Intrusion detection system for network security in synchrophasor systems

Y. Yang, K. McLaughlin, S. Sezer, T. Littler, B. Pranggono, P. Brogan, H.F. Wang

    Research output: Chapter in Book/Report/Conference proceedingConference contribution


    Synchrophasor systems will play a significant role in next generation Smart Grid monitoring, protection and control. However, these systems also introduce a multitude of potential vulnerabilities and cyber threats from malicious attackers or disgruntled employees, which may cause erroneous situational awareness or severe damage. This paper proposes a Synchrophasor Specific Intrusion Detection System (SSIDS) for malicious cyber attacks and unintended misuse. The SSIDS involves a heterogeneous whitelist and behaviour-based approach to detect known and unknown attacks. The paper investigates and simulates reconnaissance, Man-in-the-Middle (MITM) and Denial-of-Service (DoS) attacks against a practical synchrophasor system that is used to validate the effectiveness of the proposed SSIDS detection tool. In contrast to previous research in this area that generally has investigated known attacks, this research actively considers the operational features of the IEEE C37.118 protocol and presents a more comprehensive and general solution to deal with not only known attacks but also unknown attacks.
    Original languageEnglish
    Title of host publicationIET International Conference on Information and Communications Technologies (IETICT) 2013
    Publisher Institution of Engineering and Technology (IET)
    Number of pages7
    ISBN (Electronic)978-1-84919-653-6
    Publication statusPublished - 27 Apr 2013


    • synchrophasor system
    • network security
    • intrusion detection


    Dive into the research topics of 'Intrusion detection system for network security in synchrophasor systems'. Together they form a unique fingerprint.

    Cite this