CTIT University of Twente
Research Business & Innovation About CTIT Research Calls Looking for a job? Intranet

Midas (Ministry of Interior)

Intrusion detection for SCADA

Project Number: 2010-0000066847

Project Manager: Prof. dr. Sandro Etalle

Faculty of Electrical Engineering, Mathematics and Computer Science

Tel.: +31-53--4891195

Email: sandro.etalle@utwente.nl

Project website: Midas

Summary

Network Intrusion Detection Systems (NIDS) are systems devised to recognize when a cyber-attacker is trying to get control of a networked system by exploiting a vulnerability. NIDS form an essential second line of defence for many security-critical IT systems. Unfortunately, current NIDS cannot be successfully used to monitor SCADA network, because SCADA systems usually employ proprietary protocols, or proprietary extensions of open ones.

The goal of Midas is to devise new detection techniques, likely based on anomaly detection, which can monitor proprietary protocols’ data and detect attacks. Secondly, Midas aims to develop an integrated framework to not only detect threats, but also help security operators in assessing the impact of a possible attack (for instance by deploying non-intrusive agents on systems).

Project duration: March 2010 - March 2014

Project budget: € 755.600

Number of person/years:

Project Coordinator: UT

Participants: UT, Security Matters, ABB, Fox-IT, Gasunie, Brabant Water, Aliander

Project budget CTIT: €350.000

Involved groups: Distributed and Embedded Security (DIES), Design and Analysis of Communication Systems (DACS)