Fabricated traps based active cyber security defense against targeted cyber-attack in electric power dispatching systems

被引：0

作者：

Li Z. ^{[1
]}

Su S. ^{[1
]}

Zeng X. ^{[1
]}

Wang D. ^{[2
]}

He F. ^{[3
]}

机构：

[1] Hunan Province Key Laboratory of Smart Grids Operation and Control, Changsha University of Science and Technology, Changsha

[2] NARI Group Corporation, State Grid Electrical Power Research Institute (Beijing), Beijing

[3] China Institute of Water Resources and Hydropower Research, Beijing

来源：

Su, Sheng (eessheng@163.com) | 1600年 / Automation of Electric Power Systems Press卷 / 40期

基金：

中国国家自然科学基金;

关键词：

Blackout; Cyber security; Dispatching automation; Resilience; Targeted cyber-attack;

D O I：

10.7500/AEPS20160109005

中图分类号：

学科分类号：

摘要：

As a “brain” to control the power grid operation, the dispatching automation system is a high-value target for cyber-attack. The targeted malware, developed by well-organized adversary with in-depth context information, could intrude into the dispatching system and initiate precise attack following the propagation pattern of Stuxnet. The likelihood of cyber-attack could not be entirely eliminated by the existing cyber security defense approaches in domestic electric power system, such as the protective systems based on network border security and trusted computing technologies. In order to prevent blackout caused by targeted malware from intruding into the mainframe of the dispatching system, an active cyber defense approach based on fabricated traps is proposed in the project to facilitate a resilient dispatching system. According to the strategy that could be utilized for cyber-attack, important transmission lines are fabricated as traps to lure the malware to attack these fabricated important elements. When the traps are attacked, the dispatching system will be switched to an alternate one to guard against cyber-attack. A simulation analysis based on IEEE 118-bus system shows that fabricated important elements are not only able to prevent the selective remote tripping attack on the real ones, but also to significantly reduce the harm of random attacks. © 2016 Automation of Electric Power Systems Press.

引用

页码：106 / 112

页数：6

共 17 条

[1] Guo C., Lu H., Yu B., Et al., A survey of research on security risk assessment of secondary system, Power System Technology, 37, 1, pp. 112-118, (2013)
[2] Liu N., Yu X., Zhang J., Coordinated cyber-attack: inference and thinking of incident on Ukrainian power grid, Automation of Electric Power Systems, 40, 6, pp. 144-147, (2016)
[3] Su S., Wu C., Ma J., Et al., Attacker's perspective based analysis on cyber-attack mode to cyber-physical system, Power System Technology, 38, 11, pp. 3115-3120, (2014)
[4] Chen L., Mei S., Chen Y., Smart grid information security and its influence on power system survivability, Control Theory & Application, 29, 2, pp. 40-44, (2012)
[5] Peng Y., Jiang C., Xie F., Industrial control system cybersecurity research, Journal of Tsinghua University (Science and Technology), 52, 10, pp. 1396-1408, (2012)
[6] Duan B., Sun L., SAML based intelligent logging-on system in electric enterprise integration services, Automation of Electric Power Systems, 30, 15, pp. 30-34, (2006)
[7] Wang B., You D., Yin X., A security risk assessment system of complicated grid based on multiple factor analysis, Power System Technology, 35, 1, pp. 40-45, (2011)
[8] Liu N., Zhang J., Zhang H., Security assessment for communication networks of power control systems using attack graph and MCDM, IEEE Trans on Power Delivery, 25, 3, pp. 1492-1500, (2010)
[9] Liu N., Zhang J., Duan B., Vulnerability assessment for communication system of networked based substation automation system, Automation of Electric Power Systems, 32, 8, pp. 28-33, (2008)
[10] Liu N., Duan B., Discussion on security message of IEC 60870-5-104 telecontrol protocol, Automation of Electric Power Systems, 29, 2, pp. 93-96, (2005)

← 1 2 →