Conference paper Open Access

An Anomaly Detection Mechanism for IEC 60870-5-104

Panagiotis Radoglou Grammatikis; Panagiotis Sarigiannidis; Antonios Sarigiannidis; Dimitrios Margounakis; Apostolos Tsiakalos; Georgios Efstathopoulos

The transformation of the conventional electricity grid into a new paradigm called smart grid demands the appropriate cybersecurity solutions. In this paper, we focus on the security of the IEC 60870-5-104 (IEC-104) protocol which is commonly used by Supervisory Control and Data Acquisition (SCADA) systems in the energy domain. In particular, after investigating its security issues, we provide a multivariate Intrusion Detection System (IDS) which adopts both access control and outlier detection mechanisms in order to detect timely possible anomalies against IEC-104. The efficiency of the proposed IDS is reflected by the Accuracy and F1 metrics that reach 98% and 87%, respectively.

Files (280.5 kB)
Name Size
[16] An Anomaly Detection Mechanism for IEC 60870-5-104.pdf
md5:236a674460829943e924c1db407c7598 		280.5 kB Download
71
252
views
downloads
Views 71
Downloads 252
Data volume 70.7 MB
Unique views 69
Unique downloads 247
More info on how stats are collected.
Indexed in
Publication date:
September 18, 2020
DOI:
10.1109/MOCAST49295.2020.9200285
Keyword(s):
Anomaly Detection Cybersecurity IEC-60870- 5-104 Supervisory Control and Data Acquisition
Grants:
European Commission:
  • SPEAR - SPEAR: Secure and PrivatE smArt gRid (787011)
Communities:
License (for files):
Creative Commons Attribution 4.0 International

Share

Cite as

Export