{"title":"基于半监督检测算法的协议分析仪和RTU硬件网络攻击仿真实验室搭建","authors":"A. Parizad, C. Hatziadoniu","doi":"10.1109/TPEC51183.2021.9384972","DOIUrl":null,"url":null,"abstract":"The integration of Information and Communication Technologies (ICT) into the modern power system makes it a complicated cyber-physical system (CPS). In this case, an adversary may find some loopholes, penetrate to CPS layer, compromise data, and consequently result in security and stability issues. In this paper, we proposed a laboratory set up to emulate the attacker's behavior and then detect the injected false data. To this end, RTU hardware and software are used to simulate a typical SCADA system. A protocol analyzer software is also employed to simulate a cyber-attack, inject false data, and send it to the control center. In the second stage, we developed a two-stage framework to detect FDIA. First, the LSTM, as a supervised learning algorithm, is utilized to build a predictive model. In this process, hyperparameter optimization is implemented to improve the accuracy of the developed model. In the second stage, an unsupervised scoring algorithm is applied to the real-time data to find the sequences of injected false data. Also, a penalty factor is considered during the detection procedure to prevent the algorithm from greedy search behavior. Simulation results on a real-world data set (Chicago load/weather) show the proposed method's effectiveness in the cyberattack implementation and FDIA detection problem.","PeriodicalId":354018,"journal":{"name":"2021 IEEE Texas Power and Energy Conference (TPEC)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-02-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A Laboratory Set-Up for Cyber Attacks Simulation Using Protocol Analyzer and RTU Hardware Applying Semi-Supervised Detection Algorithm\",\"authors\":\"A. Parizad, C. Hatziadoniu\",\"doi\":\"10.1109/TPEC51183.2021.9384972\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The integration of Information and Communication Technologies (ICT) into the modern power system makes it a complicated cyber-physical system (CPS). In this case, an adversary may find some loopholes, penetrate to CPS layer, compromise data, and consequently result in security and stability issues. In this paper, we proposed a laboratory set up to emulate the attacker's behavior and then detect the injected false data. To this end, RTU hardware and software are used to simulate a typical SCADA system. A protocol analyzer software is also employed to simulate a cyber-attack, inject false data, and send it to the control center. In the second stage, we developed a two-stage framework to detect FDIA. First, the LSTM, as a supervised learning algorithm, is utilized to build a predictive model. In this process, hyperparameter optimization is implemented to improve the accuracy of the developed model. In the second stage, an unsupervised scoring algorithm is applied to the real-time data to find the sequences of injected false data. Also, a penalty factor is considered during the detection procedure to prevent the algorithm from greedy search behavior. Simulation results on a real-world data set (Chicago load/weather) show the proposed method's effectiveness in the cyberattack implementation and FDIA detection problem.\",\"PeriodicalId\":354018,\"journal\":{\"name\":\"2021 IEEE Texas Power and Energy Conference (TPEC)\",\"volume\":\"13 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-02-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 IEEE Texas Power and Energy Conference (TPEC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/TPEC51183.2021.9384972\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE Texas Power and Energy Conference (TPEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/TPEC51183.2021.9384972","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Laboratory Set-Up for Cyber Attacks Simulation Using Protocol Analyzer and RTU Hardware Applying Semi-Supervised Detection Algorithm
The integration of Information and Communication Technologies (ICT) into the modern power system makes it a complicated cyber-physical system (CPS). In this case, an adversary may find some loopholes, penetrate to CPS layer, compromise data, and consequently result in security and stability issues. In this paper, we proposed a laboratory set up to emulate the attacker's behavior and then detect the injected false data. To this end, RTU hardware and software are used to simulate a typical SCADA system. A protocol analyzer software is also employed to simulate a cyber-attack, inject false data, and send it to the control center. In the second stage, we developed a two-stage framework to detect FDIA. First, the LSTM, as a supervised learning algorithm, is utilized to build a predictive model. In this process, hyperparameter optimization is implemented to improve the accuracy of the developed model. In the second stage, an unsupervised scoring algorithm is applied to the real-time data to find the sequences of injected false data. Also, a penalty factor is considered during the detection procedure to prevent the algorithm from greedy search behavior. Simulation results on a real-world data set (Chicago load/weather) show the proposed method's effectiveness in the cyberattack implementation and FDIA detection problem.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
