2022
Vasiliki Kelli; Panagiotis Radoglou-Grammatikis; Thomas Lagkas; Evangelos K Markakis; Panagiotis Sarigiannidis
Risk Analysis of DNP3 Attacks Conference
2022 IEEE International Conference on Cyber Security and Resilience (CSR), 2022, ISBN: 978-1-6654-9952-1.
Abstract | BibTeX | Tags: cyberattacks, Cybersecurity, DNP3, SCADA | Links:
@conference{9850291,
title = {Risk Analysis of DNP3 Attacks},
author = {Vasiliki Kelli and Panagiotis Radoglou-Grammatikis and Thomas Lagkas and Evangelos K Markakis and Panagiotis Sarigiannidis},
url = {https://www.researchgate.net/publication/362741509_Risk_Analysis_of_DNP3_Attacks},
doi = {10.1109/CSR54599.2022.9850291},
isbn = {978-1-6654-9952-1},
year = {2022},
date = {2022-07-27},
booktitle = {2022 IEEE International Conference on Cyber Security and Resilience (CSR)},
pages = {351-356},
abstract = {The integration of intelligent devices in the industry allows the automation and control of industrial processes, in an efficient and effective manner. Such systems have contributed to the rapid evolution of production infrastructures, increasing the reliability, reducing production costs, and automating the entire manufacturing operations. However, the utilization of intelligent devices has led to an increased attack surface in critical infrastructures, threatening to compromise regular operations. Attacks against such environments can have disastrous consequences in case their goal is achieved, due to the critical nature of such infrastructures. Thus, the timely identification of vulnerable spots through high-quality risk assessment, is considered highly important for avoiding or mitigating potential risks. In this paper, we focus on Distributed Network Protocol 3 (DNP3), a protocol with high utility in smart grids. Specifically, we investigate, identify and describe the vulnerabilities-by-design of DNP3 through 8 DNP3-centered cyberattacks. In addition, we present a novel method for conducting risk assessment, stemming from the combination of two techniques, namely, Attack Defence Trees (ADTs) and Common Vulnerability Scoring System v3.1 (CVSS). Through our proposed technique, the risk of a cyberattack occurring is calculated, thus contributing in securing the critical infrastructure.},
keywords = {cyberattacks, Cybersecurity, DNP3, SCADA},
pubstate = {published},
tppubtype = {conference}
}
The integration of intelligent devices in the industry allows the automation and control of industrial processes, in an efficient and effective manner. Such systems have contributed to the rapid evolution of production infrastructures, increasing the reliability, reducing production costs, and automating the entire manufacturing operations. However, the utilization of intelligent devices has led to an increased attack surface in critical infrastructures, threatening to compromise regular operations. Attacks against such environments can have disastrous consequences in case their goal is achieved, due to the critical nature of such infrastructures. Thus, the timely identification of vulnerable spots through high-quality risk assessment, is considered highly important for avoiding or mitigating potential risks. In this paper, we focus on Distributed Network Protocol 3 (DNP3), a protocol with high utility in smart grids. Specifically, we investigate, identify and describe the vulnerabilities-by-design of DNP3 through 8 DNP3-centered cyberattacks. In addition, we present a novel method for conducting risk assessment, stemming from the combination of two techniques, namely, Attack Defence Trees (ADTs) and Common Vulnerability Scoring System v3.1 (CVSS). Through our proposed technique, the risk of a cyberattack occurring is calculated, thus contributing in securing the critical infrastructure.
2021
D. Pliatsios; P. Sarigiannidis; G. Fragulis; A. Tsiakalos; D. Margounakis
A Dynamic Recommendation-based Trust Scheme for the Smart Grid Conference
3rd International Workshop on Cyber-Security Threats, Trust and Privacy management in Software-defined and Virtualized Infrastructures (SecSoft 2021), 2021.
