Conference paper Open Access

An Anomaly Detection Mechanism for IEC 60870-5-104

Panagiotis Radoglou Grammatikis; Panagiotis Sarigiannidis; Antonios Sarigiannidis; Dimitrios Margounakis; Apostolos Tsiakalos; Georgios Efstathopoulos

The transformation of the conventional electricity grid into a new paradigm called smart grid demands the appropriate cybersecurity solutions. In this paper, we focus on the security of the IEC 60870-5-104 (IEC-104) protocol which is commonly used by Supervisory Control and Data Acquisition (SCADA) systems in the energy domain. In particular, after investigating its security issues, we provide a multivariate Intrusion Detection System (IDS) which adopts both access control and outlier detection mechanisms in order to detect timely possible anomalies against IEC-104. The efficiency of the proposed IDS is reflected by the Accuracy and F1 metrics that reach 98% and 87%, respectively.

Files (280.5 kB)
Name Size
[16] An Anomaly Detection Mechanism for IEC 60870-5-104.pdf
280.5 kB Download
Views 71
Downloads 252
Data volume 70.7 MB
Unique views 69
Unique downloads 247


Cite as