TY - GEN
T1 - Mitigating IEC-60870-5-104 Vulnerabilities
T2 - 2023 International Symposium on Networks, Computers and Communications, ISNCC 2023
AU - Sathar, Sajath
AU - Al-Kuwari, Saif
AU - Albaseer, Abdullatif
AU - Qaraqe, Marwa
AU - Abdallah, Mohamed
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Advanced Information Communication Technology (ICT) is used in smart grid systems to introduce intelligence and efficiency, potentially outperforming conventional power systems. A fundamental component of a smart grid system is the Smart Meters (SMs), which are integrated with billing utilities, such as national control centers (NCC), and advanced metering infrastructure (AMI). However, like most emerging technologies, some security vulnerabilities and attacks were found. In this paper, we address such vulnerabilities, specifically associated with SMs, that occur when energy consumption is reported to the billing system, specifically through the IEC-60870-5-104(IEC-104) protocol. Since existing datasets do not include sufficient data related to such vulnerabilities, especially in SM with IEC-104 protocol communication, we developed a testbed with a virtual environment and generated a dataset with and without attack vectors. We then proposed a novel anomaly detection algorithm based on LSTM autoencoder, which combines the functional benefits of LSTM and the deep learning of autoencoders. The model's performance is evaluated against two popular attacks, MITM and Replay, and our result shows that the replay attack is harder to find since the attack is executed without data alteration.
AB - Advanced Information Communication Technology (ICT) is used in smart grid systems to introduce intelligence and efficiency, potentially outperforming conventional power systems. A fundamental component of a smart grid system is the Smart Meters (SMs), which are integrated with billing utilities, such as national control centers (NCC), and advanced metering infrastructure (AMI). However, like most emerging technologies, some security vulnerabilities and attacks were found. In this paper, we address such vulnerabilities, specifically associated with SMs, that occur when energy consumption is reported to the billing system, specifically through the IEC-60870-5-104(IEC-104) protocol. Since existing datasets do not include sufficient data related to such vulnerabilities, especially in SM with IEC-104 protocol communication, we developed a testbed with a virtual environment and generated a dataset with and without attack vectors. We then proposed a novel anomaly detection algorithm based on LSTM autoencoder, which combines the functional benefits of LSTM and the deep learning of autoencoders. The model's performance is evaluated against two popular attacks, MITM and Replay, and our result shows that the replay attack is harder to find since the attack is executed without data alteration.
KW - Anomaly detection
KW - Autoencoder
KW - IEC-60870-5-104
KW - IoT
KW - LSTM
KW - Smart Meter (SM)
UR - http://www.scopus.com/inward/record.url?scp=85179837126&partnerID=8YFLogxK
U2 - 10.1109/ISNCC58260.2023.10323610
DO - 10.1109/ISNCC58260.2023.10323610
M3 - Conference contribution
AN - SCOPUS:85179837126
T3 - 2023 International Symposium on Networks, Computers and Communications, ISNCC 2023
BT - 2023 International Symposium on Networks, Computers and Communications, ISNCC 2023
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 23 October 2023 through 26 October 2023
ER -