Cyber Attack
Recently Published Documents





Aniruddha Agrawal ◽  
Donnagratia Syndor ◽  
Dallang M. Momin ◽  
Shaik Affijulla

Abstract Smart electric grids are practising flexible, reliable and robust operations during delivery and consumption of power. However, these grids are highly vulnerable to a wide range of cyber attacks due to the deployment of an extensive communication network. In this paper, the nature of cyber attack on given power system based on proposed cyber attack models and theorems is analysed by utilizing steady state voltage stability (L index). Further, a cyber attack factor is introduced which may mislead the bus voltage stability virtually. The proposed cyber attack models and theorems are validated by executing cyber attacks on WSCC 9 bus and IEEE 14 bus test systems by using Siemens PSS/E and MATLAB softwares. Through the proposed theorems, the paper exposes and quantifies the threat of cyber attacks in the electric power grid. The simulation results reveal that the proposed cyber attack models may misrepresent the bus voltage stability, thereby misleading the energy management centre (EMC) operator into taking incorrect countermeasures. The above incorrect actions may force voltage instability which further leads to major interruptions in the electric power supply and possible cascading failure of the electric power grid. Moreover, the proposed theorems and rigorous simulations presented in the paper support the EMC operator in intelligently identifying a cyber attack, thereby enabling development of appropriate corrective actions during such cyber attacks on the smart electric grid. Thus, the concept of proposed methodology could best assist the power system operator to build detection algorithms for discrimination of cyber attacks from electrical faults towards strong electric grid resilience character.

Complexity ◽  
2021 ◽  
Vol 2021 ◽  
pp. 1-19
Marc Mangel ◽  
Jimmie McEver

We study the consequences of cyberattack, defense, and recovery in systems for which a physical system is enabled by a cyber system by extending previous applications of models from the population biology of disease to the cyber system and coupling the state of the cyber system to the physical system, using the synchronous model for the electric grid. In analogy to disease models in which individuals are susceptible, infected, or recovered, in the cyber system, components can be uncompromised and vulnerable to attack, uncompromised and temporarily invulnerable to attack, compromised, or reset and thus not able to contribute to the performance of the physical system. We model cyber defensive countermeasures in analogy to the adaptive immune system. We link the physical and cyber systems through a metric of performance of the physical system that depends upon the state of the cyber system using (i) a generic nonlinear relationship between the state of the cyber system and the performance of the physical system and (ii) the synchronous motor model of an electric grid consisting of a utility with many customers whose smart meters can become compromised, in which a steady state in the difference in rotor angles is the metric of performance. We use the coupled models, both of which have emergent properties, to investigate two situations. First, when an attacker that relies on stealth compromise is hidden until it is either detected during routine maintenance or an attack is initiated. The probability that compromise remains undetected declines with time and the level of compromise increases with time. Because of these dynamics, an optimal time of attack emerges, and we explore how it varies with parameters of the cyber system. Second, we illustrate one of the Electric Power Research Institute scenarios for the reverse engineering of Advanced Metering Infrastructure (AMI) by coupling the synchronous motor equations for the generator and utility to the model of compromise. We derive a canonical condition for grid failure that relates the level of compromise at the time of detection of compromise and the dissipation parameter in the synchronous motor model. We conclude by discussing the innovative aspects of our methods, which include (i) a fraction of decoy components in the cyber system, which are not connected to the rest of the cyber system or the physical system and thus do not spread compromise but increase the probability of detection of compromise, (ii) allowing components of the cyber system to return to the un-compromised state either temporarily invulnerable or immediately vulnerable, (iii) adaptive Defensive Counter Measures that respond in a nonlinear fashion to attack and compromise (in analogy to killer T cells of the immune system), (iv) a generic metric of performance of the physical system that depends upon the state of the cyber system, and (v) coupling a model of the electric grid to the model of compromise of the cyber system that leads to a condition for failure of the grid in terms of parameters of both compromise and the synchronous motor model, directions for future investigations, and connections to recent studies on broadly the same topics. We include a pseudocode as an Appendix and indicate how to obtain R script for the models from the first author.

2022 ◽  
Vol 31 (1) ◽  
pp. 13-28
Sulaiman Yousef Alshunaifi ◽  
Shailendra Mishra ◽  
Mohammed Abdul Rahman AlShehri

Kritika Bansal ◽  
Pankaj Mukhija

This paper addresses the issue of control of a vehicle platoon system with limited on-board energy and communication resources and subjected to cyber-physical attacks. A platoon model for the predecessor-leader following topology under the effect of cyber-attack and time-varying delay is developed. A stochastic type deception attack is considered in this paper at the sensor-controller end of a vehicle. The probability of occurrence of attack is represented using a random variable. In addition, to reduce the usage of resources in a system, a decentralized event-triggering communication mechanism is proposed where each vehicle can decide independently on when to transmit its state to the controller. Further, the criteria for co-designing of control law and triggering parameter ensuring internal stability of the platoon system is developed based on the proposed triggering mechanism. A condition to achieve string stability for the controller is also obtained. Further, to avoid the problem of Zeno phenomena, a lower bound on the transmission period is presented. The effectiveness of the proposed methodology is established through simulation example.

