Smart Meter Modbus RS-485 Spoofing Attack Detection by LSTM Deep Learning Approach
Md Delwar Hossain, Hideya Ochiai, Tatsuya Arisawa, Youki Kadobayashi
Abstract
The rapid growth of cyberattacks makes apprehension to stability the Cyber- Physical Systems, i.e., Smart Grid networks, and ensure the confidentiality, integrity, and availability (CIA). The proliferation of intelligent hacking tools, techniques, and tactics has allowed anyone with basic computer literacy to be able to attack Smart Grid networks, advanced metering infrastructure that makes threats to accept the digital transformation. As we know, the Modbus RS-485 protocol is commonly used in smart meters for physical layer communication that doesn't support any authentication or encryption mechanism. Henceforth, an attacker can effortlessly inject malicious traffic and compromise the RS-485 communication network. As a countermeasure, an intrusion detection system (IDS) can be deployed to detect and mitigate the anomalous traffic of the RS-485 communication network. This research proposes a Long Short-Term Memory (LSTM)-based IDS for detecting the Smart Meter spoofing attacks. We develop a smart meter RS-485 spoofing attack analog dataset for efficiency reasons. Our experiment results demonstrate that our classifier is efficient for detecting the smart meter RS-485 spoofing attack, and it performs with high accuracy of 100 % and a detection rate of 1.00.