Visible to the public Biblio

Filters: Keyword is vulnerability analysis  [Clear All Filters]
2023-05-11
Zhang, Zhi Jin, Bloch, Matthieu, Saeedifard, Maryam.  2022.  Load Redistribution Attacks in Multi-Terminal DC Grids. 2022 IEEE Energy Conversion Congress and Exposition (ECCE). :1–7.
The modernization of legacy power grids relies on the prevalence of information technology (IT). While the benefits are multi-fold and include increased reliability, more accurate monitoring, etc., the reliance on IT increases the attack surface of power grids by making them vulnerable to cyber-attacks. One of the modernization paths is the emergence of multi-terminal dc systems that offer numerous advantages over traditional ac systems. Therefore, cyber-security issues surrounding dc networks need to be investigated. Contributing to this effort, a class of false data injection attacks, called load redistribution (LR) attacks, that targets dc grids is proposed. These attacks aim to compromise the system load data and lead the system operator to dispatch incorrect power flow commands that lead to adverse consequences. Although similar attacks have been recently studied for ac systems, their feasibility in the converter-based dc grids has yet to be demonstrated. Such an attack assessment is necessary because the dc grids have a much smaller control timescale and are more dependent on IT than their traditional ac counterparts. Hence, this work formulates and evaluates dc grid LR attacks by incorporating voltage-sourced converter (VSC) control strategies that appropriately delineate dc system operations. The proposed attack strategy is solved with Gurobi, and the results show that both control and system conditions can affect the success of an LR attack.
ISSN: 2329-3748
2023-03-03
Nkoro, Ebuka Chinaechetam, Nwakanma, Cosmas Ifeanyi, Lee, Jae-Min, Kim, Dong-Seong.  2022.  Industrial Network Attack Vulnerability Detection and Analysis using Shodan Eye Scanning Technology. 2022 13th International Conference on Information and Communication Technology Convergence (ICTC). :886–889.
Exploring the efficient vulnerability scanning and detection technology of various tools is one fundamental aim of network security. This network security technique ameliorates the tremendous number of IoT security challenges and the threats they face daily. However, among various tools, Shodan Eye scanning technology has proven to be very helpful for network administrators and security personnel to scan, detect and analyze vulnerable ports and traffic in organizations' networks. This work presents a simulated network scanning activity and manual vulnerability analysis of an internet-connected industrial equipment of two chosen industrial networks (Industry A and B) by running Shodan on a virtually hosted (Oracle Virtual Box)-Linux-based operating system (Kali Linux). The result shows that the shodan eye is a a promising tool for network security and efficient vulnerability research.
ISSN: 2162-1241
2023-02-03
Zou, Zhenwan, Yin, Jun, Yang, Ling, Luo, Cheng, Fei, Jiaxuan.  2022.  Research on Nondestructive Vulnerability Detection Technology of Power Industrial Control System. 2022 IEEE 6th Information Technology and Mechatronics Engineering Conference (ITOEC). 6:1591–1594.

The power industrial control system is an important part of the national critical Information infrastructure. Its security is related to the national strategic security and has become an important target of cyber attacks. In order to solve the problem that the vulnerability detection technology of power industrial control system cannot meet the requirement of non-destructive, this paper proposes an industrial control vulnerability analysis technology combined with dynamic and static analysis technology. On this basis, an industrial control non-destructive vulnerability detection system is designed, and a simulation verification platform is built to verify the effectiveness of the industrial control non-destructive vulnerability detection system. These provide technical support for the safety protection research of the power industrial control system.

