FPGA-based network intrusion detection for IEC 61850-based industrial network

This paper proposes an FPGA-based network intrusion detection system for the IEC 61850-based industrial network that is specially designed for substation automation. The proposed system uses the Shift-And algorithm for detecting malicious network packets within IEC 61850 messages. To implement a com...

Full description

Bibliographic Details
Main Authors: Junsik Kim, Jaehyun Park
Format: Article
Language:English
Published: Elsevier 2018-03-01
Series:ICT Express
Online Access:http://www.sciencedirect.com/science/article/pii/S2405959517303648
Description
Summary:This paper proposes an FPGA-based network intrusion detection system for the IEC 61850-based industrial network that is specially designed for substation automation. The proposed system uses the Shift-And algorithm for detecting malicious network packets within IEC 61850 messages. To implement a complex rule matching module with a limited memory size of FPGA, a specially designed rule matching module was proposed in this paper. For feasibility evaluation, a prototype with 265 regular expression matching modules was implemented using Xilinx Zynq-7030 FPGA and its performance is presented in this paper. Keywords: Network intrusion detection system (NIDS), IEC 61850, Regular expression, Substation automation, FPGA
ISSN:2405-9595