KIT | KIT-Bibliothek | Impressum | Datenschutz

Early Detection of GOOSE Denial of Service (DoS) Attacks in IEC 61850 Substations

Elbez, Ghada ORCID iD icon 1; Nahrstedt, Klara; Hagenmeyer, Veit ORCID iD icon 1
1 Institut für Automation und angewandte Informatik (IAI), Karlsruher Institut für Technologie (KIT)

Abstract:

The availability of communication in IEC 61850 substations can be hindered by Denial of Service (DoS) that result from an advanced Generic Object Oriented Substation Event (GOOSE) poisoning attacks. To the best of our knowledge, most of the available approaches in the literature are unable to detect similar attacks and none of them can offer the detection in an early manner. Thus, we develop the Early Detection of Attacks for GOOSE Network Traffic (EDA4GNeT) method that takes into account the specific features of IEC 61850 substations and offers a good trade-off between detection performance and detection time. To validate the efficiency of the novel anomaly detection method against those specific GOOSE poisoning attacks, a comparison with the closest works to ours is conducted in a similar use case representing a T1-1 substation. Results demonstrate the possibility of an early detection approximately 37 time samples ahead and an average detection rate of EDA4GNeT of more than 99% with a low false positive rate of less than 1 %.


Originalveröffentlichung
DOI: 10.1109/SmartGridComm52983.2022.9961042
Scopus
Zitationen: 2
Dimensions
Zitationen: 3
Zugehörige Institution(en) am KIT Institut für Automation und angewandte Informatik (IAI)
Publikationstyp Proceedingsbeitrag
Publikationsjahr 2022
Sprache Englisch
Identifikator KITopen-ID: 1000152986
HGF-Programm 46.23.02 (POF IV, LK 01) Engineering Security for Energy Systems
Erschienen in IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids 2022
Veranstaltung International Conference on Communications, Control, and Computing Technologies for Smart Grids (IEEE SmartGridComm 2022), Singapur, Singapur, 25.10.2022 – 28.10.2022
Schlagwörter Cyber-physical security; Denial of Service (DoS), attacks; electrical substations; IEC 61850; Intelligent Electronic Devices (IEDs); Intrusion Detection System (IDS)
Nachgewiesen in Scopus
Dimensions
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page