ISSN: 2693-289X

2022-07-29
Pan, Huan, Li, Xiao, Cao, Ruijia, Na, Chunning.  2021.  Power Grid Nodal Vulnerability Analysis Combining Topology and State Information. 2021 IEEE 5th Conference on Energy Internet and Energy System Integration (EI2). :2546—2551.
The security of the power grid is the first element of its operation. This paper aims at finding the vulnerability nodes in the power grid to prevent it from being destroyed. A novel comprehensive vulnerability index is proposed to the singleness of evaluation indicators for existing literature by integrating the power grid's topology information and operating state. Taking IEEE-118 as an example, the simulation analysis proves that the proposed vulnerability index has certain discriminative advantages and the best weighting factor is obtained through correlation analysis.
Luo, Weifeng, Xiao, Liang.  2021.  Reinforcement Learning Based Vulnerability Analysis of Data Injection Attack for Smart Grids. 2021 40th Chinese Control Conference (CCC). :6788—6792.
Smart grids have to protect meter measurements against false data injection attacks. By modifying the meter measurements, the attacker misleads the control decisions of the control center, which results in physical damages of power systems. In this paper, we propose a reinforcement learning based vulnerability analysis scheme for data injection attack without relying on the power system topology. This scheme enables the attacker to choose the data injection attack vector based on the meter measurements, the power system status, the previous injected errors and the number of meters to compromise. By combining deep reinforcement learning with prioritized experience replay, the proposed scheme more frequently replays the successful vulnerability detection experiences while bypassing the bad data detection, which is able to accelerate the learning speed. Simulation results based on the IEEE 14 bus system show that this scheme increases the probability of successful vulnerability detection and reduce the number of meters to compromise compared with the benchmark scheme.
Fuquan, Huang, Zhiwei, Liu, Jianyong, Zhou, Guoyi, Zhang, Likuan, Gong.  2021.  Vulnerability Analysis of High-Performance Transmission and Bearer Network of 5G Smart Grid Based on Complex Network. 2021 IEEE 9th International Conference on Information, Communication and Networks (ICICN). :292—297.
5G smart grid applications rely on its high-performance transmission and bearer network. With the help of complex network theory, this paper first analyzes the complex network characteristic parameters of 5G smart grid, and explains the necessity and supporting significance of network vulnerability analysis for efficient transmission of 5G network. Then the node importance analysis algorithm based on node degree and clustering coefficient (NIDCC) is proposed. According to the results of simulation analysis, the power network has smaller path length and higher clustering coefficient in terms of static parameters, which indicates that the speed and breadth of fault propagation are significantly higher than that of random network. It further shows the necessity of network vulnerability analysis. By comparing with the other two commonly used algorithms, we can see that NIDCC algorithm can more accurately estimate and analyze the weak links of the network. It is convenient to carry out the targeted transformation of the power grid and the prevention of blackout accidents.
2022-04-18
Kholidy, Hisham A., Karam, Andrew, Sidoran, James L., Rahman, Mohammad A..  2021.  5G Core Security in Edge Networks: A Vulnerability Assessment Approach. 2021 IEEE Symposium on Computers and Communications (ISCC). :1–6.
The 5G technology will play a crucial role in global economic growth through numerous industrial developments. However, it is essential to ensure the security of these developed systems, while 5G brings unique security challenges. This paper contributes explicitly to the need for an effective Vulnerability Assessment Approach (VAA) to identify and assess the vulnerabilities in 5G networks in an accurate, salable, and dynamic way. The proposed approach develops an optimized mechanism based on the Technique for Order Preference by Similarity to an Ideal Solution (TOPSIS) to analyze the vulnerabilities in 5G Edge networks from the attacker perspective while considering the dynamic and scalable Edge properties. Furthermore, we introduce a cloud-based 5G Edge security testbed to test and evaluate the accuracy, scalability, and performance of the proposed VAA.
2021-05-18
Sinhabahu, Nadun, Wimalaratne, Prasad, Wijesiriwardana, Chaman.  2020.  Secure Codecity with Evolution: Visualizing Security Vulnerability Evolution of Software Systems. 2020 20th International Conference on Advances in ICT for Emerging Regions (ICTer). :1–2.
The analysis of large-scale software and finding security vulnerabilities while its evolving is difficult without using supplementary tools, because of the size and complexity of today's systems. However just by looking at a report, doesn't transmit the overall picture of the system in terms of security vulnerabilities and its evolution throughout the project lifecycle. Software visualization is a program comprehension technique used in the context of the present and explores large amounts of information precisely. For the analysis of security vulnerabilities of complex software systems, Secure Codecity with Evolution is an interactive 3D visualization tool that can be utilized. Its studies techniques and methods are used for graphically illustrating security aspects and the evolution of software. The Main goal of the proposed Framework defined as uplift, simplify, and clarify the mental representation that a software engineer has of a software system and its evolution in terms of its security. Static code was visualised based on a city metaphor, which represents classes as buildings and packages as districts of a city. Identified Vulnerabilities were represented in a different color according to the severity. To visualize a number of different aspects, A large variety of options were given. Users can evaluate the evolution of the security vulnerabilities of a system on several versions using Matrices provided which will help users go get an overall understanding about security vulnerabilities varies with different versions of software. This framework was implemented using SonarQube for software vulnerability detection and ThreeJs for implementing the City Metaphor. The evaluation results evidently show that our framework surpasses the existing tools in terms of accuracy, efficiency and usability.
2021-02-03
Ani, U. D., He, H., Tiwari, A..  2020.  Vulnerability-Based Impact Criticality Estimation for Industrial Control Systems. 2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1—8.

