Skip to main content
Top

2023 | OriginalPaper | Chapter

A Modular Infrastructure for the Validation of Cyberattack Detection Systems

Authors : Davide Cerotti, Daniele Codetta Raiteri, Giovanna Dondossola, Lavinia Egidi, Giuliana Franceschinis, Luigi Portinale, Roberta Terruggia

Published in: Power Systems Cybersecurity

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

We propose a framework for the evaluation of cyberattack detection systems in which theoretical results can be tested in a realistic setup. We emulate a power control infrastructure, an attacker and a monitoring system. In this controlled environment, through a modular approach, it is possible to evaluate a variety of detection models: we inject adversarial activity, collect logs from the systems, analyze such logs and produce evidences that are later processed by artificial intelligence models that can raise alerts, and give diagnostic or predictive information. In particular, we test our framework with detection models based on Dynamic Bayesian Networks, that take into account the evolution of adversarial activities over time. The testbed allows us to effectively test the adequacy of the detection mechanisms for early warning of suspicious events; currently, it includes man-in-the-middle attacks and false data injection.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Literature
1.
go back to reference D. Cerotti, D. Codetta, G. Dondossola, L. Egidi, G. Franceschinis, L. Portinale, R. Terruggia, Evidence-based analysis of cyber attacks to security monitored distributed energy resources. Appl. Sci. 10 (2020) D. Cerotti, D. Codetta, G. Dondossola, L. Egidi, G. Franceschinis, L. Portinale, R. Terruggia, Evidence-based analysis of cyber attacks to security monitored distributed energy resources. Appl. Sci. 10 (2020)
2.
go back to reference D. Cerotti, D. Codetta, G. Dondossola, L. Egidi, G. Franceschinis, L. Portinale, R. Terruggia, Analysis and detection of cyber attack processes targeting smart grids, in Innovative Smart Grid Technologies Europe (ISGT) (2019) D. Cerotti, D. Codetta, G. Dondossola, L. Egidi, G. Franceschinis, L. Portinale, R. Terruggia, Analysis and detection of cyber attack processes targeting smart grids, in Innovative Smart Grid Technologies Europe (ISGT) (2019)
3.
go back to reference S. Lee, S. Lee, H. Yoo, S. Kwon, T. Shon, Design and implementation of cybersecurity testbed for industrial IoT systems. J. Supercomput. 74, 4506–4520 (2018)CrossRef S. Lee, S. Lee, H. Yoo, S. Kwon, T. Shon, Design and implementation of cybersecurity testbed for industrial IoT systems. J. Supercomput. 74, 4506–4520 (2018)CrossRef
4.
go back to reference J. Jarmakiewicz, K. Maślanka, K. Parobczak, Development of cyber security testbed for critical infrastructure, in International Conference on Military Communications and Information Systems (IEEE, 2015), pp. 1–10 J. Jarmakiewicz, K. Maślanka, K. Parobczak, Development of cyber security testbed for critical infrastructure, in International Conference on Military Communications and Information Systems (IEEE, 2015), pp. 1–10
5.
go back to reference J. Jarmakiewicz, K. Parobczak, K. Maślanka, Cybersecurity protection for power grid control infrastructures. Int. J. Crit. Infrastruct. Prot. 18, 20–33 (2017)CrossRef J. Jarmakiewicz, K. Parobczak, K. Maślanka, Cybersecurity protection for power grid control infrastructures. Int. J. Crit. Infrastruct. Prot. 18, 20–33 (2017)CrossRef
6.
go back to reference P. Singh, S. Garg, V. Kumar, Z. Saquib, A testbed for scada cyber security and intrusion detection, in International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (IEEE, 2015) P. Singh, S. Garg, V. Kumar, Z. Saquib, A testbed for scada cyber security and intrusion detection, in International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (IEEE, 2015)
