KIT | KIT-Bibliothek | Impressum | Datenschutz

Early Attack Detection for Securing GOOSE Network Traffic

Elbez, Ghada ORCID iD icon 1; Nahrstedt, Klara; Hagenmeyer, Veit 1
1 Institut für Automation und angewandte Informatik (IAI), Karlsruher Institut für Technologie (KIT)


The requirements for the security of the network communication in critical infrastructures have been more focused on the availability of the data rather than the integrity and the confidentiality. The availability of communication in IEC 61850 substations can be hindered by Generic Object Oriented Substation Event (GOOSE) poisoning attacks that might result in threats such as Denial of Service (DoS) or flooding attacks. In order to accurately detect similar attacks, a novel method for the Early Detection of Attacks for GOOSE Network Traffic (EDA4GNeT) is developed in the present work. The EDA4GNeT method considers the dynamic behavior of network traffic in electrical substations. A mathematical modeling of GOOSE network traffic is adopted for the anomaly detection based on statistical hypothesis testing. The developed mathematical model of the communication traffic can also support the management of the network architecture in IEC 61850 substations based on appropriate performance studies. To test the novel anomaly detection method and compare the obtained results with related works found in the literature, a simulation of a DoS attack against a 66/11kV substation with several experiments is used as a case study.

Postprint §
DOI: 10.5445/IR/1000158413
Veröffentlicht am 05.05.2023
DOI: 10.1109/TSG.2023.3272749
Zitationen: 2
Zitationen: 2
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Automation und angewandte Informatik (IAI)
Institut für Informationssicherheit und Verlässlichkeit (KASTEL)
Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Publikationstyp Zeitschriftenaufsatz
Publikationsjahr 2024
Sprache Englisch
Identifikator ISSN: 1949-3053, 1949-3061
KITopen-ID: 1000158413
HGF-Programm 46.23.02 (POF IV, LK 01) Engineering Security for Energy Systems
Erschienen in IEEE Transactions on Smart Grid
Verlag Institute of Electrical and Electronics Engineers (IEEE)
Band 15
Heft 1
Seiten 899-910
Projektinformation KASTEL_SVI (BMBF, 16KIS0521)
Vorab online veröffentlicht am 03.05.2023
Nachgewiesen in Scopus
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page