Convolutional Neural Network-Based Classification of Secured IEC 104 Traffic in Energy Systems

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26220%2F23%3APU149866" target="_blank" >RIV/00216305:26220/23:PU149866 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1145/3638782.3638806" target="_blank" >https://doi.org/10.1145/3638782.3638806</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3638782.3638806" target="_blank" >10.1145/3638782.3638806</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Convolutional Neural Network-Based Classification of Secured IEC 104 Traffic in Energy Systems

Popis výsledku v původním jazyce

This paper focuses on the classification of secure IEC 104 protocol traffic in energy systems using a specific convolutional neural network model. Secure communication of the IEC 104 protocol was used to train the network. The data were obtained using a special network traffic simulator and from an energy testbed. In order to analyze secure communication, a classifier was developed to identify the individual operating states of the communicating station. In this article, we focused on the classification of IEC 104 protocol communication with TLS security. The classifier consisted of a convolutional neural network with a defined two-dimensional input matrix. The matrix was composed of the information from five consecutive packets. The information was constructed from the interarrival time between packets, the length of TLS encrypted application data, and the encrypted application data up to 64B in size. To obtain enough data to train the convolutional network, a simulator of characteristic messages for each state was developed. The classifier was trained to accurately classify the ”Normal operation” and ”Short circuit” states of the station, achieving a probability exceeding 90% for the distinct data flow. However, in the case of other operating states characterized by subtle differences, misclassification occurred between two states sharing similar characteristics.

Název v anglickém jazyce

Convolutional Neural Network-Based Classification of Secured IEC 104 Traffic in Energy Systems

Popis výsledku anglicky

This paper focuses on the classification of secure IEC 104 protocol traffic in energy systems using a specific convolutional neural network model. Secure communication of the IEC 104 protocol was used to train the network. The data were obtained using a special network traffic simulator and from an energy testbed. In order to analyze secure communication, a classifier was developed to identify the individual operating states of the communicating station. In this article, we focused on the classification of IEC 104 protocol communication with TLS security. The classifier consisted of a convolutional neural network with a defined two-dimensional input matrix. The matrix was composed of the information from five consecutive packets. The information was constructed from the interarrival time between packets, the length of TLS encrypted application data, and the encrypted application data up to 64B in size. To obtain enough data to train the convolutional network, a simulator of characteristic messages for each state was developed. The classifier was trained to accurately classify the ”Normal operation” and ”Short circuit” states of the station, achieving a probability exceeding 90% for the distinct data flow. However, in the case of other operating states characterized by subtle differences, misclassification occurred between two states sharing similar characteristics.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

20203 - Telecommunications

Projekt

<a href="/cs/project/FW06010490" target="_blank" >FW06010490: Krypto portál chytrého měření</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 2023 13th International Conference on Communication and Network Security

ISBN

979-8-4007-0796-4

ISSN

—

e-ISSN

—

Počet stran výsledku

7

Strana od-do

159-165

Název nakladatele

ACM

Místo vydání

New York, NY, USA

Místo konání akce

Fuzhou, China

Datum konání akce

1. 12. 2023

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—