Midas (Ministry of Interior)

Intrusion detection for SCADA

Project Number: 2010-0000066847

Project Manager: Prof. dr. Sandro Etalle

Faculty of Electrical Engineering, Mathematics and Computer Science

Tel.: +31-53--4891195

Project website: Midas

Summary

Network Intrusion Detection Systems (NIDS) are systems devised to recognize when a cyber-attacker is trying to get control of a networked system by exploiting a vulnerability. NIDS form an essential second line of defence for many security-critical IT systems. Unfortunately, current NIDS cannot be successfully used to monitor SCADA network, because SCADA systems usually employ proprietary protocols, or proprietary extensions of open ones.

The goal of Midas is to devise new detection techniques, likely based on anomaly detection, which can monitor proprietary protocols’ data and detect attacks. Secondly, Midas aims to develop an integrated framework to not only detect threats, but also help security operators in assessing the impact of a possible attack (for instance by deploying non-intrusive agents on systems).

Project duration: March 2010 - March 2011

Project budget: € 755.600

Number of person/years:

Project Coordinator: UT

Participants: UT, Security Matters, ABB, Fox-IT, Gasunie, Brabant Water, Aliander

Project budget CTIT: €350.000

Involved groups: Distributed and Embedded Security (DIES), Design and Analysis of Communication Systems (DACS)

CTIT Strategic Research Orientation: Integrated Security and Privacy in a Networked World / Dependable Systems and Networks

	CTIT Home > ... > Other > Midas (Ministry of Interior)
Home CTIT Symposium 2012 About CTIT News NIRICT Research Meet the PhDs Working at CTIT Internal Information Conferences Open Calls (updated April 20, 2012) Library and Videos Knowledge Transfer Links Sitemap Search	Midas (Ministry of Interior) Intrusion detection for SCADA Project Number: 2010-0000066847 Project Manager: Prof. dr. Sandro Etalle Faculty of Electrical Engineering, Mathematics and Computer Science Tel.: +31-53--4891195 Email: sandro.etalle@utwente.nl Project website: Midas Summary Network Intrusion Detection Systems (NIDS) are systems devised to recognize when a cyber-attacker is trying to get control of a networked system by exploiting a vulnerability. NIDS form an essential second line of defence for many security-critical IT systems. Unfortunately, current NIDS cannot be successfully used to monitor SCADA network, because SCADA systems usually employ proprietary protocols, or proprietary extensions of open ones. The goal of Midas is to devise new detection techniques, likely based on anomaly detection, which can monitor proprietary protocols’ data and detect attacks. Secondly, Midas aims to develop an integrated framework to not only detect threats, but also help security operators in assessing the impact of a possible attack (for instance by deploying non-intrusive agents on systems). Project duration: March 2010 - March 2011 Project budget: € 755.600 Number of person/years: Project Coordinator: UT Participants: UT, Security Matters, ABB, Fox-IT, Gasunie, Brabant Water, Aliander Project budget CTIT: €350.000 Involved groups: Distributed and Embedded Security (DIES), Design and Analysis of Communication Systems (DACS) CTIT Strategic Research Orientation: Integrated Security and Privacy in a Networked World / Dependable Systems and Networks