Malicious Activity Recognition on SCADA Network IEC 60870-5-104 Protocol (Similarity)

Stiawan, Deris (2022) Malicious Activity Recognition on SCADA Network IEC 60870-5-104 Protocol (Similarity). Ithenticate Universitas sriwijaya. (Submitted)

[thumbnail of Malicious_Activity_Recognition_on_SCADA_Network_IE.pdf]
Preview
 Text
Malicious_Activity_Recognition_on_SCADA_Network_IE.pdf
Download (2MB) | Preview

Abstract

SCADA (Supervisory Control Acquisition Data) has extended to a heterogeneous network, makes it opens to any type of internet attack/malicious activity. Malicious activities in the SCADA network may disrupt the control and monitoring process of industrial equipment. These activities can be in the form of Unauthorized Access, Port Scanning, and SYN flood. Each Malicious Activity has features that can be a way to identify it. This paper attempts to investigate the malicious activities in the SCADA network running the IEC 60870-5-104 protocol. Raw traffic data from the SCADA network were recorded in pcap format. Next, by using Snort and Suricata software the characteristics of malicious activities are identified, and then observed using Wireshark software. The observation will produce attacks haracteristics/ features. The malicious activities in the SCADA network traffic records revealed in this study are SYN Flood, Port Scan, Unauthorized Access and Invalid data on CoT (Cause of Transmission) packets. Knowing these features will help to classify or to identify the attacks. In turn, the recognized features of the SCADA traffic network can be used to develop a machine learning model as a classifier engine in an intrusion detection system (IDS).

Item Type: Other
Subjects: T Technology > T Technology (General) > T58.6-58.62 Management information systems > T58.62 Decision support systems Cf. HD30.213 Industrial management
#3 Repository of Lecturer Academic Credit Systems (TPAK) > Results of Ithenticate Plagiarism and Similarity Checker
Divisions: 09-Faculty of Computer Science > 56201-Computer Systems (S1)
Depositing User: Dr. Deris Stiawan
Date Deposited: 26 Nov 2022 06:55
Last Modified: 26 Nov 2022 06:55
URI: http://repository.unsri.ac.id/id/eprint/82332

Actions (login required)

View Item View Item