Publication Details

Outlier Detection in Smart Grid Communication

MUTUA, N.; MATOUŠEK, P. Outlier Detection in Smart Grid Communication. Fast Abstracts and Student Forum Proceedings, 17th European Dependable Computing Conference. Munich: 2021. p. 1-4.
Czech title
Detekce odlehlých hodnot v komunikaci chytrých sítí
Type
conference paper
Language
English
Authors
URL
Keywords

anomaly detection, communication pattern, smart grid, IEC 104, statistical model, ICS, LOF method.

Abstract

Industrial Control System (ICS) networks transmit control and monitoring data in critical environments such as smart grid. Cyber attacks on smart grid communication may cause fatal consequences on energy production, distribution, and eventually the lives of people. Since the attacks can be initiated from both the inside and outside of the network, traditional smart grid security tools like firewalls or Intrusion Detection Systems (IDS), which are typically deployed on the edge of the network, are not able to detect internal threats. For this reason, we also need to analyze behavior of internal ICS communication. Due to its nature, ICS traffic exhibits stable and predictable communication patterns.  These patterns can be described using statistical models. By observing selected features of ICS network communication like packet inter arrival times, we can create a statistical profile of the communication based on the patterns observed in the normal communication traffic. This technique is effective, fast and easy to implement. As our experiments show, statistical-based anomaly detection is able to detect common security incidents in ICS communication. This paper employs selected network packet attributes to create a statistical model for anomaly detection using the Local Outlier Factor (LOF) algorithm. The proof-of-concept is demonstrated on IEC 60870-5-104 (a.k.a.  IEC 104) protocol.

Published
2021
Pages
1–4
Proceedings
Fast Abstracts and Student Forum Proceedings, 17th European Dependable Computing Conference
Place
Munich
BibTeX
@inproceedings{BUT175803,
  author="Nelson Makau {Mutua} and Petr {Matoušek}",
  title="Outlier Detection in Smart Grid Communication",
  booktitle="Fast Abstracts and Student Forum Proceedings, 17th European Dependable Computing Conference",
  year="2021",
  pages="1--4",
  address="Munich",
  url="https://arxiv.org/abs/2108.12781"
}
Back to top