Skip to main content
SpringerLink
Log in

Simulation-Based Evaluation of DDoS Against Smart Grid SCADAs

  • Conference paper
  • First Online:
Computer Security (CyberICPS 2019, SECPRE 2019, SPOSE 2019, ADIoT 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11980))

  • 1692 Accesses

Abstract

The goal of this paper is to simulate the effects of different Distributed Denial of Service (DDoS) attack scenarios which might be launched against smart grid Supervisory Control and Data Acquisition systems, i.e. SCADAs. We will analyze attacks which are launched from compromised Remote Terminal Units (RTUs) located in the process environment. We created an ICS testbed and industrial DDoS simulator environment consisting of a single C&C server and a configurable number of bots. We simulated scenarios with different numbers of hacked RTUs trying to overwhelm the SCADA with unwanted messages. We analyzed the effects of DDoS-type attacks against SCADAs with different internal queue architectures used to manage the incoming messages, i.e. no queues, single queue and separate queue for each connected RTU.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Amin, S., Cárdenas, A.A., Sastry, S.S.: Safe and secure networked control systems under denial-of-service attacks. In: Majumdar, R., Tabuada, P. (eds.) HSCC 2009. LNCS, vol. 5469, pp. 31–45. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00602-9_3

    Chapter  MATH  Google Scholar 

  2. Ashok, A., Wang, P., Brown, M., Govindarasu, M.: Experimental evaluation of cyber attacks on automatic generation control using a CPS security testbed. In: 2015 IEEE Power & Energy Society General Meeting, pp. 1–5. IEEE (2015)

    Google Scholar 

  3. Barbosa, R.R.R., Pras, A.: Intrusion detection in SCADA networks. In: Stiller, B., De Turck, F. (eds.) AIMS 2010. LNCS, vol. 6155, pp. 163–166. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13986-4_23

    Chapter  Google Scholar 

  4. Chandia, R., Gonzalez, J., Kilpatrick, T., Papa, M., Shenoi, S.: Security strategies for SCADA networks. In: Goetz, E., Shenoi, S. (eds.) ICCIP 2007. IIFIP, vol. 253, pp. 117–131. Springer, Boston (2008). https://doi.org/10.1007/978-0-387-75462-8_9

    Chapter  Google Scholar 

  5. Chikuni, E., Dondo, M.: Investigating the security of electrical power systems SCADA. In: IEEE AFRICON 2007, Windhoek, South Africa, pp. 1–7. IEEE (2007)

    Google Scholar 

  6. Christiansson, H., Luiijf, E.: Creating a European SCADA security testbed. In: Goetz, E., Shenoi, S. (eds.) ICCIP 2007. IIFIP, vol. 253, pp. 237–247. Springer, Boston (2008). https://doi.org/10.1007/978-0-387-75462-8_17

    Chapter  Google Scholar 

  7. Davis, C.M., Tate, J.E., Okhravi, H., Grier, C., Overbye, T.J., Nicol, D.: SCADA cyber security testbed development. In: 2006 38th North American Power Symposium, pp. 483–488. IEEE (2006)

    Google Scholar 

  8. Ericsson, G.N.: Cyber security and power system communication—essential parts of a smart grid infrastructure. IEEE Trans. Power Deliv. 25(3), 1501–1507 (2010)

    Article  Google Scholar 

  9. Fernandez, J.D., Fernandez, A.E.: SCADA systems: vulnerabilities and remediation. J. Comput. Sci. Coll. 20(4), 160–168 (2005)

    Google Scholar 

  10. Giani, A., Karsai, G., Roosta, T., Shah, A., Sinopoli, B., Wiley, J.: A testbed for secure and robust SCADA systems. SIGBED Rev. 5(2), 4 (2008)

    Article  Google Scholar 

  11. Hahn, A., et al.: Development of the PowerCyber SCADA security testbed. In: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, p. 21. ACM (2010)

    Google Scholar 

  12. Holm, H., Karresand, M., Vidström, A., Westring, E.: A survey of industrial control system testbeds. In: Buchegger, S., Dam, M. (eds.) Nordic Conference on Secure IT Systems, vol. 9417, pp. 11–26. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26502-5_2

    Chapter  Google Scholar 

  13. Igure, V.M., Laughter, S.A., Williams, R.D.: Security issues in SCADA networks. Comput. Secur. 25(7), 498–506 (2006)

    Article  Google Scholar 

  14. International Electrotechnical Commission (IEC): Industrial communication networks - Network and system security - Part 3-3: System security requirements and security levels. IEC 62443-3-3, Geneva, Switzerland (2013)

    Google Scholar 

  15. Johnson, R.E.: Survey of SCADA security challenges and potential attack vectors. In: 2010 IEEE International Conference for Internet Technology and Secured Transactions, London, United Kingdom, pp. 1–5. IEEE (2010)

    Google Scholar 

  16. Knowles, W., Prince, D., Hutchison, D., Disso, J.F.P., Jones, K.: A survey of cyber security management in industrial control systems. Int. J. Crit. Infrastruct. Prot. 9, 52–80 (2015)

    Article  Google Scholar 

  17. Kushner, D.: The real story of Stuxnet. IEEE Spectr. 3(50), 48–53 (2014)

    Google Scholar 

  18. Lee, R.M., Assante, M.J., Conway, T.: Analysis of the Cyber Attack on the Ukrainian Power Grid. Defense Use Case, SANS ICS (2016)

    Google Scholar 

  19. Liu, S., Liu, X.P., El Saddik, A.: Denial-of-Service (DoS) attacks on load frequency control in smart grids. In: 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT), Washington DC, USA, pp. 1–6. IEEE (2013)

