, Jiuming .
PROCEEDINGS OF THE 2013 INTERNATIONAL CONFERENCE ON ADVANCED ICT AND EDUCATION, 2013, 33 :649-654
[29]   Hunting for Insider Threats Using LSTM-Based Anomaly Detection [J].
Villarreal-Vasquez, Miguel ;
Modelo-Howard, Gaspar ;
Dube, Simant ;
Bhargava, Bharat .
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2023, 20 (01) :451-462
[30]   A new methodology for anomaly detection of attacks in IEC 61850-based substation system [J].
Yang, Liqun ;
Zhai, You ;
Zhang, Yipeng ;
Zhao, Yufei ;
Li, Zhoujun ;
Xu, Tongge .
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2022, 68
12345