A behavior-based intrusion detection technique for smart grid infrastructure

Yoo Jin Kwon, Huy Kang Kim, Yong Hun Lim, Jong In Lim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

A smart grid is a fully automated electricity network, which monitors and controls all its physical environments of electricity infrastructure being able to supply energy in an efficient and reliable way. As the importance of cyber-physical system (CPS) security is growing, various intrusion detection algorithms to protect SCADA system and generation sector have been suggested, whereas there were less consideration on distribution sector. Thus, this paper first highlights the significance of CPS security, especially the availability as the most important factor in smart grid environment. Then this paper classifies various modern intrusion detection system (IDS) techniques for securing smart grid network. In our approach, we propose a novel behavior-based IDS for IEC 61850 protocol using both statistical analysis of traditional network features and specification-based metrics. Finally, we present the attack scenarios and detection methods applicable for IEC 61850-based digital substation in Korean environment.

Original languageEnglish
Title of host publication2015 IEEE Eindhoven PowerTech, PowerTech 2015
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Print)9781479976935
DOIs
Publication statusPublished - 2015 Aug 31
EventIEEE Eindhoven PowerTech, PowerTech 2015 - Eindhoven, Netherlands
Duration: 2015 Jun 292015 Jul 2

Other

OtherIEEE Eindhoven PowerTech, PowerTech 2015
CountryNetherlands
CityEindhoven
Period15/6/2915/7/2

Fingerprint

Intrusion detection
Electricity
SCADA systems
Statistical methods
Availability
Specifications
Cyber Physical System

Keywords

  • anomaly detection
  • Cyber-physical system
  • IEC 61850
  • intrusion detection
  • smart grid

ASJC Scopus subject areas

  • Renewable Energy, Sustainability and the Environment
  • Electrical and Electronic Engineering
  • Energy Engineering and Power Technology

Cite this

Kwon, Y. J., Kim, H. K., Lim, Y. H., & Lim, J. I. (2015). A behavior-based intrusion detection technique for smart grid infrastructure. In 2015 IEEE Eindhoven PowerTech, PowerTech 2015 [7232339] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/PTC.2015.7232339

A behavior-based intrusion detection technique for smart grid infrastructure. / Kwon, Yoo Jin; Kim, Huy Kang; Lim, Yong Hun; Lim, Jong In.

2015 IEEE Eindhoven PowerTech, PowerTech 2015. Institute of Electrical and Electronics Engineers Inc., 2015. 7232339.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kwon, YJ, Kim, HK, Lim, YH & Lim, JI 2015, A behavior-based intrusion detection technique for smart grid infrastructure. in 2015 IEEE Eindhoven PowerTech, PowerTech 2015., 7232339, Institute of Electrical and Electronics Engineers Inc., IEEE Eindhoven PowerTech, PowerTech 2015, Eindhoven, Netherlands, 15/6/29. https://doi.org/10.1109/PTC.2015.7232339
Kwon YJ, Kim HK, Lim YH, Lim JI. A behavior-based intrusion detection technique for smart grid infrastructure. In 2015 IEEE Eindhoven PowerTech, PowerTech 2015. Institute of Electrical and Electronics Engineers Inc. 2015. 7232339 https://doi.org/10.1109/PTC.2015.7232339
Kwon, Yoo Jin ; Kim, Huy Kang ; Lim, Yong Hun ; Lim, Jong In. / A behavior-based intrusion detection technique for smart grid infrastructure. 2015 IEEE Eindhoven PowerTech, PowerTech 2015. Institute of Electrical and Electronics Engineers Inc., 2015.
@inproceedings{c8d0f0568efe4941b6ab916ef3117531,
title = "A behavior-based intrusion detection technique for smart grid infrastructure",
abstract = "A smart grid is a fully automated electricity network, which monitors and controls all its physical environments of electricity infrastructure being able to supply energy in an efficient and reliable way. As the importance of cyber-physical system (CPS) security is growing, various intrusion detection algorithms to protect SCADA system and generation sector have been suggested, whereas there were less consideration on distribution sector. Thus, this paper first highlights the significance of CPS security, especially the availability as the most important factor in smart grid environment. Then this paper classifies various modern intrusion detection system (IDS) techniques for securing smart grid network. In our approach, we propose a novel behavior-based IDS for IEC 61850 protocol using both statistical analysis of traditional network features and specification-based metrics. Finally, we present the attack scenarios and detection methods applicable for IEC 61850-based digital substation in Korean environment.",
keywords = "anomaly detection, Cyber-physical system, IEC 61850, intrusion detection, smart grid",
author = "Kwon, {Yoo Jin} and Kim, {Huy Kang} and Lim, {Yong Hun} and Lim, {Jong In}",
year = "2015",
month = "8",
day = "31",
doi = "10.1109/PTC.2015.7232339",
language = "English",
isbn = "9781479976935",
booktitle = "2015 IEEE Eindhoven PowerTech, PowerTech 2015",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - A behavior-based intrusion detection technique for smart grid infrastructure

AU - Kwon, Yoo Jin

AU - Kim, Huy Kang

AU - Lim, Yong Hun

AU - Lim, Jong In

PY - 2015/8/31

Y1 - 2015/8/31

N2 - A smart grid is a fully automated electricity network, which monitors and controls all its physical environments of electricity infrastructure being able to supply energy in an efficient and reliable way. As the importance of cyber-physical system (CPS) security is growing, various intrusion detection algorithms to protect SCADA system and generation sector have been suggested, whereas there were less consideration on distribution sector. Thus, this paper first highlights the significance of CPS security, especially the availability as the most important factor in smart grid environment. Then this paper classifies various modern intrusion detection system (IDS) techniques for securing smart grid network. In our approach, we propose a novel behavior-based IDS for IEC 61850 protocol using both statistical analysis of traditional network features and specification-based metrics. Finally, we present the attack scenarios and detection methods applicable for IEC 61850-based digital substation in Korean environment.

AB - A smart grid is a fully automated electricity network, which monitors and controls all its physical environments of electricity infrastructure being able to supply energy in an efficient and reliable way. As the importance of cyber-physical system (CPS) security is growing, various intrusion detection algorithms to protect SCADA system and generation sector have been suggested, whereas there were less consideration on distribution sector. Thus, this paper first highlights the significance of CPS security, especially the availability as the most important factor in smart grid environment. Then this paper classifies various modern intrusion detection system (IDS) techniques for securing smart grid network. In our approach, we propose a novel behavior-based IDS for IEC 61850 protocol using both statistical analysis of traditional network features and specification-based metrics. Finally, we present the attack scenarios and detection methods applicable for IEC 61850-based digital substation in Korean environment.

KW - anomaly detection

KW - Cyber-physical system

KW - IEC 61850

KW - intrusion detection

KW - smart grid

UR - http://www.scopus.com/inward/record.url?scp=84951299724&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84951299724&partnerID=8YFLogxK

U2 - 10.1109/PTC.2015.7232339

DO - 10.1109/PTC.2015.7232339

M3 - Conference contribution

AN - SCOPUS:84951299724

SN - 9781479976935

BT - 2015 IEEE Eindhoven PowerTech, PowerTech 2015

PB - Institute of Electrical and Electronics Engineers Inc.

ER -