Cyber threats directly affect the critical reliability and availability of modern Industry Control Systems (ICS) in respects of operations and processes. Where there are a variety of vulnerabilities and cyber threats, it is necessary to effectively evaluate cyber security risks, and control uncertainties of cyber environments, and quantitative evaluation can be helpful. To effectively and timely control the spread and impact produced by attacks on ICS networks, a probabilistic Multi-Attribute Vulnerability Criticality Analysis (MAVCA) model for impact estimation and prioritised remediation is presented. This offer a new approach for combining three major attributes: vulnerability severities influenced by environmental factors, the attack probabilities relative to the vulnerabilities, and functional dependencies attributed to vulnerability host components. A miniature ICS testbed evaluation illustrates the usability of the model for determining the weakest link and setting security priority in the ICS. This work can help create speedy and proactive security response. The metrics derived in this work can serve as sub-metrics inputs to a larger quantitative security metrics taxonomy; and can be integrated into the security risk assessment scheme of a larger distributed system.

2020-10-26
Astaburuaga, Ignacio, Lombardi, Amee, La Torre, Brian, Hughes, Carolyn, Sengupta, Shamik.  2019.  Vulnerability Analysis of AR.Drone 2.0, an Embedded Linux System. 2019 IEEE 9th Annual Computing and Communication Workshop and Conference (CCWC). :0666–0672.
The goal of this work was to identify and try to solve some of the vulnerabilities present in the AR Drone 2.0 by Parrot. The approach was to identify how the system worked, find and analyze vulnerabilities and flaws in the system as a whole and in the software, and find solutions to those problems. Analyzing the results of some tests showed that the system has an open WiFi network and the communication between the controller and the drone are unencrypted. Analyzing the Linux operating system that the drone uses, we see that "Pairing Mode" is the only way the system protects itself from unauthorized control. This is a feature that can be easily bypassed. Port scans reveal that the system has all the ports for its services open and exposed. This makes it susceptible to attacks like DoS and takeover. This research also focuses on some of the software vulnerabilities, such as Busybox that the drone runs. Lastly, this paper discuses some of the possible methods that can be used to secure the drone. These methods include securing the messages via SSH Tunnel, closing unused ports, and re-implementing the software used by the drone and the controller.
2020-10-05
Lowney, M. Phil, Liu, Hong, Chabot, Eugene.  2018.  Trust Management in Underwater Acoustic MANETs based on Cloud Theory using Multi-Parameter Metrics. 2018 International Carnahan Conference on Security Technology (ICCST). :1—5.

With wide applications like surveillance and imaging, securing underwater acoustic Mobile Ad-hoc NETworks (MANET) becomes a double-edged sword for oceanographic operations. Underwater acoustic MANET inherits vulnerabilities from 802.11-based MANET which renders traditional cryptographic approaches defenseless. A Trust Management Framework (TMF), allowing maintained confidence among participating nodes with metrics built from their communication activities, promises secure, efficient and reliable access to terrestrial MANETs. TMF cannot be directly applied to the underwater environment due to marine characteristics that make it difficult to differentiate natural turbulence from intentional misbehavior. This work proposes a trust model to defend underwater acoustic MANETs against attacks using a machine learning method with carefully chosen communication metrics, and a cloud model to address the uncertainty of trust in harsh underwater environments. By integrating the trust framework of communication with the cloud model to combat two kinds of uncertainties: fuzziness and randomness, trust management is greatly improved for underwater acoustic MANETs.

