Context-aware local Intrusion Detection in SCADA systems: a testbed and two showcases

Justyna Joanna Chromik, Boudewijn R.H.M. Haverkort, Anne Katharina Ingrid Remke, Carina Pilch, Pascal Brackmann, Christof Duhme, Franziska Everinghoff, Artur Giberlein, Thomas Teodorowicz, Julian Wieland

Abstract

This paper illustrates the use of a testbed that we have developed for context-aware local intrusion detection. This testbed is based on the co-simulation framework Mosaik and allows for the validation of local intrusion detection mechanisms at field stations in power distribution networks. For two cases, we show how this testbed assists with studying the effectiveness of two local IDS mechanisms under different kinds of attacks.
Original languageEnglish
Number of pages6
StateAccepted/In press - 2017
Event8th IEEE International Conference on Smart Grid Communications, SmartGridComm 2017 - Dresden, Germany

Conference

Conference8th IEEE International Conference on Smart Grid Communications, SmartGridComm 2017
Abbreviated titleSmartGridComm
CountryGermany
CityDresden
Period23/10/1726/10/17
Internet address

Fingerprint

Intrusion detection
Testbeds
SCADA systems
Electric power distribution

Keywords

  • SCADA
  • Intrusion Detection
  • distributed control

Cite this

Chromik, J. J., Haverkort, B. R. H. M., Remke, A. K. I., Pilch, C., Brackmann, P., Duhme, C., ... Wieland, J. (2017). Context-aware local Intrusion Detection in SCADA systems: a testbed and two showcases. Paper presented at 8th IEEE International Conference on Smart Grid Communications, SmartGridComm 2017, Dresden, Germany.

Chromik, Justyna Joanna; Haverkort, Boudewijn R.H.M.; Remke, Anne Katharina Ingrid; Pilch, Carina; Brackmann, Pascal; Duhme, Christof; Everinghoff, Franziska; Giberlein, Artur; Teodorowicz, Thomas; Wieland, Julian / Context-aware local Intrusion Detection in SCADA systems : a testbed and two showcases.

2017. Paper presented at 8th IEEE International Conference on Smart Grid Communications, SmartGridComm 2017, Dresden, Germany.

Research output: Scientific - peer-reviewPaper

@misc{c2aa202621bc45f2b0f5352edaee4a8b,
title = "Context-aware local Intrusion Detection in SCADA systems: a testbed and two showcases",
abstract = "This paper illustrates the use of a testbed that we have developed for context-aware local intrusion detection. This testbed is based on the co-simulation framework Mosaik and allows for the validation of local intrusion detection mechanisms at field stations in power distribution networks. For two cases, we show how this testbed assists with studying the effectiveness of two local IDS mechanisms under different kinds of attacks.",
keywords = "SCADA, Intrusion Detection, distributed control",
author = "Chromik, {Justyna Joanna} and Haverkort, {Boudewijn R.H.M.} and Remke, {Anne Katharina Ingrid} and Carina Pilch and Pascal Brackmann and Christof Duhme and Franziska Everinghoff and Artur Giberlein and Thomas Teodorowicz and Julian Wieland",
year = "2017",

}

Chromik, JJ, Haverkort, BRHM, Remke, AKI, Pilch, C, Brackmann, P, Duhme, C, Everinghoff, F, Giberlein, A, Teodorowicz, T & Wieland, J 2017, 'Context-aware local Intrusion Detection in SCADA systems: a testbed and two showcases' Paper presented at 8th IEEE International Conference on Smart Grid Communications, SmartGridComm 2017, Dresden, Germany, 23/10/17 - 26/10/17, .

Context-aware local Intrusion Detection in SCADA systems : a testbed and two showcases. / Chromik, Justyna Joanna; Haverkort, Boudewijn R.H.M.; Remke, Anne Katharina Ingrid; Pilch, Carina; Brackmann, Pascal; Duhme, Christof; Everinghoff, Franziska; Giberlein, Artur; Teodorowicz, Thomas; Wieland, Julian.

2017. Paper presented at 8th IEEE International Conference on Smart Grid Communications, SmartGridComm 2017, Dresden, Germany.

Research output: Scientific - peer-reviewPaper

TY - CONF

T1 - Context-aware local Intrusion Detection in SCADA systems

T2 - a testbed and two showcases

AU - Chromik,Justyna Joanna

AU - Haverkort,Boudewijn R.H.M.

AU - Remke,Anne Katharina Ingrid

AU - Pilch,Carina

AU - Brackmann,Pascal

AU - Duhme,Christof

AU - Everinghoff,Franziska

AU - Giberlein,Artur

AU - Teodorowicz,Thomas

AU - Wieland,Julian

PY - 2017

Y1 - 2017

N2 - This paper illustrates the use of a testbed that we have developed for context-aware local intrusion detection. This testbed is based on the co-simulation framework Mosaik and allows for the validation of local intrusion detection mechanisms at field stations in power distribution networks. For two cases, we show how this testbed assists with studying the effectiveness of two local IDS mechanisms under different kinds of attacks.

AB - This paper illustrates the use of a testbed that we have developed for context-aware local intrusion detection. This testbed is based on the co-simulation framework Mosaik and allows for the validation of local intrusion detection mechanisms at field stations in power distribution networks. For two cases, we show how this testbed assists with studying the effectiveness of two local IDS mechanisms under different kinds of attacks.

KW - SCADA

KW - Intrusion Detection

KW - distributed control

M3 - Paper

ER -

Chromik JJ, Haverkort BRHM, Remke AKI, Pilch C, Brackmann P, Duhme C et al. Context-aware local Intrusion Detection in SCADA systems: a testbed and two showcases. 2017. Paper presented at 8th IEEE International Conference on Smart Grid Communications, SmartGridComm 2017, Dresden, Germany.