Hybrid Control Network Intrusion Detection Systems for Automated Power Distribution Systems

资源类型: 资源大小: 文档分类: 上传者:于红梅

文档信息

【作者】 Masood Parvania  Georgia Koutsandria  Vishak Muthukumar  Sean Peisert  Chuck McParland  Anna Scaglione 

【关键词】Command ADS NID Firewall Perimeter 

【摘要】In this paper, we describe our novel use of network intrusion detection systems (NIDS) for protecting automated distribution systems (ADS) against certain types of cyber attacks in a new way. The novelty consists of using the hybrid control environment rules and model as the baseline for what is normal and what is an anomaly, tailoring the security policies to the physical operation of the system. NIDS sensors in our architecture continuously analyze traffic in the communication medium that comes from embedded controllers, checking if the data and commands exchanged conform to the expected structure of the controllers interactions, and evolution of the system's physical state. Considering its importance in future ADSs, we chose the fault location, isolation and service restoration (FLISR) process as our distribution automation case study for the NIDS deployment. To test our scheme, we emulated the FLISR process using real programmable logic controllers (PLCs) that interact with a simulated physical infrastructure. We used this test bed to examine the capability of our NIDS approach in several attack scenarios. The experimental analysis reveals that our approach is capable of detecting various attacks scenarios including the attacks initiated within the trusted perimeter of the automation network by attackers that have complete knowledge about the communication information exchanged.

【刊名】2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks

问答

我要提问