Abstract | BibTeX | Tags: cyberattacks, security, Smart Grid, smart meters, trust management | Links:
@conference{Pliatsios2021,
title = {A Dynamic Recommendation-based Trust Scheme for the Smart Grid},
author = {D. Pliatsios and P. Sarigiannidis and G. Fragulis and A. Tsiakalos and D. Margounakis},
url = {https://www.researchgate.net/publication/353484865_A_Dynamic_Recommendation-based_Trust_Scheme_for_the_Smart_Grid},
doi = {10.1109/NetSoft51509.2021.9492542 +Date: 26 July 2021},
year = {2021},
date = {2021-07-26},
booktitle = {3rd International Workshop on Cyber-Security Threats, Trust and Privacy management in Software-defined and Virtualized Infrastructures (SecSoft 2021)},
abstract = {The integration of the internet of things (IoT) concept into the traditional electricity grid introduces several critical vulnerabilities. Intrusion detection systems (IDSs) can be effective countermeasures against cyberattacks, however, they require considerable computational and storage resources. As IoT-enabled metering devices have limited resources, IDSs cannot efficiently ensure security. To this end, trust evaluation schemes have emerged as promising solutions toward protecting resource-constrained metering devices. In this work, we proposed a trust evaluation scheme for the smart grid, that is based on direct trust evaluation and recommendation. The proposed hierarchical scheme is able to evaluate the trustiness of each metering device without requiring any significant modifications to the already deployed infrastructure. Additionally, the proposed scheme features is dynamic, meaning that it is robust against nonadversarial events that negatively impact the device’s trustiness. To validate the performance of the proposed scheme, we carry out network-level simulations and investigate how the various network parameters impact the trust evaluation performance.},
keywords = {cyberattacks, security, Smart Grid, smart meters, trust management},
pubstate = {published},
tppubtype = {conference}
}
The integration of the internet of things (IoT) concept into the traditional electricity grid introduces several critical vulnerabilities. Intrusion detection systems (IDSs) can be effective countermeasures against cyberattacks, however, they require considerable computational and storage resources. As IoT-enabled metering devices have limited resources, IDSs cannot efficiently ensure security. To this end, trust evaluation schemes have emerged as promising solutions toward protecting resource-constrained metering devices. In this work, we proposed a trust evaluation scheme for the smart grid, that is based on direct trust evaluation and recommendation. The proposed hierarchical scheme is able to evaluate the trustiness of each metering device without requiring any significant modifications to the already deployed infrastructure. Additionally, the proposed scheme features is dynamic, meaning that it is robust against nonadversarial events that negatively impact the device’s trustiness. To validate the performance of the proposed scheme, we carry out network-level simulations and investigate how the various network parameters impact the trust evaluation performance.
2019
P.I. Radoglou-Grammatikis; P.G. Sarigiannidis
Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems Journal Article
In: IEEE Access, vol. 7, pp. 46595-46620, 2019.
Abstract | BibTeX | Tags: Advanced Metering Infrastructure, cyberattacks, intrusion detection system, Intrusion prevention system, SCADA, security, Smart Grid, substation, Synchrophasor | Links:
@article{Radoglou-Grammatikis201946595,
title = {Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems},
author = { P.I. Radoglou-Grammatikis and P.G. Sarigiannidis},
url = {https://www.researchgate.net/publication/332188706_Securing_the_Smart_Grid_A_Comprehensive_Compilation_of_Intrusion_Detection_and_Prevention_Systems},
doi = {10.1109/ACCESS.2019.2909807},
year = {2019},
date = {2019-01-01},
journal = {IEEE Access},
volume = {7},
pages = {46595-46620},
abstract = {The smart grid (SG) paradigm is the next technological leap of the conventional electrical grid, contributing to the protection of the physical environment and providing multiple advantages such as increased reliability, better service quality, and the efficient utilization of the existing infrastructure and the renewable energy resources. However, despite the fact that it brings beneficial environmental, economic, and social changes, the existence of such a system possesses important security and privacy challenges, since it includes a combination of heterogeneous, co-existing smart, and legacy technologies. Based on the rapid evolution of the cyber-physical systems (CPS), both academia and industry have developed appropriate measures for enhancing the security surface of the SG paradigm using, for example, integrating efficient, lightweight encryption and authorization mechanisms. Nevertheless, these mechanisms may not prevent various security threats, such as denial of service (DoS) attacks that target on the availability of the underlying systems. An efficient countermeasure against several cyberattacks is the intrusion detection and prevention system (IDPS). In this paper, we examine the contribution of the IDPSs in the SG paradigm, providing an analysis of 37 cases. More detailed, these systems can be considered as a secondary defense mechanism, which enhances the cryptographic processes, by timely detecting or/and preventing potential security violations. For instance, if a cyberattack bypasses the essential encryption and authorization mechanisms, then the IDPS systems can act as a secondary protection service, informing the system operator for the presence of the specific attack or enabling appropriate preventive countermeasures. The cases we study focused on the advanced metering infrastructure (AMI), supervisory control and data acquisition (SCADA) systems, substations, and synchrophasors. Based on our comparative analysis, the limitations and the shortcomings of the current IDPS systems are identified, whereas appropriate recommendations are provided for future research efforts. © 2013 IEEE.},
