Improving SCADA Security using IDS and MikroTIK
Keywords:DDoS Attack, MikroTik Router, SNORT, SCADA Security,
AbstractIndustries have realized that SCADA System was built without considering the security aspect. It was believed that there are no attacks to the scada plant. Unfortunately, in this era, SCADA network needs to be connected to the Internet to increase its performance. In this case, the protection of Supervisory Control and Data Acquisition (SCADA) is needed against cyber-attacks. Much research has seen the big lost as cyber-attack happens at critical infrastructure. In this research, we simulated a test bed environment of SCADA system to monitor and mitigate the attack as well as give fast response report to the operator. We used Network Based Intrusion Detection System using SNORT rule, which is integrated with MikroTik for Deep Packet Inspection (DPI). This system inspects all traffic data going through the scada system. Results from the experiment show that the testbed environment was able to detect attacks effectively and efficiently.
Keith Stouffer, Joe Falco, Karent Kent., “Guide to Supervisory
Control and Data Acquisition (SCADA) and Industrial Control Systems Security”, National Institute of Standards and Technology (NIST), 2006.
Patel C., Ganesh Bhatt D., James Graham H., “Improving the Cyber Security of SCADA Communication Networks”, Communication, vol.52, no.7, 2009, pp.139-142.
Yang Y., Power and Energy Society General Meeting (PES), IEEE. Intrusion Detection System for IEC 60870-5-104 based SCADA networks, Queen’s University, 2013
Zouheir Trabelsi, Walid Ibrahim., “A Hands-on Approach for Teaching Denial of Service Attacks: A Case Study”, College of Information Technology, 2013.
Albert Sagala, Deni Lumbantoruan, Epelin Manurung, Iroma Situmorang, Adi Gunawan., IAES, “Secured Communication Among HMI and Controller Using RC-4 Algorithm and Raspberry Pi”, TELKOMNIKA Indonesian Journal of Electrical Engineering, vol.15, no.3, 2015.
Rohan Chabukswar, Bruno Sinopoli, “Simulation of Network Attackson SCADA Systems”, University of California Berkeley, 2012.
Miguel A.Calvo Moya, “Analysis and Evaluation of the Snort and Bro Network Intrusion Detection Systems”, Universidad Pontificia Comillas, 2006.
Eric D.Knap, “Industrial Network Security: Securing Critical
Infrastructure Networks for Smart Grid, SCADA, and Other Industrial
Control Systems”, Syngress Elsevier, 2011.
Hahn.A., Ashok.A., and Sridhar S., “Cyber-Physical Security Sandboxs:Architecture, Application, and Evaluation for Smart Grid”,IEEE Transaction on Smart Grid, vol.4, no.2, 2013.
Falco J., Gilsinn J., and Stouffer K., “IT Security for Industrial Control Systems: Requirements Specification and Performance Testing”, 2004 NDIA Homeland Security Symposium & Exhibition, Crystal City, VA, 2004.
Lemay. A, Fernandez. J, Knight. S, “An isolated virtual cluster for SCADA network security research”, Proceeding of the 1st International Symposium for ICS &SCADA Cyber Security Research, 2013.
RBarbosa R.R., Sadre R., and Pras A., “A First Look into SCADA Network Traffic”, in IEEE/IFIP Network Operations and
Management Symposium (NOMS 2012),Springer, 17: 6, 2012.
Steven Cheung, et al, “Using Model-based Intrusion Detection for SCADA Networks”, SRI International, Computer Science Laboratory, 2006.
Giani. A, Sastry. S, Karl H. J., and Sandberd H., “The VIKING Project: An Initiative on Resilent Control of Power Networks”, KTH University, Sweden, 2012.
Dutertre B., “Formal modeling and analysis of the Modbus protocol”, Technical report, Computer Science Laboratory, SRI International, 2006.
How to Cite
TRANSFER OF COPYRIGHT AGREEMENT
The manuscript is herewith submitted for publication in the Journal of Telecommunication, Electronic and Computer Engineering (JTEC). It has not been published before, and it is not under consideration for publication in any other journals. It contains no material that is scandalous, obscene, libelous or otherwise contrary to law. When the manuscript is accepted for publication, I, as the author, hereby agree to transfer to JTEC, all rights including those pertaining to electronic forms and transmissions, under existing copyright laws, except for the following, which the author(s) specifically retain(s):
- All proprietary right other than copyright, such as patent rights
- The right to make further copies of all or part of the published article for my use in classroom teaching
- The right to reuse all or part of this manuscript in a compilation of my own works or in a textbook of which I am the author; and
- The right to make copies of the published work for internal distribution within the institution that employs me
I agree that copies made under these circumstances will continue to carry the copyright notice that appears in the original published work. I agree to inform my co-authors, if any, of the above terms. I certify that I have obtained written permission for the use of text, tables, and/or illustrations from any copyrighted source(s), and I agree to supply such written permission(s) to JTEC upon request.