Security Aspects of Internet of Things aided Smart Grids: a Bibliometric Survey

The integration of sensors and communication technology in power systems, known as the smart grid, is an emerging topic in science and technology. One of the critical issues in the smart grid is its increased vulnerability to cyber threats. As such, various types of threats and defense mechanisms are proposed in literature. This paper offers a bibliometric survey of research papers focused on the security aspects of Internet of Things (IoT) aided smart grids. To the best of the authors' knowledge, this is the very first bibliometric survey paper in this specific field. A bibliometric analysis of all journal articles is performed and the findings are sorted by dates, authorship, and key concepts. Furthermore, this paper also summarizes the types of cyber threats facing the smart grid, the various security mechanisms proposed in literature, as well as the research gaps in the field of smart grid security.Comment: The paper is published in Elsevier's Internet of Things journal. 25 pages + 20 pages of reference

IoT-HASS: A Framework For Protecting Smart Home Environment

While many solutions have been proposed for smart home security, the problem that no single solution fully protects the smart home environment still exists. In this research we propose a security framework to protect the smart home environment. The proposed framework includes three engines that complement each other to protect the smart home IoT devices. The first engine is an IDS/IPS module that monitors all traffic in the home network and then detects, alerts users, and/or blocks packets using anomaly-based detection. The second engine works as a device management module that scans and verifies IoT devices in the home network, allowing the user to flag any suspect device. The third engine works as a privacy monitoring module that monitors and detects information transmitted in plaintext and alerts the user if such information is detected. We call the proposed system IoT-Home Advanced Security System or IoT-HASS for short. IoT-HASS was developed using Python 3 and can be implemented in two modes of operation. The in-line mode allows the IoT-HASS to be installed in-line with the traffic inside a Raspberry Pi or a Router. In the in-line mode IoT-HASS acts as an IPS that can detect and block threats as well as alert the user. The second mode is the passive mode where IoT-HASS in not installed in-line with the traffic and can act as an IDS that passively monitors the traffic, detecting threats and alerting the user, but not blocking the attack. IoT-HASS was evaluated via four testing scenarios. It demonstrated superior performance in all testing scenarios in detecting attacks such as DDoS attacks, Brute Force Attacks, and Cross Site Scripting (XSS) Attacks. In each of the four test scenarios, we also tested the device management functionality, which we found to successfully scan and display IoT devices for the homeowner. The extensive evaluating and testing of IoT-HASS showed that IoT-HASS can successfully run in a small device such as a Raspberry Pi, and thus, it will most likely run in an embedded device as an IoT device. Our future research will concentrate on strengthening the current features of IoT-HASS to include additional functionalities

Attack Categorisation for IoT Applications in Critical Infrastructures, a Survey

International audienceWith the ever advancing expansion of the Internet of Things (IoT) into our everyday lives, the number of attack possibilities increases. Furthermore, with the incorporation of the IoT into Critical Infrastructure (CI) hardware and applications, the protection of not only the systems but the citizens themselves has become paramount. To do so, specialists must be able to gain a foothold in the ongoing cyber attack war-zone. By organising the various attacks against their systems, these specialists can not only gain a quick overview of what they might expect but also gain knowledge into the specifications of the attacks based on the categorisation method used. This paper presents a glimpse into the area of IoT Critical Infrastructure security as well as an overview and analysis of attack categorisation methodologies in the context of wireless IoT-based Critical Infrastructure applications. We believe this can be a guide to aid further researchers in their choice of adapted categorisation approaches. Indeed, adapting appropriated categorisation leads to a quicker attack detection, identification, and recovery. It is, thus, paramount to have a clear vision of the threat landscapes of a specific system

Security risk modeling in smart grid critical infrastructures in the era of big data and artificial intelligence

