Synchrophasor systems will play a significant role in next generation Smart Grid monitoring, protection and control. However, these systems also introduce a multitude of potential vulnerabilities and cyber threats from malicious attackers or disgruntled employees, which may cause erroneous situational awareness or severe damage. This paper proposes a Synchrophasor Specific Intrusion Detection System (SSIDS) for malicious cyber attacks and unintended misuse. The SSIDS involves a heterogeneous whitelist and behaviour-based approach to detect known and unknown attacks. The paper investigates and simulates reconnaissance, Man-in-the-Middle (MITM) and Denial-of-Service (DoS) attacks against a practical synchrophasor system that is used to validate the effectiveness of the proposed SSIDS detection tool. In contrast to previous research in this area that generally has investigated known attacks, this research actively considers the operational features of the IEEE C37.118 protocol and presents a more comprehensive and general solution to deal with not only known attacks but also unknown attacks.
|Title of host publication||IET International Conference on Information and Communications Technologies (IETICT) 2013|
|Publisher||Institution of Engineering and Technology (IET)|
|Number of pages||7|
|Publication status||Published - 27 Apr 2013|
- synchrophasor system
- network security
- intrusion detection