2020-09-21
Fang, Zheng, Fu, Hao, Gu, Tianbo, Qian, Zhiyun, Jaeger, Trent, Mohapatra, Prasant.  2019.  ForeSee: A Cross-Layer Vulnerability Detection Framework for the Internet of Things. 2019 IEEE 16th International Conference on Mobile Ad Hoc and Sensor Systems (MASS). :236–244.
The exponential growth of Internet-of-Things (IoT) devices not only brings convenience but also poses numerous challenging safety and security issues. IoT devices are distributed, highly heterogeneous, and more importantly, directly interact with the physical environment. In IoT systems, the bugs in device firmware, the defects in network protocols, and the design flaws in system configurations all may lead to catastrophic accidents, causing severe threats to people's lives and properties. The challenge gets even more escalated as the possible attacks may be chained together in a long sequence across multiple layers, rendering the current vulnerability analysis inapplicable. In this paper, we present ForeSee, a cross-layer formal framework to comprehensively unveil the vulnerabilities in IoT systems. ForeSee generates a novel attack graph that depicts all of the essential components in IoT, from low-level physical surroundings to high-level decision-making processes. The corresponding graph-based analysis then enables ForeSee to precisely capture potential attack paths. An optimization algorithm is further introduced to reduce the computational complexity of our analysis. The illustrative case studies show that our multilayer modeling can capture threats ignored by the previous approaches.
2020-09-18
Guo, Xiaolong, Dutta, Raj Gautam, He, Jiaji, Tehranipoor, Mark M., Jin, Yier.  2019.  QIF-Verilog: Quantitative Information-Flow based Hardware Description Languages for Pre-Silicon Security Assessment. 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). :91—100.
Hardware vulnerabilities are often due to design mistakes because the designer does not sufficiently consider potential security vulnerabilities at the design stage. As a result, various security solutions have been developed to protect ICs, among which the language-based hardware security verification serves as a promising solution. The verification process will be performed while compiling the HDL of the design. However, similar to other formal verification methods, the language-based approach also suffers from scalability issue. Furthermore, existing solutions either lead to hardware overhead or are not designed for vulnerable or malicious logic detection. To alleviate these challenges, we propose a new language based framework, QIF-Verilog, to evaluate the trustworthiness of a hardware system at register transfer level (RTL). This framework introduces a quantified information flow (QIF) model and extends Verilog type systems to provide more expressiveness in presenting security rules; QIF is capable of checking the security rules given by the hardware designer. Secrets are labeled by the new type and then parsed to data flow, to which a QIF model will be applied. To demonstrate our approach, we design a compiler for QIF-Verilog and perform vulnerability analysis on benchmarks from Trust-Hub and OpenCore. We show that Trojans or design faults that leak information from circuit outputs can be detected automatically, and that our method evaluates the security of the design correctly.
2020-09-04
Routh, Caleb, DeCrescenzo, Brandon, Roy, Swapnoneel.  2018.  Attacks and vulnerability analysis of e-mail as a password reset point. 2018 Fourth International Conference on Mobile and Secure Services (MobiSecServ). :1—5.
In this work, we perform security analysis of using an e-mail as a self-service password reset point, and exploit some of the vulnerabilities of e-mail servers' forgotten password reset paths. We perform and illustrate three different attacks on a personal Email account, using a variety of tools such as: public knowledge attainable through social media or public records to answer security questions and execute a social engineering attack, hardware available to the public to perform a man in the middle attack, and free software to perform a brute-force attack on the login of the email account. Our results expose some of the inherent vulnerabilities in using emails as password reset points. The findings are extremely relevant to the security of mobile devices since users' trend has leaned towards usage of mobile devices over desktops for Internet access.
2020-05-18
Thejaswini, S, Indupriya, C.  2019.  Big Data Security Issues and Natural Language Processing. 2019 3rd International Conference on Trends in Electronics and Informatics (ICOEI). :1307–1312.
Whenever we talk about big data, the concern is always about the security of the data. In recent days the most heard about technology is the Natural Language Processing. This new and trending technology helps in solving the ever ending security problems which are not completely solved using big data. Starting with the big data security issues, this paper deals with addressing the topics related to cyber security and information security using the Natural Language Processing technology. Including the well-known cyber-attacks such as phishing identification and spam detection, this paper also addresses issues on information assurance and security such as detection of Advanced Persistent Threat (APT) in DNS and vulnerability analysis. The goal of this paper is to provide the overview of how natural language processing can be used to address cyber security issues.
2020-04-24
Gao, Boyo, Shi, Libao, Ni, Yixin.  2019.  A dynamic defense-attack game scheme with incomplete information for vulnerability analysis in a cyber-physical power infrastructure. 8th Renewable Power Generation Conference (RPG 2019). :1—8.
The modern power system is experiencing rapid development towards a smarter cyber-physical power grid. How to comprehensively and effectively identify the vulnerable components under various cyber attacks has attracted widespread interest and attention around the world. In this paper, a game-theoretical scheme is developed to analyze the vulnerabilities of transmission lines and cyber elements under locally coordinated cyber-physical attacks in a cyber-physical power infrastructure. A two-step scenario including resources allocation made by system defender in advance and subsequent coordinated cyber-physical attacks are designed elaborately. The designed scenario is modeled as a game of incomplete information, which is then converted into a bi-level mathematical programming problem. In the lower level model, the attacker aims at maximizing system losses by attacking some transmission lines. While in the higher level model, the defender allocates defensive resources, trying to maximally reduce the losses considering the possible attacks. The payoffs of the game are calculated by leveraging a strategy of searching accident chains caused by cascading failure analyzed in this paper. A particle swarm optimization algorithm is applied to solve the proposed nonlinear bi-level programming model, and the case studies on a 34-bus system are conducted to verify the effectiveness of the proposed scheme.
Pan, Huan, Lian, Honghui, Na, Chunning.  2019.  Vulnerability Analysis of Smart Grid under Community Attack Style. IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society. 1:5971—5976.
The smart grid consists of two parts, one is the physical power grid, the other is the information network. In order to study the cascading failure, the vulnerability analysis of the smart grid is done under a kind of community attack style in this paper. Two types of information networks are considered, i.e. topology consistency and scale-free cyber networks, respectively. The concept of control center is presented and the controllable power nodes and observable power lines are defined. Minimum load reduction model(MLRM) is given and described as a linear programming problem. A index is introduced to assess the vulnerability. New England 39 nodes system is applied to simulate the cascading failure process to demonstrate the effectiveness of the proposed MLRM where community the attack methods include attack the power lines among and in power communities.
2020-03-12
Cortés, Francisco Muñoz, Gaviria Gómez, Natalia.  2019.  A Hybrid Alarm Management Strategy in Signature-Based Intrusion Detection Systems. 2019 IEEE Colombian Conference on Communications and Computing (COLCOM). :1–6.

