scholarly journals Cyber Physical Defense Framework for Distributed Smart Grid Applications

2021 ◽  
Vol 8 ◽  
Author(s):  
Ayush Sinha ◽  
Manasi Mohandas ◽  
Pankaj Pandey ◽  
O. P. Vyas
Keyword(s):  
Smart Grid ◽  
Large Scale ◽  
Impact Analysis ◽  
Denial Of Service ◽  
Attack Detection ◽  
Cyber Attack ◽  
Physical Defense ◽  
Proposed Model ◽  
Grid Applications ◽  
Physical Spaces

Cyber-Physical Systems (CPS) is the amalgamation of highly sophisticated sensors with physical spaces. These close conjunctions of sensors with communication infrastructure intrinsically linking to society’s Critical Infrastructures (C.I.) are being witnessed more often in the context of Smart Grid (SG). As a backbone of C.I., Smart Grid demonstrates ability to precisely monitor large scale energy systems and designed in order to achieve complex local and global objectives. Being capable of performing such sophisticated operation it also bears the vulnerability of being exposed for cyber-physical co-ordinated attack that may lead to catastrophic effect. Many researchers have analyze the different stages of cyber-physical co-ordinated attacks like attack detection, prevention, impact analysis and recovery plans but there exist a research gap to address all the issues under single framework. Through this paper, we propose a novel Cyber Physical Defense Framework (CPDF) based on National Institute of Standards and Technology (NIST) guidelines to address the cyber attack on SG. Our work addresses the pre and post attack scenario, attack vector formulation through hierarchical PetriNet modeling and recovery mechanism. We have performed experiment for Distributed Denial of Service (DDoS) and False Data Injection attack (FDI) to validate our framework effectiveness and established the efficacy of proposed model. In the end, we have presented a case study of FDI attack detection using machine learning technique on IEEE 9-bus and 14-bus system.

Advanced Network Data Analytics for Large-Scale DDoS Attack Detection

2017 ◽  
Vol 7 (3) ◽  
pp. 44-54 ◽  
Author(s):  
Konstantinos F. Xylogiannopoulos ◽  
Panagiotis Karampelas ◽  
Reda Alhajj
Keyword(s):  
Large Scale ◽  
Denial Of Service ◽  
Attack Detection ◽  
Large Network ◽  
Cloud Infrastructure ◽  
Laptop Computer ◽  
Data Mining Technique ◽  
Ddos Attack ◽  
Hardware Configuration ◽  
Security Standards

Internet-enabled devices or Internet of Things as it has been prevailed are increasing exponentially every day. The lack of security standards in the manufacturing of these devices along with the haste of the manufacturers to increase their market share in this area has created a very large network of vulnerable devices that can be easily recruited as bot members and used to initiate very large volumetric Distributed Denial of Service (DDoS) attacks. The significance of the problem can be easily acknowledged due to the large number of cases regarding attacks on institutions, enterprises and even countries which have been recently revealed. In the current paper a novel method is introduced, which is based on a data mining technique that can analyze incoming IP traffic details and early warn the network administrator about a potentially developing DDoS attack. The method can scale depending on the availability of the infrastructure from a conventional laptop computer to a complex cloud infrastructure. Based on the hardware configuration as it is proved with the experiments the method can easily monitor and detect abnormal network traffic of several Gbps in real time using the minimum hardware equipment.

scholarly journals A Deep and Scalable Unsupervised Machine Learning System for Cyber-Attack Detection in Large-Scale Smart Grids

IEEE Access ◽  
2019 ◽  
Vol 7 ◽  
pp. 80778-80788 ◽  
Author(s):  
Hadis Karimipour ◽  
Ali Dehghantanha ◽  
Reza M. Parizi ◽  
Kim-Kwang Raymond Choo ◽  
Henry Leung
Keyword(s):  
Machine Learning ◽  
Smart Grids ◽  
Large Scale ◽  
Attack Detection ◽  
Learning System ◽  
Cyber Attack ◽  
Unsupervised Machine Learning

scholarly journals Cognitive Dynamic System for AC State Estimation and Cyber-Attack Detection in Smart Grid

