Conference paper Open Access

An Anomaly Detection Mechanism for IEC 60870-5-104

Panagiotis Radoglou Grammatikis; Panagiotis Sarigiannidis; Antonios Sarigiannidis; Dimitrios Margounakis; Apostolos Tsiakalos; Georgios Efstathopoulos


MARC21 XML Export

<?xml version='1.0' encoding='UTF-8'?>
<record xmlns="http://www.loc.gov/MARC21/slim">
  <leader>00000nam##2200000uu#4500</leader>
  <datafield tag="041" ind1=" " ind2=" ">
    <subfield code="a">eng</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Anomaly Detection</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Cybersecurity</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">IEC-60870- 5-104</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Supervisory Control and Data Acquisition</subfield>
  </datafield>
  <controlfield tag="005">20201003122652.0</controlfield>
  <controlfield tag="001">4064667</controlfield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">Department of Electrical and Computer Engineering, University of Western Macedonia, Kozani, Greece</subfield>
    <subfield code="a">Panagiotis Sarigiannidis</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">SIDROCO, Anaximandrou, Limassol, Cyprus</subfield>
    <subfield code="a">Antonios Sarigiannidis</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">SIDROCO, Anaximandrou, Limassol, Cyprus</subfield>
    <subfield code="a">Dimitrios Margounakis</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">SIDROCO, Anaximandrou, Limassol, Cyprus</subfield>
    <subfield code="a">Apostolos Tsiakalos</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">0INF, Imperial Offices, London, UK</subfield>
    <subfield code="a">Georgios Efstathopoulos</subfield>
  </datafield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="s">280515</subfield>
    <subfield code="z">md5:236a674460829943e924c1db407c7598</subfield>
    <subfield code="u">https://zenodo.org/record/4064667/files/[16] An Anomaly Detection Mechanism for IEC 60870-5-104.pdf</subfield>
  </datafield>
  <datafield tag="542" ind1=" " ind2=" ">
    <subfield code="l">open</subfield>
  </datafield>
  <datafield tag="260" ind1=" " ind2=" ">
    <subfield code="c">2020-09-18</subfield>
  </datafield>
  <datafield tag="909" ind1="C" ind2="O">
    <subfield code="p">openaire</subfield>
    <subfield code="p">user-h2020_spear_project</subfield>
    <subfield code="o">oai:zenodo.org:4064667</subfield>
  </datafield>
  <datafield tag="100" ind1=" " ind2=" ">
    <subfield code="u">Department of Electrical and Computer Engineering, University of Western Macedonia, Kozani, Greece</subfield>
    <subfield code="a">Panagiotis Radoglou Grammatikis</subfield>
  </datafield>
  <datafield tag="245" ind1=" " ind2=" ">
    <subfield code="a">An Anomaly Detection Mechanism for IEC 60870-5-104</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">user-h2020_spear_project</subfield>
  </datafield>
  <datafield tag="536" ind1=" " ind2=" ">
    <subfield code="c">787011</subfield>
    <subfield code="a">SPEAR: Secure and PrivatE smArt gRid</subfield>
  </datafield>
  <datafield tag="540" ind1=" " ind2=" ">
    <subfield code="u">https://creativecommons.org/licenses/by/4.0/legalcode</subfield>
    <subfield code="a">Creative Commons Attribution 4.0 International</subfield>
  </datafield>
  <datafield tag="650" ind1="1" ind2="7">
    <subfield code="a">cc-by</subfield>
    <subfield code="2">opendefinition.org</subfield>
  </datafield>
  <datafield tag="520" ind1=" " ind2=" ">
    <subfield code="a">&lt;p&gt;The transformation of the conventional electricity grid into a new paradigm called smart grid demands the appropriate cybersecurity solutions. In this paper, we focus on the security of the IEC 60870-5-104 (IEC-104) protocol which is commonly used by Supervisory Control and Data Acquisition (SCADA) systems in the energy domain. In particular, after investigating its security issues, we provide a multivariate Intrusion Detection System (IDS) which adopts both access control and outlier detection mechanisms in order to detect timely possible anomalies against IEC-104. The efficiency of the proposed IDS is reflected by the Accuracy and F1 metrics that reach 98% and 87%, respectively.&lt;/p&gt;</subfield>
  </datafield>
  <datafield tag="024" ind1=" " ind2=" ">
    <subfield code="a">10.1109/MOCAST49295.2020.9200285</subfield>
    <subfield code="2">doi</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">publication</subfield>
    <subfield code="b">conferencepaper</subfield>
  </datafield>
</record>
49
120
views
downloads
Views 49
Downloads 120
Data volume 33.7 MB
Unique views 47
Unique downloads 117

Share

Cite as