Open AccessPosted Content
A System-level Behavioral Detection Framework for Compromised CPS Devices: Smart-Grid Case
TL;DR: This article introduces a novel and configurable system-level framework that is the first in detecting compromised CPS smart grid devices with system and function-level call tracing techniques and reveals an excellent rate for the detection of compromised devices.
read more
Abstract: Cyber-Physical Systems (CPS) play a significant role in our critical infrastructure networks from power-distribution to utility networks. The emerging smart-grid concept is a compelling critical CPS infrastructure that relies on two-way communications between smart devices to increase efficiency, enhance reliability, and reduce costs. However, compromised devices in the smart grid poses several security challenges. Consequences of propagating fake data or stealing sensitive smart grid information via compromised devices are costly. Hence, early behavioral detection of compromised devices is critical for protecting the smart grid's components and data. To address these concerns, in this paper, we introduce a novel and configurable system-level framework to identify compromised smart grid devices. The framework combines system and function call tracing techniques with signal processing and statistical analysis to detect compromised devices based on their behavioral characteristics. We measure the efficacy of our framework with a realistic smart grid substation testbed that includes both resource-limited and resource-rich devices. In total, using our framework, we analyze six different types of compromised device scenarios with different resources and attack payloads. To the best of our knowledge, the proposed framework is the first in detecting compromised CPS smart grid devices with system and function-level call tracing techniques. The experimental results reveal an excellent rate for the detection of compromised devices. Specifically, performance metrics include accuracy values between 95% and 99% for the different attack scenarios. Finally, the performance analysis demonstrates that the use of the proposed framework has minimal overhead on the smart grid devices' computing resources.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
A survey on IoT platforms: Communication, security, and privacy perspectives
TL;DR: This survey conducts an in-depth analysis of popular IoT platforms from different application domains and defines a comprehensive evaluation framework that considers seven different technical comparison criteria to evaluate the different IoT platforms highlighting their distinguishing attributes on communications, security, and privacy.
129
A Survey on Sensor-Based Threats and Attacks to Smart Devices and Applications
TL;DR: This paper presents a detailed survey about existing sensor- based threats and attacks to smart devices and countermeasures that have been developed to secure smart devices from sensor-based threats.
118
A Comprehensive Survey on Cyber-Physical Smart Grid Testbed Architectures: Requirements and Challenges
Abdallah A. Smadi,Babatunde Ajao,Brian K. Johnson,Hangtian Lei,Yacine Chakhchoukh,Qasem Abu Al-Haija +5 more
TL;DR: A comprehensive review of the advancement of CP-SGs with their corresponding testbeds including diverse testing paradigms has been performed and broadly discusses CP-SG testbed architectures along with the associated functions and main vulnerabilities.
68
Z-IoT: Passive Device-class Fingerprinting of ZigBee and Z-Wave IoT Devices
Leonardo Babun,Hidayet Aksu,Lucas Ryan,Kemal Akkaya,Elizabeth S. Bentley,A. Selcuk Uluagac +5 more
- 07 Jun 2020
TL;DR: Z-IoT is proposed, the first fingerprinting framework used to identify IoT device classes that utilize ZigBee and Z-Wave protocols, and shows excellent performance in identifying different classes of IoT devices with average precision and recall.
65
MINOS: A Lightweight Real-Time Cryptojacking Detection System.
Faraz Naseem Naseem,Ahmet Aris,Leonardo Babun,Ege Tekiner,A. Selcuk Uluagac +4 more
- 01 Jan 2021
TL;DR: MINOS is proposed, a novel, extremely lightweight cryptojacking detection system that uses deep learning techniques to accurately detect the presence of unwarranted Wasm-based mining activity in real-time, and achieves exceptional accuracy with a low TNR and FPR.
References
A Survey on Cyber Security for Smart Grid Communications
TL;DR: The cyber security requirements and the possible vulnerabilities in smart grid communications are summarized and the current solutions on cyber security for smartgrid communications are surveyed.
The real story of stuxnet
TL;DR: Kaspersky Lab tracked down the malware that stymied Iran's nuclear-fuel enrichment program as mentioned in this paper, which was later used by the US government to stop Iran's enrichment program.
727
A fast automaton-based method for detecting anomalous program behaviors
R. C. Sekar,M. Bendre,Dinakar Dhurjati,P. Bollineni +3 more
- 14 May 2001
TL;DR: This paper describes the FSA based technique and presents a comprehensive experimental evaluation of the technique, which can capture both short term and long term temporal relationships among system calls, and thus perform more accurate detection.
Smart-grid security issues
Himanshu Khurana,Mark D. Hadley,Ning Lu,Deborah A. Frincke +3 more
- 01 Jan 2010
TL;DR: This article has given a broadbrush description of issues related to smart-grid security; in some cases solutions exist, whereas in others research investments will be needed.
685
Machine Learning Methods for Attack Detection in the Smart Grid
TL;DR: Experimental analyses show that machine learning algorithms can detect attacks with performances higher than attack detection algorithms that employ state vector estimation methods in the proposed attack detection framework.