2020 ◽  
Author(s):  
Mohammad Irshaad Oozeer ◽  
Simon Haykin
Keyword(s):  
Smart Grid ◽  
Dynamic System ◽  
State Estimation ◽  
Attack Detection ◽  
Cyber Attacks ◽  
Data Detection ◽  
Cyber Attack ◽  
Bad Data Detection ◽  
Cycle Basis ◽  
Iterative Procedures

The work presented in this chapter is an extension of our previous research of bringing together the Cognitive Dynamic System (CDS) and the Smart Grid (SG) by focusing on AC state estimation and Cyber-Attack detection. Under the AC power flow model, state estimation is complex and computationally expensive as it relies on iterative procedures. On the other hand, the False Data Injection (FDI) attacks are a new category of cyber-attacks targeting the SG that can bypass the current bad data detection techniques in the SG. Due to the complexity of the nonlinear system involved, the amount of published works on AC based FDI attacks have been fewer compared to their DC counterpart. Here, we will demonstrate how the entropic state, which is the objective function of the CDS, can be used as a metric to monitor the grid’s health and detect FDI attacks. The CDS, acting as the supervisor of the system, improves the entropic state on a cycle to cycle basis by dynamically optimizing the state estimation process through the reconfiguration of the weights of the sensors in the network. In order to showcase performance of this new structure, computer simulations are carried out on the IEEE 14-bus system for optimal state estimation and FDI attack detection.

scholarly journals Review on EM-CURE Algorithm for Detection DDOS Attack

2018 ◽  
Vol 7 (01) ◽  
pp. 23386-23489
Author(s):  
Miss Priyanka P. Narode ◽  
Prof I.R. Shaikh
Keyword(s):  
Data Mining ◽  
Network Flow ◽  
Denial Of Service ◽  
Attack Detection ◽  
Cyber Attack ◽  
Data Mining Technique ◽  
Network Resource ◽  
Data Mining Techniques ◽  
Ddos Attack ◽  
Efficient Detection

Distributed Denial of Service attack (DoS attack) is a cyber attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled. It is necessary to analyze the fundamental features of DDoS attacks because these attacks can easily vary the used port/protocol, or operation method because they are designed to restricted applications on limited environments.DDoS attack detection very difficult because the non-existence of predefined rules to correctly identify the genuine network flow. A combination of unsupervised data mining techniques as IDS are introduced. The Entropy Method concept in term of windowing the incoming packets is applied with data mining technique using Clustering Using Representative (CURE) as cluster analysis to detect the DDoS attack in network flow. The data is mainly collected from datasets. The CURE DDoS attack detection technique based on entropy gives a promising way to analyze this attack and construct an efficient detection model using a clustering data mining techniques. This approach has been evaluated and compared with several existing approaches in terms of accuracy, false alarm rate, detection rate, F. measure and Phi coefficient.

Advanced Network Data Analytics for Large-Scale DDoS Attack Detection

2021 ◽  
pp. 358-370
Author(s):  
Konstantinos F. Xylogiannopoulos ◽  
Panagiotis Karampelas ◽  
Reda Alhajj
Keyword(s):  
Large Scale ◽  
Denial Of Service ◽  
Attack Detection ◽  
Large Network ◽  
Cloud Infrastructure ◽  
Data Mining Technique ◽  
Ddos Attack ◽  
Hardware Configuration ◽  
Novel Method ◽  
Security Standards

Internet-enabled devices or Internet of Things as it has been prevailed are increasing exponentially every day. The lack of security standards in the manufacturing of these devices along with the haste of the manufacturers to increase their market share in this area has created a very large network of vulnerable devices that can be easily recruited as bot members and used to initiate very large volumetric Distributed Denial of Service (DDoS) attacks. The significance of the problem can be easily acknowledged due to the large number of cases regarding attacks on institutions, enterprises and even countries which have been recently revealed. In the current paper a novel method is introduced, which is based on a data mining technique that can analyze incoming IP traffic details and early warn the network administrator about a potentially developing DDoS attack. The method can scale depending on the availability of the infrastructure from a conventional laptop computer to a complex cloud infrastructure. Based on the hardware configuration as it is proved with the experiments the method can easily monitor and detect abnormal network traffic of several Gbps in real time using the minimum hardware equipment.

Sign in / Sign up

Export Citation Format

Share Document