notesum.ai

Published at December 6

Encryption-Aware Anomaly Detection in Power Grid Communication Networks

cs.CR

Released Date: December 6, 2024

Authors: Omer Sen¹, Mehdi Akbari Gurabi, Milan Deruelle, Andreas Ulbig, Stefan Decker

Aff.: ¹RWTH Aachen University, Aachen, Germany

Arxiv: http://arxiv.org/pdf/2412.04901v1

Refer to caption

Anom.	Scenarios	No TLS	TLS
AN1	Standard Operation (Benign Data)	D2-1-1	D2-2-1
AN2	2-hop Targeted Manipulation 1	D2-1-2	D2-2-2
AN3	2-hop Targeted Manipulation 2	D2-1-3	D2-2-3
AN4	2-hop vRTU Slowdown	D2-1-4	D2-2-4
AN5	2-hop vRTU Shutdown	D2-1-5	D2-2-5
AN6	Telnet Data Exfiltration	D2-1-6	D2-2-6
AN7.1	Reconnaissance - Default Options	D2-1-7.1	D2-2-7.1
AN7.2	Reconnaissance - No ARP or ND	D2-1-7.2	D2-2-7.2
AN7.3	Reconnaissance - TCP Connect	D2-1-7.3	D2-2-7.3
AN7.4	Reconnaissance - TCP SYN Scan	D2-1-7.4	D2-2-7.4
AN7.5	Reconnaissance - TCP NULL Scan	D2-1-7.5	D2-2-7.5
AN7.6	Reconnaissance - TCP FIN Scan	D2-1-7.6	D2-2-7.6
AN7.7	Reconnaissance - Xmas Scan	D2-1-7.7	D2-2-7.7