keywords = {Advanced Metering Infrastructure, cyberattacks, intrusion detection system, Intrusion prevention system, SCADA, security, Smart Grid, substation, Synchrophasor},
pubstate = {published},
tppubtype = {article}
}
The smart grid (SG) paradigm is the next technological leap of the conventional electrical grid, contributing to the protection of the physical environment and providing multiple advantages such as increased reliability, better service quality, and the efficient utilization of the existing infrastructure and the renewable energy resources. However, despite the fact that it brings beneficial environmental, economic, and social changes, the existence of such a system possesses important security and privacy challenges, since it includes a combination of heterogeneous, co-existing smart, and legacy technologies. Based on the rapid evolution of the cyber-physical systems (CPS), both academia and industry have developed appropriate measures for enhancing the security surface of the SG paradigm using, for example, integrating efficient, lightweight encryption and authorization mechanisms. Nevertheless, these mechanisms may not prevent various security threats, such as denial of service (DoS) attacks that target on the availability of the underlying systems. An efficient countermeasure against several cyberattacks is the intrusion detection and prevention system (IDPS). In this paper, we examine the contribution of the IDPSs in the SG paradigm, providing an analysis of 37 cases. More detailed, these systems can be considered as a secondary defense mechanism, which enhances the cryptographic processes, by timely detecting or/and preventing potential security violations. For instance, if a cyberattack bypasses the essential encryption and authorization mechanisms, then the IDPS systems can act as a secondary protection service, informing the system operator for the presence of the specific attack or enabling appropriate preventive countermeasures. The cases we study focused on the advanced metering infrastructure (AMI), supervisory control and data acquisition (SCADA) systems, substations, and synchrophasors. Based on our comparative analysis, the limitations and the shortcomings of the current IDPS systems are identified, whereas appropriate recommendations are provided for future research efforts. © 2013 IEEE.
2018
P. Radoglou-Grammatikis; P. Sarigiannidis; T. Liatifis; T. Apostolakos; S. Oikonomou
An Overview of the Firewall Systems in the Smart Grid Paradigm Conference
2018 Global Information Infrastructure and Networking Symposium (GIIS), IEEE, 2018.
Abstract | BibTeX | Tags: Advanced Metering Infrastructure, cyberattacks, firewall, SCADA, security, Smart Grid, substation | Links:
@conference{Radoglou-Grammatikis2019c,
title = {An Overview of the Firewall Systems in the Smart Grid Paradigm},
author = { P. Radoglou-Grammatikis and P. Sarigiannidis and T. Liatifis and T. Apostolakos and S. Oikonomou},
url = {https://www.researchgate.net/publication/328998034_An_Overview_of_the_Firewall_Systems_in_the_Smart_Grid_Paradigm?_sg=CEd52g3u0I4mXf4THuYQzeTDbKNpbsG1qpl5tTT-9PASC4E8XbQbzl9YIlg_icl-irrtxOICHyYWGaQ},
doi = {10.1109/giis.2018.8635747},
year = {2018},
date = {2018-10-01},
booktitle = {2018 Global Information Infrastructure and Networking Symposium (GIIS)},
journal = {2018 Global Information Infrastructure and Networking Symposium, GIIS 2018},
publisher = {IEEE},
abstract = {The multiple interconnections and the heterogeneity of the devices and technologies into the Smart Grid (SG) generate possible cyber-physical security vulnerabilities that can be exploited by various cyberattackers. The cyberattacks in SG, usually target the availability and the information integrity of the systems. Replay attacks, Denial of Service (DoS), Distributed DoS (DDoS) and botnets are typical examples. Furthermore, the hacking tools have been largely automated, so even a novice can execute destructive cyberattacks. These situations make it necessary to develop efficient firewall systems that can prevent possible cyberattacks. In this paper, we present an overview of the various firewall systems in the SG paradigm and also we provide new research directions in this field. © 2018 IEEE.},
keywords = {Advanced Metering Infrastructure, cyberattacks, firewall, SCADA, security, Smart Grid, substation},
pubstate = {published},
tppubtype = {conference}
}
The multiple interconnections and the heterogeneity of the devices and technologies into the Smart Grid (SG) generate possible cyber-physical security vulnerabilities that can be exploited by various cyberattackers. The cyberattacks in SG, usually target the availability and the information integrity of the systems. Replay attacks, Denial of Service (DoS), Distributed DoS (DDoS) and botnets are typical examples. Furthermore, the hacking tools have been largely automated, so even a novice can execute destructive cyberattacks. These situations make it necessary to develop efficient firewall systems that can prevent possible cyberattacks. In this paper, we present an overview of the various firewall systems in the SG paradigm and also we provide new research directions in this field. © 2018 IEEE.
Address
Internet of Things and Applications Lab
Department of Electrical and Computer Engineering
University of Western Macedonia Campus
ZEP Area, Kozani 50100
Greece
Contact Information
tel: +30 2461 056527
Email: ithaca@uowm.gr
