SDN-Based Dynamic Cybersecurity Framework of IEC-61850 Communications in
Smart Grid
- URL: http://arxiv.org/abs/2311.12205v2
- Date: Thu, 7 Mar 2024 17:17:43 GMT
- Title: SDN-Based Dynamic Cybersecurity Framework of IEC-61850 Communications in
Smart Grid
- Authors: Mansi Girdhar, Junho Hong, Wencong Su, Akila Herath, Chen-Ching Liu
- Abstract summary: Cyber breaches into power grid substations present a risk.
Nowadays, software-defined network (SDN) is being widely used in the substation automation system.
We propose a hybrid intrusion detection system (IDS)-integrated SDN architecture for detecting and preventing the injection of malicious IEC 61850-based generic object-oriented substation event (GOOSE) messages.
- Score: 0.5399800035598186
- License: http://creativecommons.org/licenses/by-sa/4.0/
- Abstract: In recent years, critical infrastructure and power grids have experienced a
series of cyber-attacks, leading to temporary, widespread blackouts of
considerable magnitude. Since most substations are unmanned and have limited
physical security protection, cyber breaches into power grid substations
present a risk. Nowadays, software-defined network (SDN), a popular virtual
network technology based on the OpenFlow protocol is being widely used in the
substation automation system. However, the susceptibility of SDN architecture
to cyber-attacks has exhibited a notable increase in recent years, as indicated
by research findings. This suggests a growing concern regarding the potential
for cybersecurity breaches within the SDN framework. In this paper, we propose
a hybrid intrusion detection system (IDS)-integrated SDN architecture for
detecting and preventing the injection of malicious IEC 61850-based generic
object-oriented substation event (GOOSE) messages in a digital substation.
Additionally, this program locates the fault's location and, as a form of
mitigation, disables a certain port. Furthermore, implementation examples are
demonstrated and verified using a hardware-in-the-loop (HIL) testbed that
mimics the functioning of a digital substation.
Related papers
- A Virtual Cybersecurity Department for Securing Digital Twins in Water Distribution Systems [39.58317527488534]
Digital twins (DTs) help improve real-time monitoring and decision-making in water distribution systems.
Their connectivity makes them easy targets for cyberattacks such as scanning, denial-of-service (DoS), and unauthorized access.
We present a Virtual Cybersecurity Department (VCD), an affordable and automated framework designed for SMEs.
arXiv Detail & Related papers (2025-04-28T21:14:48Z) - Substation Bill of Materials: A Novel Approach to Managing Supply Chain Cyber-risks on IEC 61850 Digital Substations [44.99833362998488]
Substation Bill of Materials (Subs-BOM) is capable of modeling all the IEDs in a DS and their relationships from a cybersecurity perspective.
Subs-BOM provides energy utilities with an accurate and complete inventory of the devices, the firmware they are running, and the services that are deployed into the DS.
arXiv Detail & Related papers (2025-03-25T13:28:36Z) - Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - SDN-Based Smart Cyber Switching (SCS) for Cyber Restoration of a Digital Substation [0.4749981032986242]
This paper proposes a cybersecurity framework to bolster the resilience of substations based on the IEC-61850 standard.
The framework's effectiveness is validated through comprehensive simulations and a hardware-in-the-loop (HIL) testbed.
arXiv Detail & Related papers (2024-11-11T23:22:02Z) - Countering Autonomous Cyber Threats [40.00865970939829]
Foundation Models present dual-use concerns broadly and within the cyber domain specifically.
Recent research has shown the potential for these advanced models to inform or independently execute offensive cyberspace operations.
This work evaluates several state-of-the-art FMs on their ability to compromise machines in an isolated network and investigates defensive mechanisms to defeat such AI-powered attacks.
arXiv Detail & Related papers (2024-10-23T22:46:44Z) - Security Evaluation in Software-Defined Networks [1.9713190626298576]
Cloud computing has led to a significant increase in Data Centre (DC) network requirements.
Traditional DCs are struggling to meet the flexible, centrally managed requirements of cloud computing applications.
This article presents a framework for evaluating security of Software-Defined Networks (SDN)
arXiv Detail & Related papers (2024-08-21T09:56:14Z) - A Security Assessment tool for Quantum Threat Analysis [34.94301200620856]
The rapid advancement of quantum computing poses a significant threat to many current security algorithms used for secure communication, digital authentication, and information encryption.
A sufficiently powerful quantum computer could potentially exploit vulnerabilities in these algorithms, rendering data in insecure transit.
This work developed a quantum assessment tool for organizations, providing tailored recommendations for transitioning their security protocols into a post-quantum world.
arXiv Detail & Related papers (2024-07-18T13:58:34Z) - DynamiQS: Quantum Secure Authentication for Dynamic Charging of Electric Vehicles [61.394095512765304]
Dynamic Wireless Power Transfer (DWPT) is a novel technology that allows charging an electric vehicle while driving.
Recent advancements in quantum computing jeopardize classical public key cryptography.
We propose DynamiQS, the first post-quantum secure authentication protocol for dynamic wireless charging.
arXiv Detail & Related papers (2023-12-20T09:40:45Z) - Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
This paper provides a classification of IoT malware.
Major targets and used exploits for attacks are identified and referred to the specific malware.
The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
arXiv Detail & Related papers (2023-12-01T16:10:43Z) - FedDiSC: A Computation-efficient Federated Learning Framework for Power
Systems Disturbance and Cyber Attack Discrimination [1.0621485365427565]
This paper proposes a novel Federated Learning-based privacy-preserving and communication-efficient attack detection framework, known as FedDiSC.
We put forward a representation learning-based Deep Auto-Encoder network to accurately detect power system and cybersecurity anomalies.
To adapt our proposed framework to the timeliness of real-world cyberattack detection in SGs, we leverage the use of a gradient privacy-preserving quantization scheme known as DP-SIGNSGD.
arXiv Detail & Related papers (2023-04-07T13:43:57Z) - Physical Side-Channel Attacks on Embedded Neural Networks: A Survey [0.32634122554913997]
Neural Networks (NN) are expected to become ubiquitous in IoT systems by transforming all sorts of real-world applications.
embedded NN implementations are vulnerable to Side-Channel Analysis (SCA) attacks.
This paper surveys state-of-the-art physical SCA attacks relative to the implementation of embedded NNs on micro-controllers and FPGAs.
arXiv Detail & Related papers (2021-10-21T17:18:52Z) - A Novel Online Incremental Learning Intrusion Prevention System [2.5234156040689237]
This paper proposes a novel Network Intrusion Prevention System that utilise a SelfOrganizing Incremental Neural Network along with a Support Vector Machine.
Due to its structure, the proposed system provides a security solution that does not rely on signatures or rules and is capable to mitigate known and unknown attacks in real-time with high accuracy.
arXiv Detail & Related papers (2021-09-20T13:30:11Z) - TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack.
Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets.
TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
arXiv Detail & Related papers (2021-03-10T19:03:38Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.