Date of Graduation

5-2023

Document Type

Thesis

Degree Name

Bachelor of Science in Computer Science

Degree Level

Undergraduate

Department

Computer Science and Computer Engineering

Advisor/Mentor

Jin, Kevin

Committee Member/Reader

Li, Qinghua

Committee Member/Second Reader

Ngan Le, Thi Hoang

Abstract

Power grid communication networks are important systems to detect intrusions from an attacker due to them being necessary to maintain critical infrastructure. This thesis applies recent advancements in P4 technology to detect cyberattacks in SCADA systems. In previous work, a list has been compiled of potential attacks that exploit one of the most common protocols in SCADA systems, DNP3. Solutions for detecting these attacks can be categorized by the broad methods that they use. The two methods that are focused on are single-packet inspection and multiple-packet inspection. For each of these, a specific attack is chosen and a detection algorithm is developed. These attacks are the length overflow attack and the outstation write attack. The detection algorithm for these attacks can act as an example of the methods that they were chosen for. For one of these attacks, the outstation write attack, the effectiveness of the algorithm is evaluated. This is done in a simulated network using a network simulation tool called Mininet, and a virtual attack scenario is created. When the detection algorithm detects a malicious packet, it is simply dropped. This algorithm is compared to a simple forwarding program to determine its effectiveness in preventing the attacker’s desired effect on the network. The results show that the attack is effective at dropping malicious traffic in the network, making the attack unsuccessful.

Keywords

SCADA; Intrusion Detection; P4

Download

Share

COinS