Alarm Based Anomaly Detection of Insider Attacks in SCADA System

被引:0
作者
Nasr, Payam Mahmoudi [1 ]
Varjani, Ali Yazdian [1 ]
机构
[1] Tarbiat Modares Univ, Elect & Comp Engn Dept, Tehran, Iran
来源
2014 SMART GRID CONFERENCE (SGC) | 2014年
关键词
Insider attack; anomaly detection; security; SCADA;
D O I
暂无
中图分类号
TE [石油、天然气工业]; TK [能源与动力工程];
学科分类号
0807 ; 0820 ;
摘要
Insider attacks are one of the most dangerous threats on security of critical infrastructures. An insider attack occurs when an authorized operator misuse the permissions, and brings catastrophic damages by sending legitimate control commands. Therefore, insider attacks have great impact and higher success rate, and it is difficult to predict and protect against them. This paper, by study on the SCADA alarms, proposes a new alarm based statistical anomaly detection method to identify potential insider attacks at substations and total transmission system in power grid. To demonstrate the proposed method, two insider attack scenarios have been simulated at both substations level and transmission system. Experimental scenarios illustrate proposed method is effective, and anomalies can be detected by minimum number of alarms.
引用
收藏
页数:6
相关论文
共 50 条
[31]   Anomaly Detection Based on Discrete Wavelet Transformation for Insider Threat Classification [J].
Kim D.-W. ;
Shin G.-Y. ;
Han M.-M. .
Computer Systems Science and Engineering, 2023, 46 (01) :153-164
[32]   Anomaly detection of wind turbines based on stationarity analysis of SCADA data [J].
Dao, Phong B. ;
Barszcz, Tomasz ;
Staszewski, Wieslaw J. .
RENEWABLE ENERGY, 2024, 232
[33]   DIDEROT: An Intrusion Detection and Prevention System for DNP3-based SCADA Systems [J].
Radoglou-Grammatikis, Panagiotis ;
Sarigiannidis, Panagiotis ;
Efstathopoulos, George ;
Karypidis, Paris-Alexandros ;
Sarigiannidis, Antonios .
15TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY, ARES 2020, 2020,
[34]   Ontology-based Detection of Cyber-Attacks to SCADA-Systems in critical Infrastructures [J].
Krauss, Daniel ;
Thomalla, Christoph .
2016 SIXTH INTERNATIONAL CONFERENCE ON DIGITAL INFORMATION AND COMMUNICATION TECHNOLOGY AND ITS APPLICATIONS (DICTAP), 2016, :70-73
[35]   Supervised learning based intrusion detection for SCADA systems [J].
Alimi, Oyeniyi Akeem ;
Ouahada, Khmaies ;
Abu-Mahfouz, Adnan M. ;
Rimer, Suvendi ;
Alimi, Kuburat Oyeranti Adefemi .
2022 IEEE NIGERIA 4TH INTERNATIONAL CONFERENCE ON DISRUPTIVE TECHNOLOGIES FOR SUSTAINABLE DEVELOPMENT (IEEE NIGERCON), 2022, :141-145
[36]   Anomaly-Based Insider Threat Detection via Hierarchical Information Fusion [J].
Wang, Enzhi ;
Li, Qicheng ;
Zhao, Shiwan ;
Han, Xue .
ARTIFICIAL NEURAL NETWORKS AND MACHINE LEARNING, ICANN 2023, PT III, 2023, 14256 :13-25
[37]   Adaptable and Interpretable Framework for Anomaly Detection in SCADA-based industrial systems [J].
Wadinger, Marek ;
Kvasnica, Michal .
EXPERT SYSTEMS WITH APPLICATIONS, 2024, 246
[38]   Probability Risk Identification Based Intrusion Detection System for SCADA Systems [J].
Marsden, Thomas ;
Moustafa, Nour ;
Sitnikova, Elena ;
Creech, Gideon .
MOBILE NETWORKS AND MANAGEMENT (MONAMI 2017), 2018, 235 :353-363
[39]   Applying Graph-Based Anomaly Detection Approaches to the Discovery of Insider Threats [J].
Eberle, William ;
Holder, Lawrence .
ISI: 2009 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS, 2009, :206-+
[40]   Packet Loss Consideration for Burst-Based Anomaly Detection in SCADA Network [J].
Kim, Kyoung-Ho ;
Yun, Jeong-Han ;
Chang, Yeop ;
Kim, Woonyon .
INFORMATION SECURITY APPLICATIONS, WISA 2014, 2015, 8909 :358-369
12345