Use this URL to cite or link to this record in EThOS:
Title: Intrusion detection for communication network security in power systems
Author: Yang, Yi
Awarding Body: Queen's University Belfast
Current Institution: Queen's University Belfast
Date of Award: 2013
Availability of Full Text:
Full text unavailable from EThOS.
Please contact the current institution’s library for further details.
In response to the emergence of cybersecurity issues in smarter grids, a number of IT security approaches have been presented. However, in practice, power networks with legacy systems are more difficult to update, patch and protect using conventional IT security techniques. This research presents a contribution to cybersecurity using Intrusion Detection Systems (IDS) in power systems. An intrusion detection methodology provides an approach to identify evidence of abnormal communication behaviours in a passive mode that does not impact normal operation of power systems but provides pre-emptive knowledge of potential threats and incidents. This thesis proposes and develops new intrusion detection approaches for Smart Grid cybersecurity that are applied in Supervisory Control and Data Acquisition (SCADA) and synchrophasor systems in order to monitor the operation of such systems and detect cyber threats against these systems resulting from malicious attacks or misuse by legitimate users. One of the proposed intrusion detection approaches combines whitelist categorisation with behaviour-based detection methods to identify known and unknown attacks by considering the operational features and the communication • protocols of SCADA and synchrophasor systems. Furthermore, SCADA-specific and synchrophasor-specific cybersecurity solutions are presented using test-beds to investigate, simulate and exemplify the impacts of cyber attacks on SCADA and synchrophasor systems. The proposed SCADA-specific IDS (SCADA-IDS) and Synchrophasor-Specific IDS (SSIDS) are implemented and verified using two lest-beds. In addition, a hybrid IDS is proposed for SCADA networks using the IEC 60870-5- 104 protocol, which contains signature-based, model-based and stateful detection methods. The proposed hybrid IDS is implemented and validated using the Internet Traffic and Content Analysis (ITACA) platform and the open source Snort tool. These new detection tools proposed in this thesis allow the cybersecurity of significant power systems communications networks to be improved, thus contribution 10 the security and reliability of the Smart Grid as a whole.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available