With the increasing reliance of smart grids on correctly functioning SCADA systems and their vulnerability to cyberattacks, there is a pressing need for effective security measures. SCADA systems are prone to cyberattacks, posing risks to critical infrastructure. As there is a lack of host-based intrusion detection systems specifically designed for the stable nature of SCADA systems, the objective of this work is to propose a host-based intrusion detection system tailored for SCADA systems in smart grids. The proposed system utilizes USB device identification, flagging, and process memory scanning to monitor and detect anomalies in SCADA systems, providing enhanced security measures. Evaluation in three different scenarios demonstrates the tool's effectiveness in detecting and disabling malware. The proposed approach effectively identifies potential threats and enhances the security of SCADA systems in smart grids, providing a promising solution to protect against cyberattacks.

翻译：随着智能电网对SCADA系统正常运行的依赖日益增加，以及其易受网络攻击的脆弱性，亟需有效的安全措施。SCADA系统易遭受网络攻击，对关键基础设施构成风险。由于缺乏专门针对SCADA系统稳定特性设计的基于主机的入侵检测系统，本研究旨在提出一种适用于智能电网中SCADA系统的基于主机的入侵检测系统。该系统通过USB设备识别、标记及进程内存扫描技术，监控和检测SCADA系统的异常行为，从而增强安全防护。在三种不同场景下的评估表明，该工具在检测和禁用恶意软件方面具有有效性。所提出的方法能有效识别潜在威胁，提升智能电网中SCADA系统的安全性，为防范网络攻击提供了一种有前景的解决方案。