Conference paper Open Access

An Anomaly Detection Mechanism for IEC 60870-5-104

Panagiotis Radoglou Grammatikis; Panagiotis Sarigiannidis; Antonios Sarigiannidis; Dimitrios Margounakis; Apostolos Tsiakalos; Georgios Efstathopoulos

The transformation of the conventional electricity grid into a new paradigm called smart grid demands the appropriate cybersecurity solutions. In this paper, we focus on the security of the IEC 60870-5-104 (IEC-104) protocol which is commonly used by Supervisory Control and Data Acquisition (SCADA) systems in the energy domain. In particular, after investigating its security issues, we provide a multivariate Intrusion Detection System (IDS) which adopts both access control and outlier detection mechanisms in order to detect timely possible anomalies against IEC-104. The efficiency of the proposed IDS is reflected by the Accuracy and F1 metrics that reach 98% and 87%, respectively.

Files (280.5 kB)
Name Size
[16] An Anomaly Detection Mechanism for IEC 60870-5-104.pdf
md5:236a674460829943e924c1db407c7598
280.5 kB Download
49
110
views
downloads
Views 49
Downloads 110
Data volume 30.9 MB
Unique views 47
Unique downloads 107

Share

Cite as