Intrusion detection for SCADA
Project Number: 2010-0000066847
Project Manager: Prof. dr. Sandro Etalle
Faculty of Electrical Engineering, Mathematics and Computer Science
Project website: Midas
Network Intrusion Detection Systems (NIDS) are systems devised to recognize when a cyber-attacker is trying to get control of a networked system by exploiting a vulnerability. NIDS form an essential second line of defence for many security-critical IT systems. Unfortunately, current NIDS cannot be successfully used to monitor SCADA network, because SCADA systems usually employ proprietary protocols, or proprietary extensions of open ones.
The goal of Midas is to devise new detection techniques, likely based on anomaly detection, which can monitor proprietary protocols’ data and detect attacks. Secondly, Midas aims to develop an integrated framework to not only detect threats, but also help security operators in assessing the impact of a possible attack (for instance by deploying non-intrusive agents on systems).
Project duration: March 2010 - March 2014
Project budget: € 755.600
Number of person/years:
Project Coordinator: UT
Participants: UT, Security Matters, ABB, Fox-IT, Gasunie, Brabant Water, Aliander
Project budget CTIT: €350.000
Involved groups: Distributed and Embedded Security (DIES), Design and Analysis of Communication Systems (DACS)