Signature-based Intrusion Detection Systems (IDS) are a key component in the cybersecurity defense strategy for any network being monitored. In order to improve the efficiency of the intrusion detection system and the corresponding mitigation action, it is important to address the problem of false alarms. In this paper, we present a comparative analysis of two approaches that consider the false alarm minimization and alarm correlation techniques. The output of this analysis provides us the elements to propose a parallelizable strategy designed to achieve better results in terms of precision, recall and alarm load reduction in the prioritization of alarms. We use Prelude SIEM as the event normalizer in order to process security events from heterogeneous sensors and to correlate them. The alarms are verified using the dynamic network context information collected from the vulnerability analysis, and they are prioritized using the HP Arsight priority formula. The results show an important reduction in the volume of alerts, together with a high precision in the identification of false alarms.

2020-03-09
Nadir, Ibrahim, Ahmad, Zafeer, Mahmood, Haroon, Asadullah Shah, Ghalib, Shahzad, Farrukh, Umair, Muhammad, Khan, Hassam, Gulzar, Usman.  2019.  An Auditing Framework for Vulnerability Analysis of IoT System. 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :39–47.
Introduction of IoT is a big step towards the convergence of physical and virtual world as everyday objects are connected to the internet nowadays. But due to its diversity and resource constraint nature, the security of these devices in the real world has become a major challenge. Although a number of security frameworks have been suggested to ensure the security of IoT devices, frameworks for auditing this security are rare. We propose an open-source framework to audit the security of IoT devices covering hardware, firmware and communication vulnerabilities. Using existing open-source tools, we formulate a modular approach towards the implementation of the proposed framework. Standout features in the suggested framework are its modular design, extensibility, scalability, tools integration and primarily autonomous nature. The principal focus of the framework is to automate the process of auditing. The paper further mentions some tools that can be incorporated in different modules of the framework. Finally, we validate the feasibility of our framework by auditing an IoT device using proposed toolchain.
2019-08-26
Doynikova, Elena, Fedorchenko, Andrey, Kotenko, Igor.  2018.  Determination of Security Threat Classes on the Basis of Vulnerability Analysis for Automated Countermeasure Selection. Proceedings of the 13th International Conference on Availability, Reliability and Security. :62:1–62:8.
Currently the task of automated security monitoring and responding to security incidents is highly relevant. The authors propose an approach to determine weaknesses of the analyzed system on the basis of its known vulnerabilities for further specification of security threats. It is relevant for the stage of determining the necessary and sufficient set of security countermeasures for specific information systems. The required set of security response tools and means depends on the determined threats. The possibility of practical implementation of the approach follows from the connectivity between open databases of vulnerabilities, weaknesses, and attacks. The authors applied various classification methods for vulnerabilities considering values of their properties. The paper describes source data used for classification, their preprocessing stage, and the classification results. The obtained results and the methods for their enhancement are discussed.
2019-08-05
Gerard, B., Rebaï, S. B., Voos, H., Darouach, M..  2018.  Cyber Security and Vulnerability Analysis of Networked Control System Subject to False-Data Injection. 2018 Annual American Control Conference (ACC). :992-997.