    Google Scholar 

  20. Long, M., Wu, C.H., Hung, J.Y.: Denial of service attacks on network-based control systems: impact and mitigation. IEEE Trans. Ind. Inform. 1(2), 85–96 (2005)

    Article  Google Scholar 

  21. Nazir, S., Patel, S., Patel, D.: Assessing and augmenting SCADA cyber security: a survey of techniques. Comput. Secur. 70, 436–454 (2017)

    Article  Google Scholar 

  22. Nicholson, A., Webber, S., Dyer, S., Patel, T., Janicke, H.: SCADA security in the light of Cyber-Warfare. Comput. Secur. 31(4), 418–436 (2012)

    Article  Google Scholar 

  23. Pang, Z.H., Liu, G.P., Dong, Z.: Secure networked control systems under denial of service attacks. IFAC Proc. Vol. 44(1), 8908–8913 (2011)

    Article  Google Scholar 

  24. Pasqualetti, F., Dörfler, F., Bullo, F.: Attack detection and identification in cyber-physical systems. IEEE Trans. Autom. Control 58(11), 2715–2729 (2013)

    Article  MathSciNet  Google Scholar 

  25. Patwardhan, M.: DNP3: security and scalability analysis. Sacramento. California State University (2012)

    Google Scholar 

  26. Qassim, Q.S., Jamil, N., Daud, M., Hasan, H.C.: Towards implementing scalable and reconfigurable SCADA security testbed in power system environment. Int. J. Crit. Infrastruct. 15(2), 91–120 (2019)

    Article  Google Scholar 

  27. Queiroz, C., Mahmood, A., Hu, J., Tari, Z., Yu, X.: Building a SCADA security testbed. In: Third IEEE International Conference on Network and System Security, Gold Coast, Queensland, Australia, pp. 357–364. IEEE (2009)

    Google Scholar 

  28. Reaves, B., Morris, T.: An open virtual testbed for industrial control system security research. Int. J. Inf. Secur. 11(4), 215–229 (2012)

    Article  Google Scholar 

  29. Sommestad, T., Ericsson, G.N., Nordlander, J.: SCADA system cyber security—a comparison of standards. In: IEEE PES General Meeting, Minneapolis, Minnesota, USA, pp. 1–8. IEEE (2010)

    Google Scholar 

  30. Sun, C.C., Hahn, A., Liu, C.C.: Cyber security of a power grid: state-of-the-art. Int. J. Electr. Power Energy Syst. 99, 45–56 (2018)

    Article  Google Scholar 

  31. Tesfahun, A., Bhaskari, D.L.: A SCADA testbed for investigating cyber security vulnerabilities in critical infrastructures. Autom. Control Comput. Sci. 50(1), 54–62 (2016)

    Article  Google Scholar 

  32. Wang, C., Fang, L., Dai, Y.: A simulation environment for SCADA security analysis and assessment. In: 2010 IEEE International Conference on Measuring Technology and Mechatronics Automation, Changsha, China, pp. 342–347. IEEE (2010)

    Google Scholar 

  33. Yuan, Y., Zhu, Q., Sun, F., Wang, Q., Başar, T.: Resilient control of cyber-physical systems against denial-of-service attacks. In: 2013 6th International Symposium on Resilient Control Systems (ISRCS), San Francisco, USA, pp. 54–59. IEEE (2013)

    Google Scholar 

Download references

Acknowledgment

This work was supported by the Ministry of Education, Science and Technological Development of the Republic of Serbia under grants III-42004 and TR33013. The authors received funding from the EU’s Education, Audiovisual and Culture Executive Agency (EACEA) under the Erasmus+ Capacity Building in the Field of Higher Education (CBHE) grant number 586474-EPP-1-2017-1-RS-EPPKA2-CBHE-JP.

Author information

Authors and Affiliations

  1. Faculty of Technical Sciences, University of Novi Sad, Novi Sad, Serbia

    Damjan Gogic, Bojan Jelacic & Imre Lendak

  2. Faculty of Informatics, Eötvös Loránd University, Budapest, Hungary

    Imre Lendak

Authors
  1. Damjan Gogic
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bojan Jelacic
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Imre Lendak
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Imre Lendak .

Editor information

Editors and Affiliations

  1. Open University of Cyprus, Latsia, Cyprus

    Sokratis Katsikas

  2. IMT Atlantique, Brest, France

    Frédéric Cuppens

  3. IMT Atlantique, Brest, France

    Nora Cuppens

  4. University of Piraeus, Piraeus, Greece

    Costas Lambrinoudakis

  5. University of the Aegean, Mytilene, Greece

    Christos Kalloniatis

  6. University of Toronto, Toronto, ON, Canada

    John Mylopoulos

  7. Georgia Institute of Technology, Atlanta, GA, USA

    Annie Antón

  8. University of Piraeus, Piraeus, Greece

    Stefanos Gritzalis

  9. Technical University of Berlin, Berlin, Germany

    Frank Pallas

  10. Alexander von Humboldt Institute for Internet and Society, Berlin, Germany

    Jörg Pohle

  11. Ruhr University Bochum, Bochum, Germany

    Angela Sasse

  12. Technical University of Denmark, Kongens Lyngby, Denmark

    Weizhi Meng

  13. University of Plymouth, Plymouth, UK

    Steven Furnell

  14. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gogic, D., Jelacic, B., Lendak, I. (2020). Simulation-Based Evaluation of DDoS Against Smart Grid SCADAs. In: Katsikas, S., et al. Computer Security. CyberICPS SECPRE SPOSE ADIoT 2019 2019 2019 2019. Lecture Notes in Computer Science(), vol 11980. Springer, Cham. https://doi.org/10.1007/978-3-030-42048-2_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42048-2_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42047-5

  • Online ISBN: 978-3-030-42048-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation