2020
D. Pliatsios; P. Sarigiannidis; K. Psannis; S. K. Goudos; V. Vitsas; I. Moscholios
Big Data against Security Threats: The SPEAR Intrusion Detection System Conference
2020 3rd World Symposium on Communication Engineering (WSCE), IEEE, 2020.
Abstract | BibTeX | Tags: Big Data, Cyber Attack, intrusion detection system, Smart Grid | Links:
@conference{Pliatsios202012,
title = {Big Data against Security Threats: The SPEAR Intrusion Detection System},
author = { D. Pliatsios and P. Sarigiannidis and K. Psannis and S. K. Goudos and V. Vitsas and I. Moscholios},
doi = {10.1109/wsce51339.2020.9275580},
year = {2020},
date = {2020-10-01},
booktitle = {2020 3rd World Symposium on Communication Engineering (WSCE)},
journal = {2020 3rd World Symposium on Communication Engineering, WSCE 2020},
pages = {12-17},
publisher = {IEEE},
abstract = {The environmental concerns, the limited availability of conventional energy sources, the integration of alternative energy sources and the increasing number of power-demanding appliances change the way electricity is generated and distributed. Smart Grid (SG) is an appealing concept, which was developed in response to the emerging issues of electricity generation and distribution. By leveraging the latest advancements of Information and Communication Technologies (ICT), it offers significant benefits to energy providers, retailers and consumers. Nevertheless, SG is vulnerable to cyber attacks, that could cause critical economic and ecological consequences. Traditional Intrusion Detection Systems (IDSs) are becoming less efficient in detecting and mitigating cyberattacks, due to their limited capabilities of analyzing the exponentially increasing volume of network traffic. In this paper, we present the Secure and PrivatE smArt gRid (SPEAR) platform, which features a Big Data enabled IDS that timely detects and identifies cyber attacks against SG components. In order to validate the efficiency of the SPEAR platform regarding the protection of critical infrastructure, we installed the platform in a small wind power plant. © 2020 IEEE.},
keywords = {Big Data, Cyber Attack, intrusion detection system, Smart Grid},
pubstate = {published},
tppubtype = {conference}
}
P. Radoglou-Grammatikis; I. Siniosoglou; T. Liatifis; A. Kourouniadis; K. Rompolos; P. Sarigiannidis
Implementation and detection of modbus cyberattacks Conference
2020.
Abstract | BibTeX | Tags: intrusion detection system, Modbus, Smart Grid, Smod, Supervisory Control and Data Acquisition | Links:
@conference{Radoglou-Grammatikis2020,
title = {Implementation and detection of modbus cyberattacks},
author = { P. Radoglou-Grammatikis and I. Siniosoglou and T. Liatifis and A. Kourouniadis and K. Rompolos and P. Sarigiannidis},
url = {https://www.researchgate.net/publication/344386530_Implementation_and_Detection_of_Modbus_Cyberattacks},
doi = {10.1109/MOCAST49295.2020.9200287},
year = {2020},
date = {2020-01-01},
journal = {2020 9th International Conference on Modern Circuits and Systems Technologies, MOCAST 2020},
abstract = {Supervisory Control and Data Acquisition (SCADA) systems play a significant role in Critical Infrastructures (CIs) since they monitor and control the automation processes of the industrial equipment. However, SCADA relies on vulnerable communication protocols without any cybersecurity mechanism, thereby making it possible to endanger the overall operation of the CI. In this paper, we focus on the Modbus/TCP protocol, which is commonly utilised in many CIs and especially in the electrical grid. In particular, our contribution is twofold. First, we study and enhance the cyberattacks provided by the Smod pen-testing tool. Second, we introduce an anomaly-based Intrusion Detection System (IDS) capable of detecting Denial of Service (DoS) cyberattacks related to Modbus/TCP. The efficacy of the proposed IDS is demonstrated by utilising real data stemming from a hydropower plant. The accuracy and the F1 score of the proposed IDS reach 81% and 77% respectively. © 2020 IEEE.},
keywords = {intrusion detection system, Modbus, Smart Grid, Smod, Supervisory Control and Data Acquisition},
pubstate = {published},
tppubtype = {conference}
}
P. Radoglou Grammatikis; P. Sarigiannidis; G. Efstathopoulos; E. Panaousis
ARIES: A Novel Multivariate Intrusion Detection System for Smart Grid Journal Article
In: Sensors (Basel, Switzerland), vol. 20, no. 18, 2020.
Abstract | BibTeX | Tags: Cybersecurity, intrusion detection system, machine learning, Modbus, SCADA, Smart Grid | Links:
@article{RadoglouGrammatikis2020,
title = {ARIES: A Novel Multivariate Intrusion Detection System for Smart Grid},
author = { P. Radoglou Grammatikis and P. Sarigiannidis and G. Efstathopoulos and E. Panaousis},
url = {https://www.researchgate.net/publication/344176314_ARIES_A_Novel_Multivariate_Intrusion_Detection_System_for_Smart_Grid},
doi = {10.3390/s20185305},
year = {2020},
date = {2020-01-01},
journal = {Sensors (Basel, Switzerland)},
volume = {20},
number = {18},
abstract = {The advent of the Smart Grid (SG) raises severe cybersecurity risks that can lead to devastating consequences. In this paper, we present a novel anomaly-based Intrusion Detection System (IDS), called ARIES (smArt gRid Intrusion dEtection System), which is capable of protecting efficiently SG communications. ARIES combines three detection layers that are devoted to recognising possible cyberattacks and anomalies against (a) network flows, (b) Modbus/Transmission Control Protocol (TCP) packets and (c) operational data. Each detection layer relies on a Machine Learning (ML) model trained using data originating from a power plant. In particular, the first layer (network flow-based detection) performs a supervised multiclass classification, recognising Denial of Service (DoS), brute force attacks, port scanning attacks and bots. The second layer (packet-based detection) detects possible anomalies related to the Modbus packets, while the third layer (operational data based detection) monitors and identifies anomalies upon operational data (i.e., time series electricity measurements). By emphasising on the third layer, the ARIES Generative Adversarial Network (ARIES GAN) with novel error minimisation functions was developed, considering mainly the reconstruction difference. Moreover, a novel reformed conditional input was suggested, consisting of random noise and the signal features at any given time instance. Based on the evaluation analysis, the proposed GAN network overcomes the efficacy of conventional ML methods in terms of Accuracy and the F1 score.},
keywords = {Cybersecurity, intrusion detection system, machine learning, Modbus, SCADA, Smart Grid},
pubstate = {published},
tppubtype = {article}
}
2019
G. Efstathopoulos; P.R. Grammatikis; P. Sarigiannidis; V. Argyriou; A. Sarigiannidis; K. Stamatakis; M.K. Angelopoulos; S.K. Athanasopoulos
Operational data based intrusion detection system for smart grid Conference
vol. 2019-September, 2019.
Abstract | BibTeX | Tags: Anomaly Detection, Cybersecurity, intrusion detection system, machine learning, Operational Data, Smart Grid | Links:
@conference{Efstathopoulos2019,
title = {Operational data based intrusion detection system for smart grid},
author = { G. Efstathopoulos and P.R. Grammatikis and P. Sarigiannidis and V. Argyriou and A. Sarigiannidis and K. Stamatakis and M.K. Angelopoulos and S.K. Athanasopoulos},
url = {https://www.researchgate.net/publication/335866997_Operational_Data_Based_Intrusion_Detection_System_for_Smart_Grid},
doi = {10.1109/CAMAD.2019.8858503},
year = {2019},
date = {2019-01-01},
journal = {IEEE International Workshop on Computer Aided Modeling and Design of Communication Links and Networks, CAMAD},
volume = {2019-September},
abstract = {With the rapid progression of Information and Communication Technology (ICT) and especially of Internet of Things (IoT), the conventional electrical grid is transformed into a new intelligent paradigm, known as Smart Grid (SG). SG provides significant benefits both for utility companies and energy consumers such as the two-way communication (both electricity and information), distributed generation, remote monitoring, self-healing and pervasive control. However, at the same time, this dependence introduces new security challenges, since SG inherits the vulnerabilities of multiple heterogeneous, co-existing legacy and smart technologies, such as IoT and Industrial Control Systems (ICS). An effective countermeasure against the various cyberthreats in SG is the Intrusion Detection System (IDS), informing the operator timely about the possible cyberattacks and anomalies. In this paper, we provide an anomaly-based IDS especially designed for SG utilising operational data from a real power plant. In particular, many machine learning and deep learning models were deployed, introducing novel parameters and feature representations in a comparative study. The evaluation analysis demonstrated the efficacy of the proposed IDS and the improvement due to the suggested complex data representation. © 2019 IEEE.},
keywords = {Anomaly Detection, Cybersecurity, intrusion detection system, machine learning, Operational Data, Smart Grid},
pubstate = {published},
tppubtype = {conference}
}
P.I. Radoglou-Grammatikis; P.G. Sarigiannidis
Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems Journal Article
In: IEEE Access, vol. 7, pp. 46595-46620, 2019.
Abstract | BibTeX | Tags: Advanced Metering Infrastructure, cyberattacks, intrusion detection system, Intrusion prevention system, SCADA, security, Smart Grid, substation, Synchrophasor | Links:
@article{Radoglou-Grammatikis201946595,
title = {Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems},
author = { P.I. Radoglou-Grammatikis and P.G. Sarigiannidis},
url = {https://www.researchgate.net/publication/332188706_Securing_the_Smart_Grid_A_Comprehensive_Compilation_of_Intrusion_Detection_and_Prevention_Systems},
doi = {10.1109/ACCESS.2019.2909807},
year = {2019},
date = {2019-01-01},
journal = {IEEE Access},
volume = {7},
pages = {46595-46620},
abstract = {The smart grid (SG) paradigm is the next technological leap of the conventional electrical grid, contributing to the protection of the physical environment and providing multiple advantages such as increased reliability, better service quality, and the efficient utilization of the existing infrastructure and the renewable energy resources. However, despite the fact that it brings beneficial environmental, economic, and social changes, the existence of such a system possesses important security and privacy challenges, since it includes a combination of heterogeneous, co-existing smart, and legacy technologies. Based on the rapid evolution of the cyber-physical systems (CPS), both academia and industry have developed appropriate measures for enhancing the security surface of the SG paradigm using, for example, integrating efficient, lightweight encryption and authorization mechanisms. Nevertheless, these mechanisms may not prevent various security threats, such as denial of service (DoS) attacks that target on the availability of the underlying systems. An efficient countermeasure against several cyberattacks is the intrusion detection and prevention system (IDPS). In this paper, we examine the contribution of the IDPSs in the SG paradigm, providing an analysis of 37 cases. More detailed, these systems can be considered as a secondary defense mechanism, which enhances the cryptographic processes, by timely detecting or/and preventing potential security violations. For instance, if a cyberattack bypasses the essential encryption and authorization mechanisms, then the IDPS systems can act as a secondary protection service, informing the system operator for the presence of the specific attack or enabling appropriate preventive countermeasures. The cases we study focused on the advanced metering infrastructure (AMI), supervisory control and data acquisition (SCADA) systems, substations, and synchrophasors. Based on our comparative analysis, the limitations and the shortcomings of the current IDPS systems are identified, whereas appropriate recommendations are provided for future research efforts. © 2013 IEEE.},
keywords = {Advanced Metering Infrastructure, cyberattacks, intrusion detection system, Intrusion prevention system, SCADA, security, Smart Grid, substation, Synchrophasor},
pubstate = {published},
tppubtype = {article}
}
2018
P. I. Radoglou-Grammatikis; P. G. Sarigiannidis
An Anomaly-Based Intrusion Detection System for the Smart Grid Based on CART Decision Tree Conference
2018 Global Information Infrastructure and Networking Symposium (GIIS), IEEE, 2018.
Abstract | BibTeX | Tags: Advanced Metering Infrastructure, intrusion detection system, security, Smart Grid | Links:
@conference{Radoglou-Grammatikis2019b,
title = {An Anomaly-Based Intrusion Detection System for the Smart Grid Based on CART Decision Tree},
author = { P. I. Radoglou-Grammatikis and P. G. Sarigiannidis},
url = {An Anomaly-Based Intrusion Detection System for the Smart Grid Based on CART Decision Tree},
doi = {10.1109/GIIS.2018.8635743},
year = {2018},
date = {2018-10-01},
booktitle = {2018 Global Information Infrastructure and Networking Symposium (GIIS)},
journal = {2018 Global Information Infrastructure and Networking Symposium, GIIS 2018},
publisher = {IEEE},
abstract = {The Smart Grid (SG) paradigm constitutes the new technological evolution of the traditional electrical grid, providing remote monitoring and controlling capabilities among all its operations through computing services. These new capabilities offer a lot of benefits, such as better energy management, increased reliability and security, as well as more economical pricing. However, despite these advantages, it introduces significant security challenges, as the computing systems and the corresponding communications are characterized by several cybersecurity threats. An efficient solution against cyberattacks is the Intrusion Detection Systems (IDS). These systems usually operate as a second line of defence and have the ability to detect or even prevent cyberattacks in near real-Time. In this paper, we present a new IDS for the Advanced Metering Infrastructure (AMI) utilizing machine learning capabilities based on a decision tree. Decision trees have been used for multiple classification problems like the distinguishment between the normal and malicious activities. The experimental evaluation demonstrates the efficiency of the proposed IDS, as the Accuracy and the True Positive Rate of our IDS reach 0.996 and 0.993 respectively. © 2018 IEEE.},
keywords = {Advanced Metering Infrastructure, intrusion detection system, security, Smart Grid},
pubstate = {published},
tppubtype = {conference}
}
2017
P.I. Radoglou-Grammatikis; P.G. Sarigiannidis
Flow anomaly based intrusion detection system for Android mobile devices Conference
2017.
Abstract | BibTeX | Tags: Android, Artificial Neural Networks, intrusion detection system, Mobile, NetFlows, security | Links:
@conference{Radoglou-Grammatikis2017,
title = {Flow anomaly based intrusion detection system for Android mobile devices},
author = { P.I. Radoglou-Grammatikis and P.G. Sarigiannidis},
url = {https://www.researchgate.net/publication/316691657_Flow_Anomaly_Based_Intrusion_Detection_System_for_Android_Mobile_Devices},
doi = {10.1109/MOCAST.2017.7937625},
year = {2017},
date = {2017-01-01},
journal = {2017 6th International Conference on Modern Circuits and Systems Technologies, MOCAST 2017},
abstract = {The penetration of the modern mobile devices is progressively gaining ground in today's cognitive applications and services. Several applications have become part of the smartphone capabilities such as e-mail monitoring, Internet browsing, social networks activities, etc. However, the increased computation and storage capabilities of smartphones have attracted more and more cyber attacks in terms of writing mobile malware for various purposes. In this paper, we present an intrusion detection system (IDS) for detecting the anomaly behaviors in Android mobile devices. The IDS continuously monitors the network traffic of the mobile device and collects various features of the NetFlows. An artificial neural network (ANN) gathers the data flows and determines whether there is an invasion or not. The proposed IDS is demonstrated in realistic conditions, where the accuracy of the systems reaches 85%. © 2017 IEEE.},
keywords = {Android, Artificial Neural Networks, intrusion detection system, Mobile, NetFlows, security},
pubstate = {published},
tppubtype = {conference}
}
Address
Internet of Things and Applications Lab
Department of Electrical and Computer Engineering
University of Western Macedonia Campus
ZEP Area, Kozani 50100
Greece
Contact Information
tel: +30 2461 056527
Email: ithaca@uowm.gr