Hybrid control network intrusion detection systems for automated power distribution systems

Masood Parvania, Georgia Koutsandria, Vishak Muthukumary, Sean Peisert, Chuck McParland, Anna Scaglione

Research output: Chapter in Book/Report/Conference proceedingConference contribution

13 Scopus citations

Abstract

In this paper, we describe our novel use of network intrusion detection systems (NIDS) for protecting automated distribution systems (ADS) against certain types of cyber attacks in a new way. The novelty consists of using the hybrid control environment rules and model as the baseline for what is normal and what is an anomaly, tailoring the security policies to the physical operation of the system. NIDS sensors in our architecture continuously analyze traffic in the communication medium that comes from embedded controllers, checking if the data and commands exchanged conform to the expected structure of the controllers interactions, and evolution of the system's physical state. Considering its importance in future ADSs, we chose the fault location, isolation and service restoration (FLISR) process as our distribution automation case study for the NIDS deployment. To test our scheme, we emulated the FLISR process using real programmable logic controllers (PLCs) that interact with a simulated physical infrastructure. We used this test bed to examine the capability of our NIDS approach in several attack scenarios. The experimental analysis reveals that our approach is capable of detecting various attacks scenarios including the attacks initiated within the trusted perimeter of the automation network by attackers that have complete knowledge about the communication information exchanged.

Original languageEnglish (US)
Title of host publicationProceedings of the International Conference on Dependable Systems and Networks
PublisherIEEE Computer Society
Pages774-779
Number of pages6
ISBN (Electronic)9781479922338
DOIs
StatePublished - Sep 18 2014
Externally publishedYes
Event44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014 - Atlanta, United States
Duration: Jun 23 2014Jun 26 2014

Publication series

NameProceedings of the International Conference on Dependable Systems and Networks

Other

Other44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2014
CountryUnited States
CityAtlanta
Period6/23/146/26/14

Keywords

  • Power distribution systems
  • distributionautomation
  • intrusion detection systems
  • network security

ASJC Scopus subject areas

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Hybrid control network intrusion detection systems for automated power distribution systems'. Together they form a unique fingerprint.

  • Cite this

    Parvania, M., Koutsandria, G., Muthukumary, V., Peisert, S., McParland, C., & Scaglione, A. (2014). Hybrid control network intrusion detection systems for automated power distribution systems. In Proceedings of the International Conference on Dependable Systems and Networks (pp. 774-779). [6903640] (Proceedings of the International Conference on Dependable Systems and Networks). IEEE Computer Society. https://doi.org/10.1109/DSN.2014.81