John Battersby

This is a book review of the book by Jim Sciutto (2019), Inside Russia’s and China’s Secret Operations to Defeat America, Harper Published by - Harper (2019) Format - Paperback ISBN - 978-0-06-285366-0. 320 pages Reviewed by John Battersby This book includes chapters on the Russian cyber attack on Estonia in 2007, Chinese HUMINT operations in the US which extracted key intelligence on US military hardware, Russia’s intervention in the Ukraine, China’s construction of island bases in the South China Sea and the use of military and non-military intimidation tactics to assert effective sovereignty over territory and sea space other countries claim, the weaponisation of space, the 2016 US election hacks as well as submarine operations involving the US, Russia and China. The book concludes with a summary of the author’s views on the state of the ‘shadow war’, and what the US (and the West) need to do about it.

Electronics ◽  
2021 ◽  
Vol 10 (16) ◽  
pp. 2042
Jacek Krupski ◽  
Waldemar Graniszewski ◽  
Marcin Iwanowski

The enormous growth of services and data transmitted over the internet, the bloodstream of modern civilization, has caused a remarkable increase in cyber attack threats. This fact has forced the development of methods of preventing attacks. Among them, an important and constantly growing role is that of machine learning (ML) approaches. Convolutional neural networks (CNN) belong to the hottest ML techniques that have gained popularity, thanks to the rapid growth of computing power available. Thus, it is no wonder that these techniques have started to also be applied in the network traffic classification domain. This has resulted in a constant increase in the number of scientific papers describing various approaches to CNN-based traffic analysis. This paper is a survey of them, prepared with particular emphasis on a crucial but often disregarded aspect of this topic—the data transformation schemes. Their importance is a consequence of the fact that network traffic data and machine learning data have totally different structures. The former is a time series of values—consecutive bytes of the datastream. The latter, in turn, are one-, two- or even three-dimensional data samples of fixed lengths/sizes. In this paper, we introduce a taxonomy of data transformation schemes. Next, we use this categorization to describe various CNN-based analytical approaches found in the literature.

2021 ◽  
Vol 11 (16) ◽  
pp. 7738
Kyounggon Kim ◽  
Faisal Abdulaziz Alfouzan ◽  
Huykang Kim

Cyber-attacks have become commonplace in the world of the Internet. The nature of cyber-attacks is gradually changing. Early cyber-attacks were usually conducted by curious personal hackers who used simple techniques to hack homepages and steal personal information. Lately, cyber attackers have started using sophisticated cyber-attack techniques that enable them to retrieve national confidential information beyond the theft of personal information or defacing websites. These sophisticated and advanced cyber-attacks can disrupt the critical infrastructures of a nation. Much research regarding cyber-attacks has been conducted; however, there has been a lack of research related to measuring cyber-attacks from the perspective of offensive cybersecurity. This motivated us to propose a methodology for quantifying cyber-attacks such that they are measurable rather than abstract. For this purpose, we identified each element of offensive cybersecurity used in cyber-attacks. We also investigated the extent to which the detailed techniques identified in the offensive cyber-security framework were used, by analyzing cyber-attacks. Based on these investigations, the complexity and intensity of cyber-attacks can be measured and quantified. We evaluated advanced persistent threats (APT) and fileless cyber-attacks that occurred between 2010 and 2020 based on the methodology we developed. Based on our research methodology, we expect that researchers will be able to measure future cyber-attacks.

Electronics ◽  
2021 ◽  
Vol 10 (16) ◽  
pp. 1975
Rui Andrade ◽  
Sinan Wannous ◽  
Tiago Pinto ◽  
Isabel Praça

This paper explores the concept of the local energy markets and, in particular, the need for trust and security in the negotiations necessary for this type of market. A multi-agent system is implemented to simulate the local energy market, and a trust model is proposed to evaluate the proposals sent by the participants, based on forecasting mechanisms that try to predict their expected behavior. A cyber-attack detection model is also implemented using several supervised classification techniques. Two case studies were carried out, one to evaluate the performance of the various classification methods using the IoT-23 cyber-attack dataset; and another one to evaluate the performance of the developed trust mode.

Information ◽  
2021 ◽  
Vol 12 (8) ◽  
pp. 328
Ruobin Qi ◽  
Craig Rasband ◽  
Jun Zheng ◽  
Raul Longoria

Smart grids integrate advanced information and communication technologies (ICTs) into traditional power grids for more efficient and resilient power delivery and management, but also introduce new security vulnerabilities that can be exploited by adversaries to launch cyber attacks, causing severe consequences such as massive blackout and infrastructure damages. Existing machine learning-based methods for detecting cyber attacks in smart grids are mostly based on supervised learning, which need the instances of both normal and attack events for training. In addition, supervised learning requires that the training dataset includes representative instances of various types of attack events to train a good model, which is sometimes hard if not impossible. This paper presents a new method for detecting cyber attacks in smart grids using PMU data, which is based on semi-supervised anomaly detection and deep representation learning. Semi-supervised anomaly detection only employs the instances of normal events to train detection models, making it suitable for finding unknown attack events. A number of popular semi-supervised anomaly detection algorithms were investigated in our study using publicly available power system cyber attack datasets to identify the best-performing ones. The performance comparison with popular supervised algorithms demonstrates that semi-supervised algorithms are more capable of finding attack events than supervised algorithms. Our results also show that the performance of semi-supervised anomaly detection algorithms can be further improved by augmenting with deep representation learning.

Hodaya Binyamini ◽  
Ron Bitton ◽  
Masaki Inokuchi ◽  
Tomohiko Yagyu ◽  
Yuval Elovici ◽  

Sign in / Sign up

Export Citation Format

Share Document