Smart grids (SG) emerged as a response to the need to modernize the electricity grid. The current security tools are almost perfect when it comes to identifying and preventing known attacks in the smart grid. Still, unfortunately, they do not quite meet the requirements of advanced cybersecurity. Adequate protection against cyber threats requires a whole set of processes and tools. Therefore, a more flexible mechanism is needed to examine data sets holistically and detect otherwise unknown threats. This is possible with big modern data analyses based on deep learning, machine learning, and artificial intelligence. Machine learning, which can rely on adaptive baseline behavior models, effectively detects new, unknown attacks. Combined known and unknown data sets based on predictive analytics and machine intelligence will decisively change the security landscape. This paper identifies the trends, problems, and challenges of cybersecurity in smart grid critical infrastructures in big data and artificial intelligence. We present an overview of the SG with its architectures and functionalities and confirm how technology has configured the modern electricity grid. A qualitative risk assessment method is presented. The most significant contributions to the reliability, safety, and efficiency of the electrical network are described. We expose levels while proposing suitable security countermeasures. Finally, the smart grid’s cybersecurity risk assessment methods for supervisory control and data acquisition are presented

Home Automation and RFID-Based Internet of Things Security: Challenges and Issues

Internet of Things (IoT) protection refers to the software field related to securing the Internet of Things and associated linked devices and systems. The IoT is a system of interconnected computers, sensors, actuators, or people on the World Wide Web (WWW). All these different devices have a unique identity in the IoT and must convey data across the network automatically. If computers are not adequately secured, allowing them to connect to the Internet exposes them to a range of serious vulnerabilities. Because the consequences of IoT failures are severe, it is necessary to observe and analyze security issues related to IoT. The prime goal of IoT security is to protect personal safety, while also guaranteeing and ensuring accessibility. In the context of IoT technology, the present study conducts a systematic literature review that analyzes the security problems associated with commercial and educational applications of home automation and details the technical possibilities of IoT with respect to the network layer. In this systematic review, we discuss how current contexts result in the inability of designers of IoT devices to enhance their cyber-security initiatives. Typically, application developers are responsible for training themselves to understand recent security advancements. As a result, active participation on the ridge scale with passive improvement can be achieved. A comparative analysis of the literature was conducted. The main objective of this research is to provide an overview of current IoT security research in home automation, particularly those using authentication methods in different devices, and related technologies in radio frequency identification (RFID) on network layers. IoT security issues are addressed, and various security problems in each layer are analyzed. We describe cross-layer heterogeneous integration as a domain of IoT and demonstrate how it can provide some promising solutions.Qatar University High Impact Grant (QUHI-CBE-21/22-1)

Split Federated Learning for 6G Enabled-Networks: Requirements, Challenges and Future Directions

Sixth-generation (6G) networks anticipate intelligently supporting a wide range of smart services and innovative applications. Such a context urges a heavy usage of Machine Learning (ML) techniques, particularly Deep Learning (DL), to foster innovation and ease the deployment of intelligent network functions/operations, which are able to fulfill the various requirements of the envisioned 6G services. Specifically, collaborative ML/DL consists of deploying a set of distributed agents that collaboratively train learning models without sharing their data, thus improving data privacy and reducing the time/communication overhead. This work provides a comprehensive study on how collaborative learning can be effectively deployed over 6G wireless networks. In particular, our study focuses on Split Federated Learning (SFL), a technique recently emerged promising better performance compared with existing collaborative learning approaches. We first provide an overview of three emerging collaborative learning paradigms, including federated learning, split learning, and split federated learning, as well as of 6G networks along with their main vision and timeline of key developments. We then highlight the need for split federated learning towards the upcoming 6G networks in every aspect, including 6G technologies (e.g., intelligent physical layer, intelligent edge computing, zero-touch network management, intelligent resource management) and 6G use cases (e.g., smart grid 2.0, Industry 5.0, connected and autonomous systems). Furthermore, we review existing datasets along with frameworks that can help in implementing SFL for 6G networks. We finally identify key technical challenges, open issues, and future research directions related to SFL-enabled 6G networks

