| dc.contributor.advisor | Dagale, Haresh | |
| dc.contributor.advisor | Singh, Chandramani | |
| dc.contributor.author | Baranwal, Kishan | |
| dc.date.accessioned | 2025-08-19T10:55:56Z | |
| dc.date.available | 2025-08-19T10:55:56Z | |
| dc.date.submitted | 2025 | |
| dc.identifier.uri | https://etd.iisc.ac.in/handle/2005/7037 | |
| dc.description.abstract | Cyberattacks targeting operational technology (OT) systems, such as power grids, have evolved into highly sophisticated threats. In the last two decades state-sponsored adversaries have increasingly weaponized protocol-compliant attacks, as was the case in Industroyer malware that masquerades attack using legitimate protocol format. These attacks exploit trusted communication frameworks, such as the IEC 61850 -Manufacturing Message Specification (MMS), to compromise Intelligent Electronic Devices (IEDs) and destabilize grid operations. MMS is a cornerstone of communication in a smart grid and can be exploited using its feature, remote control command execution on IEDs.
Recent research efforts to enhance smart grid security have primarily focused on the IEC 61850 protocol, particularly the Generic Object-Oriented Substation Events (GOOSE) protocol. Some studies have also examined the MMS, but these approaches remain limited, mainly addressing generic TCP/IP networking issues. This project aims to explore potential opportunities for advancing MMS protocol security, enabling detection of not only basic attacks (e.g., replay attacks) but also malware intrusions. Leveraging the strengths of one-class classifier ML models, the project addresses the challenge of limited MMS attack data availability while also providing resilience against potential zero-day attacks.
This project consists of two key components:
i) Rule-based NIDS - Implementing MMS service error and signature-based rules.
ii) MMS Service Anomaly - Detecting intrusions using top-ranked MMS application layer protocol features. | en_US |
| dc.description.sponsorship | POWERGRID Center of Excellence in Cybersecurity(PGCoE) | en_US |
| dc.language.iso | en_US | en_US |
| dc.relation.ispartofseries | ;ET01045 | |
| dc.rights | I grant Indian Institute of Science the right to archive and to make available my thesis or dissertation in whole or in part in all forms of media, now hereafter known. I retain all proprietary rights, such as patent rights. I also retain the right to use in future works (such as articles or books) all or part
of this thesis or dissertation | en_US |
| dc.subject | Cyberattack | en_US |
| dc.subject | Power grids | en_US |
| dc.subject | Manufacturing Message Specification | en_US |
| dc.subject | MMS Service | en_US |
| dc.subject | GOOSE protocol | en_US |
| dc.subject | Intelligent Electronic Device | en_US |
| dc.subject.classification | Research Subject Categories::TECHNOLOGY::Information technology::Computer science | en_US |
| dc.title | ML based Intrusion Detection System for IEC 61850 MMS | en_US |
| dc.type | Thesis | en_US |
| dc.degree.name | MTech (Res) | en_US |
| dc.degree.level | Masters | en_US |
| dc.degree.grantor | Indian Institute of Science | en_US |
| dc.degree.discipline | Engineering | en_US |
