电力系统网络物理试验台的中间人攻击与防御

IF 1.7 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS IET Cyber-Physical Systems: Theory and Applications Pub Date : 2021-06-28 DOI:10.1049/cps2.12014
Patrick Wlazlo, Abhijeet Sahu, Zeyu Mao, Hao Huang, Ana Goulart, Katherine Davis, Saman Zonouz
{"title":"电力系统网络物理试验台的中间人攻击与防御","authors":"Patrick Wlazlo,&nbsp;Abhijeet Sahu,&nbsp;Zeyu Mao,&nbsp;Hao Huang,&nbsp;Ana Goulart,&nbsp;Katherine Davis,&nbsp;Saman Zonouz","doi":"10.1049/cps2.12014","DOIUrl":null,"url":null,"abstract":"<p>Man-in-The-Middle (MiTM) attacks present numerous threats to a smart grid. In a MiTM attack, an intruder embeds itself within a conversation between two devices to either eavesdrop or impersonate one of the devices, making it appear to be a normal exchange of information. Thus, the intruder can perform false data injection (FDI) and false command injection (FCI) attacks that can compromise power system operations, such as state estimation, economic dispatch, and automatic generation control (AGC). Very few researchers have focused on MiTM methods that are difficult to detect within a smart grid. To address this, we are designing and implementing multi-stage MiTM intrusions in an emulation-based cyber-physical power system testbed against a large-scale synthetic grid model to demonstrate how such attacks can cause physical contingencies such as misguided operation and false measurements. MiTM intrusions create FCI, FDI, and replay attacks in this synthetic power grid. This work enables stakeholders to defend against these stealthy attacks, and we present detection mechanisms that are developed using multiple alerts from intrusion detection systems and network monitoring tools. Our contribution will enable other smart grid security researchers and industry to develop further detection mechanisms for inconspicuous MiTM attacks.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"6 3","pages":"164-177"},"PeriodicalIF":1.7000,"publicationDate":"2021-06-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12014","citationCount":"48","resultStr":"{\"title\":\"Man-in-the-middle attacks and defence in a power system cyber-physical testbed\",\"authors\":\"Patrick Wlazlo,&nbsp;Abhijeet Sahu,&nbsp;Zeyu Mao,&nbsp;Hao Huang,&nbsp;Ana Goulart,&nbsp;Katherine Davis,&nbsp;Saman Zonouz\",\"doi\":\"10.1049/cps2.12014\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Man-in-The-Middle (MiTM) attacks present numerous threats to a smart grid. In a MiTM attack, an intruder embeds itself within a conversation between two devices to either eavesdrop or impersonate one of the devices, making it appear to be a normal exchange of information. Thus, the intruder can perform false data injection (FDI) and false command injection (FCI) attacks that can compromise power system operations, such as state estimation, economic dispatch, and automatic generation control (AGC). Very few researchers have focused on MiTM methods that are difficult to detect within a smart grid. To address this, we are designing and implementing multi-stage MiTM intrusions in an emulation-based cyber-physical power system testbed against a large-scale synthetic grid model to demonstrate how such attacks can cause physical contingencies such as misguided operation and false measurements. MiTM intrusions create FCI, FDI, and replay attacks in this synthetic power grid. This work enables stakeholders to defend against these stealthy attacks, and we present detection mechanisms that are developed using multiple alerts from intrusion detection systems and network monitoring tools. Our contribution will enable other smart grid security researchers and industry to develop further detection mechanisms for inconspicuous MiTM attacks.</p>\",\"PeriodicalId\":36881,\"journal\":{\"name\":\"IET Cyber-Physical Systems: Theory and Applications\",\"volume\":\"6 3\",\"pages\":\"164-177\"},\"PeriodicalIF\":1.7000,\"publicationDate\":\"2021-06-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12014\",\"citationCount\":\"48\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Cyber-Physical Systems: Theory and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/cps2.12014\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Cyber-Physical Systems: Theory and Applications","FirstCategoryId":"1085","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cps2.12014","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 48

摘要

中间人攻击(MiTM)给智能电网带来了许多威胁。在MiTM攻击中,入侵者将自己嵌入到两个设备之间的对话中,以窃听或冒充其中一个设备,使其看起来像是正常的信息交换。因此,入侵者可以执行虚假数据注入(FDI)和虚假命令注入(FCI)攻击,从而危及电力系统的运行,例如状态估计、经济调度和自动发电控制(AGC)。很少有研究人员关注智能电网中难以检测的MiTM方法。为了解决这个问题,我们正在设计和实施基于仿真的网络物理电力系统测试平台上的多阶段MiTM入侵,以对抗大规模合成网格模型,以演示此类攻击如何导致物理突发事件,例如错误的操作和错误的测量。MiTM入侵在这个综合电网中创建FCI, FDI和重放攻击。这项工作使利益相关者能够防御这些隐形攻击,我们提出了使用入侵检测系统和网络监控工具的多个警报开发的检测机制。我们的贡献将使其他智能电网安全研究人员和行业能够开发出针对不明显的MiTM攻击的进一步检测机制。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

摘要图片

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Man-in-the-middle attacks and defence in a power system cyber-physical testbed

Man-in-The-Middle (MiTM) attacks present numerous threats to a smart grid. In a MiTM attack, an intruder embeds itself within a conversation between two devices to either eavesdrop or impersonate one of the devices, making it appear to be a normal exchange of information. Thus, the intruder can perform false data injection (FDI) and false command injection (FCI) attacks that can compromise power system operations, such as state estimation, economic dispatch, and automatic generation control (AGC). Very few researchers have focused on MiTM methods that are difficult to detect within a smart grid. To address this, we are designing and implementing multi-stage MiTM intrusions in an emulation-based cyber-physical power system testbed against a large-scale synthetic grid model to demonstrate how such attacks can cause physical contingencies such as misguided operation and false measurements. MiTM intrusions create FCI, FDI, and replay attacks in this synthetic power grid. This work enables stakeholders to defend against these stealthy attacks, and we present detection mechanisms that are developed using multiple alerts from intrusion detection systems and network monitoring tools. Our contribution will enable other smart grid security researchers and industry to develop further detection mechanisms for inconspicuous MiTM attacks.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
IET Cyber-Physical Systems: Theory and Applications
IET Cyber-Physical Systems: Theory and Applications Computer Science-Computer Networks and Communications
CiteScore
5.40
自引率
6.70%
发文量
17
审稿时长
19 weeks
期刊最新文献
Guest Editorial: IoT-based secure health monitoring and tracking through estimated computing SEIR-driven semantic integration framework: Internet of Things-enhanced epidemiological surveillance in COVID-19 outbreaks using recurrent neural networks A machine learning model for Alzheimer's disease prediction Securing the Internet of Medical Things with ECG-based PUF encryption Status, challenges, and promises of data-driven battery lifetime prediction under cyber-physical system context
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1