Cyber-Physical Security of Power Distribution Systems

Smart grids have been witnessing continuous and rapid radical developments in the recent years. With the aim towards a more sustainable energy system, the share of distributed generation resources is ever-increasing and transforming the traditional operations of the power grids. Along with these allocated resources, an ensemble of smart measurement devices, multiple communication layers, sophisticated distributed control techniques and interconnection of system equipment represent the pillars that support the modernization of these power networks. This progress has undoubtedly enabled a more efficient and accurate operation of the power networks. At the same time, it has created vulnerability points and challenges that endanger the safety and security of the smart grids operation. The cyber-physical security of smart grids has consequently become a priority and a major challenge to ensure a reliable and safe operation of the power grid. The resiliency of the grid depends on our ability to design smart grid that can withstand threats and be able to mitigate against different attack scenarios. Cyber-physical security is currently an active area of research, and threats that target critical operation components have been classified and investigated in the literature. However, many of the research efforts have focused on the threats on the transmission level, with the intention of extending the protection, detection and mitigation strategies to the distribution level. Nevertheless, many of the performed analysis is not suitable for Power Distribution Systems (PDS) due to the inherently different characteristics of these systems. This thesis first investigates and addresses the stealthy False Data Injection (FDI) attacks on the PDS, which target the Distribution Systems Optimal Power (DSOPF) Flow and are not detectable by traditional Bad Data Detection (BDD) methods. The attacks formulation is based on the Branch Current State Estimation (BCSE), which allows separation of the phases, thus full analysis on the unbalanced three-phase system is performed. In specific, it is shown how an adversary, having access to system measurements and topology, is able to maximize the system losses. By launching FDI attacks that target the Distribution Systems State Estimation (DSSE), the adversary constructs the attack vectors that drive the objective function in the opposite direction of optimality. Optimal attack strategy effects is investigated. The results demonstrate the increase in system losses after corrupting the measurements. Second, a machine learning technique is proposed as a protection measure against the cyber-physical threats to detect the FDI attacks. Although FDI vectors cannot be detected by conventional BDD techniques, exploiting the historical data enables a more thorough analysis and a better detection advantage of anomalies in the measurements. Recurrent Neural Networks (RNN) is applied on the stream of data measurements to identify any anomaly, which represents a compromised measurement, by analyzing multiple points across the measurement vector and multiple time steps. The temporal correlation of data points is the basis of identifying attack vectors. The results of the RNN model indicate an overall strong ability to detect the stealthy attacks

A Deep Learning-Based Cyberattack Detection System for Transmission Protective Relays

The digitalization of power systems over the past decade has made the cybersecurity of substations a top priority for regulatory agencies and utilities. Proprietary communication protocols are being increasingly replaced by standardized and interoperable protocols providing utility operators with remote access and control capabilities at the expense of growing cyberattack risks. In particular, the potential of supply chain cyberattacks is on the rise in industrial control systems. In this environment, there is a pressing need for the development of cyberattack detection systems for substations and in particular protective relays, a critical component of substation operation. This paper presents a deep learning-based cyberattack detection system for transmission line protective relays. The proposed cyberattack detection system is first trained with current and voltage measurements representing various types of faults on the transmission lines. The cyberattack detection system is then employed to detect current and voltage measurements that are maliciously injected by an attacker to trigger the transmission line protective relays. The proposed cyberattack detection system is evaluated under a variety of cyberattack scenarios. The results demonstrate that a universal architecture can be designed for the deep learning-based cyberattack detection systems in substations

Toward a Lightweight Intrusion Detection System for the Internet of Things

Integration of the Internet into the entities of the different domains of human society (such as smart homes, health care, smart grids, manufacturing processes, product supply chains, and environmental monitoring) is emerging as a new paradigm called the Internet of Things (IoT). However, the ubiquitous and wide-range IoT networks make them prone to cyberattacks. One of the main types of attack is a denial of service (DoS), where the attacker floods the network with a large volume of data to prevent nodes from using the services. An intrusion detection mechanism is considered a chief source of protection for information and communications technology. However, conventional intrusion detection methods need to be modified and improved for application to the IoT owing to certain limitations, such as resource-constrained devices, the limited memory and battery capacity of nodes, and specific protocol stacks. In this paper, we develop a lightweight attack detection strategy utilizing a supervised machine learning-based support vector machine (SVM) to detect an adversary attempting to inject unnecessary data into the IoT network. The simulation results show that the proposed SVM-based classifier, aided by a combination of two or three incomplex features, can perform satisfactorily in terms of classification accuracy and detection time