Moving target defense for securing smart grid communications: Architecture, implementation evaluation
| Title | Moving target defense for securing smart grid communications: Architecture, implementation evaluation |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Pappa, A. C., Ashok, A., Govindarasu, M. |
| Conference Name | 2017 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT) |
| Keywords | attack complexity, attacker, CI, communication network, computer network security, computer security, Conferences, critical infrastructure, critical infrastructures, data acquisition, end-to-end IP-Hopping technique, hopping rates, Iowa State PowerCyber, IP-Hopping, Logic gates, Manganese, Metrics, moving target defense, Moving Target Defense strategy, MTD Architecture, port mutation, power grid SCADA environment, power system security, privacy, pubcrawl, realistic environment, Resiliency, SCADA communications, SCADA system, SCADA systems, security of data, smart grid communications, smart power grids, sophisticated cyber-attacks, static system characteristics, supervisory control and data acquisition, target system, targeted cyber-attacks, Throughput, throughput characteristics, trusted peers |
| Abstract | Supervisory Control and Data Acquisition(SCADA) communications are often subjected to various sophisticated cyber-attacks mostly because of their static system characteristics, enabling an attacker for easier profiling of the target system(s) and thereby impacting the Critical Infrastructures(CI). In this Paper, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, leveraging the existing communication network with an end-to-end IP-Hopping technique among trusted peers. The main contribution involves the design and implementation of MTD Architecture on Iowa State's PowerCyber testbed for targeted cyber-attacks, without compromising the availability of a SCADA system and studying the delay and throughput characteristics for different hopping rates in a realistic environment. Finally, we study two cases and provide mitigations for potential weaknesses of the proposed mechanism. Also, we propose to incorporate port mutation to further increase attack complexity as part of future work. |
| URL | https://ieeexplore.ieee.org/document/8085954/ |
| DOI | 10.1109/ISGT.2017.8085954 |
| Citation Key | pappa_moving_2017 |
- smart grid communications
- power grid SCADA environment
- power system security
- privacy
- pubcrawl
- realistic environment
- Resiliency
- SCADA communications
- SCADA system
- SCADA systems
- security of data
- port mutation
- smart power grids
- sophisticated cyber-attacks
- static system characteristics
- supervisory control and data acquisition
- target system
- targeted cyber-attacks
- Throughput
- throughput characteristics
- trusted peers
- end-to-end IP-Hopping technique
- attacker
- CI
- Communication Network
- computer network security
- computer security
- Conferences
- critical infrastructure
- critical infrastructures
- data acquisition
- attack complexity
- hopping rates
- Iowa State PowerCyber
- IP-Hopping
- Logic gates
- Manganese
- Metrics
- moving target defense
- Moving Target Defense strategy
- MTD Architecture