2 research outputs found
Lost at Sea: Assessment and Evaluation of Rootkit Attacks on Shipboard Microgrids
Increased dependence of the maritime industry on information and
communication networks has made shipboard power systems vulnerable to stealthy
cyber-attacks. One such attack variant, called rootkit, can leverage system
knowledge to hide its presence and allow remotely located malware handlers to
gain complete control of infected subsystems. This paper presents a
comprehensive evaluation of the threat landscape imposed by such attack
variants on Medium Voltage DC (MVDC) shipboard microgrids, including a
discussion of their impact on the overall maritime sector in general, and
provides several simulation results to demonstrate the same. It also analyzes
and presents the actions of possible defense mechanisms, with specific emphasis
on evasion, deception, and detection frameworks, that will help ship operators
and maritime cybersecurity professionals protect their systems from such
attacks.Comment: 2023 IEEE Electric Ship Technologies Symposium (ESTS
Improvise, Adapt, Overcome: Dynamic Resiliency Against Unknown Attack Vectors in Microgrid Cybersecurity Games
Cyber-physical microgrids are vulnerable to rootkit attacks that manipulate
system dynamics to create instabilities in the network. Rootkits tend to hide
their access level within microgrid system components to launch sudden attacks
that prey on the slow response time of defenders to manipulate system
trajectory. This problem can be formulated as a multi-stage, non-cooperative,
zero-sum game with the attacker and the defender modeled as opposing players.
To solve the game, this paper proposes a deep reinforcement learning-based
strategy that dynamically identifies rootkit access levels and isolates
incoming manipulations by incorporating changes in the defense plan. A major
advantage of the proposed strategy is its ability to establish resiliency
without altering the physical transmission/distribution network topology,
thereby diminishing potential instability issues. The paper also presents
several simulation results and case studies to demonstrate the operating
mechanism and robustness of the proposed strategy