106 research outputs found
SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach
This paper presents the development of a Supervisory Control and Data
Acquisition (SCADA) system testbed used for cybersecurity research. The testbed
consists of a water storage tank's control system, which is a stage in the
process of water treatment and distribution. Sophisticated cyber-attacks were
conducted against the testbed. During the attacks, the network traffic was
captured, and features were extracted from the traffic to build a dataset for
training and testing different machine learning algorithms. Five traditional
machine learning algorithms were trained to detect the attacks: Random Forest,
Decision Tree, Logistic Regression, Naive Bayes and KNN. Then, the trained
machine learning models were built and deployed in the network, where new tests
were made using online network traffic. The performance obtained during the
training and testing of the machine learning models was compared to the
performance obtained during the online deployment of these models in the
network. The results show the efficiency of the machine learning models in
detecting the attacks in real time. The testbed provides a good understanding
of the effects and consequences of attacks on real SCADA environmentsComment: E-Preprin
Cyber Infrastructure Protection: Vol. III
Despite leaps in technological advancements made in computing system hardware and software areas, we still hear about massive cyberattacks that result in enormous data losses. Cyberattacks in 2015 included: sophisticated attacks that targeted Ashley Madison, the U.S. Office of Personnel Management (OPM), the White House, and Anthem; and in 2014, cyberattacks were directed at Sony Pictures Entertainment, Home Depot, J.P. Morgan Chase, a German steel factory, a South Korean nuclear plant, eBay, and others. These attacks and many others highlight the continued vulnerability of various cyber infrastructures and the critical need for strong cyber infrastructure protection (CIP). This book addresses critical issues in cybersecurity. Topics discussed include: a cooperative international deterrence capability as an essential tool in cybersecurity; an estimation of the costs of cybercrime; the impact of prosecuting spammers on fraud and malware contained in email spam; cybersecurity and privacy in smart cities; smart cities demand smart security; and, a smart grid vulnerability assessment using national testbed networks.https://press.armywarcollege.edu/monographs/1412/thumbnail.jp
Implementing Man-in-the-Middle Attack to Investigate Network Vulnerabilities in Smart Grid Test-bed
The smart-grid introduces several new data-gathering, communication, and
information-sharing capabilities into the electrical system, as well as
additional privacy threats, vulnerabilities, and cyber-attacks. In this study,
Modbus is regarded as one of the most prevalent interfaces for control systems
in power plants. Modern control interfaces are vulnerable to cyber-attacks,
posing a risk to the entire energy infrastructure. In order to strengthen
resistance to cyber-attacks, this study introduces a test bed for
cyber-physical systems that operate in real-time. To investigate the network
vulnerabilities of smart power grids, Modbus protocol has been examined
combining a real-time power system simulator with a communication system
simulator and the effects of the system presented and analyzed. The goal is to
detect the vulnerability in Modbus protocol and perform the Man-in-the-middle
attack with its impact on the system. This proposed testbed can be evaluated as
a research model for vulnerability assessment as well as a tool for evaluating
cyber-attacks and enquire into any detection mechanism for safeguarding and
defending smart grid systems from a variety of cyberattacks. We present here
the preliminary findings on using the testbed to identify a particular MiTM
attack and the effects on system performance. Finally, we suggest a cyber
security strategy as a solution to address such network vulnerabilities and
deploy appropriate countermeasures.Comment: 7 pages, 10 figures, Conference paper, Accepted in publication for
2023 IEEE World AI IoT Congress (AIIoT
A Comprehensive Survey on the Cyber-Security of Smart Grids: Cyber-Attacks, Detection, Countermeasure Techniques, and Future Directions
One of the significant challenges that smart grid networks face is
cyber-security. Several studies have been conducted to highlight those security
challenges. However, the majority of these surveys classify attacks based on
the security requirements, confidentiality, integrity, and availability,
without taking into consideration the accountability requirement. In addition,
some of these surveys focused on the Transmission Control Protocol/Internet
Protocol (TCP/IP) model, which does not differentiate between the application,
session, and presentation and the data link and physical layers of the Open
System Interconnection (OSI) model. In this survey paper, we provide a
classification of attacks based on the OSI model and discuss in more detail the
cyber-attacks that can target the different layers of smart grid networks
communication. We also propose new classifications for the detection and
countermeasure techniques and describe existing techniques under each category.
Finally, we discuss challenges and future research directions
Cybersecurity in Power Grids: Challenges and Opportunities
Increasing volatilities within power transmission and distribution force power grid operators to amplify their use of communication infrastructure to monitor and control their grid. The resulting increase in communication creates a larger attack surface for malicious actors. Indeed, cyber attacks on power grids have already succeeded in causing temporary, large-scale blackouts in the recent past. In this paper, we analyze the communication infrastructure of power grids to derive resulting fundamental challenges of power grids with respect to cybersecurity. Based on these challenges, we identify a broad set of resulting attack vectors and attack scenarios that threaten the security of power grids. To address these challenges, we propose to rely on a defense-in-depth strategy, which encompasses measures for (i) device and application security, (ii) network security, and (iii) physical security, as well as (iv) policies, procedures, and awareness. For each of these categories, we distill and discuss a comprehensive set of state-of-the art approaches, as well as identify further opportunities to strengthen cybersecurity in interconnected power grids
Delay Performance and Cybersecurity of Smart Grid Infrastructure
To address major challenges to conventional electric grids (e.g., generation diversification and optimal deployment of expensive assets), full visibility and pervasive control over utilities\u27 assets and services are being realized through the integratio
Smart Grids: A Comprehensive Survey of Challenges, Industry Applications, and Future Trends
With the increased energy demands of the 21st century, there is a clear need
for developing a more sustainable method of energy generation, distribution,
and transmission. The popularity of Smart Grid continues to grow as it presents
its benefits, including interconnectivity, improved efficiency, the ability to
integrate renewable energy sources, and many more. However, it is not without
its challenges. This survey aims to provide an introductory background of smart
grids, detail some of the main aspects and current challenges, and review the
most recent papers and proposed solutions. It will also highlight the current
state of implementation of the smart grid by describing various prototypes, as
well as various countries and continents implementation plans and projects.Comment: Paper has been submitted for review to the journal Energy Reports
(January 23, 2024). 58 pages, 7 figures, 7 table
Vulnerability and Impact Analysis of the IEC 61850 Goose Protocol in the Smart Grid
IEC 61850 is one of the most prominent communication standards adopted by the smart grid community due to its high scalability, multi-vendor interoperability, and support for several input/output devices. Generic Object-Oriented Substation Events (GOOSE), which is a widely used communication protocol defined in IEC 61850, provides reliable and fast transmission of events for the electrical substation system. This paper investigates the security vulnerabilities of this protocol and analyzes the potential impact on the smart grid by rigorously analyzing the security of the GOOSE protocol using an automated process and identifying vulnerabilities in the context of smart grid communication. The vulnerabilities are tested using a real-time simulation and industry standard hardware-in-the-loop emulation. An in-depth experimental analysis is performed to demonstrate and verify the security weakness of the GOOSE publish-subscribe protocol towards the substation protection within the smart grid setup. It is observed that an adversary who might have familiarity with the substation network architecture can create falsified attack scenarios that can affect the physical operation of the power system. Extensive experiments using the real-time testbed validate the theoretical analysis, and the obtained experimental results prove that the GOOSE-based IEC 61850 compliant substation system is vulnerable to attacks from malicious intruders
- …