The paper addresses the increasing vulnerability of SDN architecture to cyber-attacks, focusing on protecting power grid substations. It introduces a rule-based IDS integrated with SDN to identify and mitigate malicious GOOSE messages. The study emphasizes the importance of cybersecurity in substation automation systems and presents implementation examples using a hardware-in-the-loop testbed.
The content discusses the separation of control and forwarding planes in SDN architecture, highlighting security challenges faced by this technology. It explores various research works proposing mitigation schemes for DDoS attacks, fault injection threats, and other security vulnerabilities in SDN networks. The paper also outlines attack scenarios involving abnormal GOOSE packet injections on station bus SDN switches and PIED devices.
Furthermore, the study evaluates time delays associated with implementing the proposed IDS-integrated SDN module compared to traditional scenarios. It concludes by suggesting future work to enhance the accuracy and efficiency of detecting cyber threats in substation networks through continuous refinement and optimization.
Ke Bahasa Lain
dari konten sumber
arxiv.org
Wawasan Utama Disaring Dari
by Mansi Girdha... pada arxiv.org 03-08-2024
https://arxiv.org/pdf/2311.12205.pdfPertanyaan yang Lebih Dalam