Design of Idle-time Measurement System for Data Spoofing Detection

데이터 스푸핑 탐지를 위한 유휴 시간 측정 시스템 설계

  • 정성모 (한남대학교 멀티미디어학과) ;
  • 송재구 (한남대학교 멀티미디어학과) ;
  • 김태훈 (한남대학교 멀티미디어학과) ;
  • 소요환 (한남대학교 멀티미디어학과) ;
  • 김석수 (한남대학교 멀티미디어학과)
  • Published : 2010.01.31


The industrial foundation of the inside and outside of a country has brought significant damages due to attacks from hackers. Especially, if the national primary core infrastructures(like electric power, dam, railroad, atomic energy, etc.) has been significantly damaged, it can be directly linked not only to economic problems but also to people's lives. These national primary core infrastructures usually constitute SCADA system using Modbus RS486 communication. Because of this characteristic, SCADA system has RTU master and slave linked to RJ11 cables to directly pass commands. RJ11 is possible in data spoofing using physical connection because the transmission range of RJ11 has a wide bandwidth(almost 1km). Hence, this paper designed an idle-time measurement system for SCADA system for emerging security improvement in the national primary core infrastructures.


Smart Grid;Spoofing;Measurement System;SCADA Security;Industrial Facilities Security


  1. McClanahan, R.H., "The Benefits of Networked SCADA Systems Utilizing IP-Enabled Networks", Rural Electric Power Conference, 2002. 2002 IEEE, 5-7 May 2002 Pages: C5 - C5_7.
  2. National Intelligence Service, "2004 The White Paper of National Information Security",, 2004.
  3. Ron Derynck, "Cyber-Security and System Integrity for Transportation Networks, Verono White paper", 2004.
  4. GAO, "Critical Infrastructure Protection: Challenge and Efforts to Secure Control System",, Mar. 2004.
  5. David L, Fraley, "Cyberwarfare: VoIP and Convergence Increase Vulnerability", Gartner Report,, Jan. 2004.
  6. Technical Information Bulletin 04-1, "Supervisory Control and Data Acquisition (SCADA) Systems", NCS TIB 04-1, Oct. 2004.
  7. Introduction to MODBUS, Technical Tutorial, Dec. 2002.
  8. What is a packet sniffer?
  9. 서우일, 박현민, 최병석, 박재현, "TCP Connection ARP Spoofing/Hijacking에 대한 탐지 및 추적에 대한 연구", 정보통신연구진흥원 학술기사, 2000.
  10. 조제경, 이형우, "Access Point 기반 무선 네트워크 환경에서의 MAC Address Spoofing 공격 탐지 및 차단 기법", 인터넷정보학회논문지 제9권 제4호, 2008.