In the present paper, the problem of networked control system (NCS) cyber security is considered. The geometric approach is used to evaluate the security and vulnerability level of the controlled system. The proposed results are about the so-called false data injection attacks and show how imperfectly known disturbances can be used to perform undetectable, or at least stealthy, attacks that can make the NCS vulnerable to attacks from malicious outsiders. A numerical example is given to illustrate the approach.

2019-03-22
Lee, Kyungroul, Son, Byeong-Geun, Lee, Sun-Young, Yim, Kangbin.  2018.  Vulnerability Analysis of Secure USB: Based on the Fingerprint Authentication of Product B. Proceedings of the 2018 Conference on Research in Adaptive and Convergent Systems. :167-169.
In order to improve the security of data stored in the USB memory, a secure USB has appeared on the consumer market. The secure USB protects data stored into the device by user authentication, data encryption, and access control. However, in several products, there is a problem in that the data can be stolen due to authentication bypass or key exposure. To solve this problem, a method for enhancing user authentication has been studied, and product B, which typically provides user authentication with biometric authentication, has emerged. In this paper, we analyze the vulnerability of product B that provides a biometric authentication, and we verified the possibility of bypassing the authentication and the incident of potential stealing of the data. Consequently, we consider that it will be possible to develop a more secure USB product based on counteracting analyzed vulnerability as described in this paper.
2019-02-25
Ojagbule, O., Wimmer, H., Haddad, R. J..  2018.  Vulnerability Analysis of Content Management Systems to SQL Injection Using SQLMAP. SoutheastCon 2018. :1–7.

There are over 1 billion websites today, and most of them are designed using content management systems. Cybersecurity is one of the most discussed topics when it comes to a web application and protecting the confidentiality, integrity of data has become paramount. SQLi is one of the most commonly used techniques that hackers use to exploit a security vulnerability in a web application. In this paper, we compared SQLi vulnerabilities found on the three most commonly used content management systems using a vulnerability scanner called Nikto, then SQLMAP for penetration testing. This was carried on default WordPress, Drupal and Joomla website pages installed on a LAMP server (Iocalhost). Results showed that each of the content management systems was not susceptible to SQLi attacks but gave warnings about other vulnerabilities that could be exploited. Also, we suggested practices that could be implemented to prevent SQL injections.

2019-01-21
Hasan, S., Ghafouri, A., Dubey, A., Karsai, G., Koutsoukos, X..  2018.  Vulnerability analysis of power systems based on cyber-attack and defense models. 2018 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1–5.

Reliable operation of power systems is a primary challenge for the system operators. With the advancement in technology and grid automation, power systems are becoming more vulnerable to cyber-attacks. The main goal of adversaries is to take advantage of these vulnerabilities and destabilize the system. This paper describes a game-theoretic approach to attacker / defender modeling in power systems. In our models, the attacker can strategically identify the subset of substations that maximize damage when compromised. However, the defender can identify the critical subset of substations to protect in order to minimize the damage when an attacker launches a cyber-attack. The algorithms for these models are applied to the standard IEEE-14, 39, and 57 bus examples to identify the critical set of substations given an attacker and a defender budget.

2018-05-24
Ding, P., Wang, Y., Yan, G., Li, W..  2017.  DoS Attacks in Electrical Cyber-Physical Systems: A Case Study Using TrueTime Simulation Tool. 2017 Chinese Automation Congress (CAC). :6392–6396.

Recent years, the issue of cyber security has become ever more prevalent in the analysis and design of electrical cyber-physical systems (ECPSs). In this paper, we present the TrueTime Network Library for modeling the framework of ECPSs and focuses on the vulnerability analysis of ECPSs under DoS attacks. Model predictive control algorithm is used to control the ECPS under disturbance or attacks. The performance of decentralized and distributed control strategies are compared on the simulation platform. It has been proved that DoS attacks happen at dada collecting sensors or control instructions actuators will influence the system differently.