7.
go back to reference M. Mallouhi, Y. Al-Nashif, D. Cox, T. Chadaga, S. Hariri, A testbed for analyzing security of SCADA control systems (TASSCS), in Innovative Smart Grid Technologies (IEEE, 2011) M. Mallouhi, Y. Al-Nashif, D. Cox, T. Chadaga, S. Hariri, A testbed for analyzing security of SCADA control systems (TASSCS), in Innovative Smart Grid Technologies (IEEE, 2011)
9.
go back to reference M.J. Pappaterra, F. Flammini, Bayesian networks for online cybersecurity threat detection, in Machine Intelligence and Big Data Analytics for Cybersecurity Applications (Springer, Cham, 2021), pp. 129–159 M.J. Pappaterra, F. Flammini, Bayesian networks for online cybersecurity threat detection, in Machine Intelligence and Big Data Analytics for Cybersecurity Applications (Springer, Cham, 2021), pp. 129–159
10.
go back to reference P. Mell, V. Hu, R. Lippmann, J. Haines, M. Zissman, An overview of issues in testing intrusion detection systems. National Institute of Standards and Technology ITL (2003) P. Mell, V. Hu, R. Lippmann, J. Haines, M. Zissman, An overview of issues in testing intrusion detection systems. National Institute of Standards and Technology ITL (2003)
11.
go back to reference K. Park, B. Ahn, J. Kim, D. Won, Y. Noh, J. Choi, T. Kim, An advanced persistent threat (APT)-style cyberattack testbed for distributed energy resources (DER), in 2021 IEEE Design Methodologies Conference (DMC) (2021), pp. 1–5 K. Park, B. Ahn, J. Kim, D. Won, Y. Noh, J. Choi, T. Kim, An advanced persistent threat (APT)-style cyberattack testbed for distributed energy resources (DER), in 2021 IEEE Design Methodologies Conference (DMC) (2021), pp. 1–5
12.
go back to reference C.-C. Sun, A. Hahn, C.-C. Liu, Cyber security of a power grid: state-of-the-art. Int. J. Electric. Power Energy Syst. 99, 45–56 (2018)CrossRef C.-C. Sun, A. Hahn, C.-C. Liu, Cyber security of a power grid: state-of-the-art. Int. J. Electric. Power Energy Syst. 99, 45–56 (2018)CrossRef
13.
go back to reference R.V. Yohanandhan, R.M. Elavarasan, P. Manoharan, L. Mihet-Popa, Cyber-physical power system (CPPS): a review on modeling, simulation, and analysis with cyber security applications. IEEE Access 8, 151019–151064 (2020)CrossRef R.V. Yohanandhan, R.M. Elavarasan, P. Manoharan, L. Mihet-Popa, Cyber-physical power system (CPPS): a review on modeling, simulation, and analysis with cyber security applications. IEEE Access 8, 151019–151064 (2020)CrossRef
14.
16.
go back to reference I. Zografopoulos, C. Konstantinou, N.D. Hatziargyriou, Distributed energy resources cybersecurity outlook: vulnerabilities, attacks, impacts, and mitigations (2022). arXiv:2205.11171 I. Zografopoulos, C. Konstantinou, N.D. Hatziargyriou, Distributed energy resources cybersecurity outlook: vulnerabilities, attacks, impacts, and mitigations (2022). arXiv:​2205.​11171
18.
go back to reference M. Cosentino, Threat-em: a framework for defensive system validation via adversarial behaviour emulation. Master thesis in Computer Science, Universitá del Piemonte Orientale (2022) M. Cosentino, Threat-em: a framework for defensive system validation via adversarial behaviour emulation. Master thesis in Computer Science, Universitá del Piemonte Orientale (2022)
19.
go back to reference J. Pearl, Probabilistic Reasining in Intelligent Systems: Networks of Plausible Inference (Morgan Kaufmann, USA, 1988) J. Pearl, Probabilistic Reasining in Intelligent Systems: Networks of Plausible Inference (Morgan Kaufmann, USA, 1988)
20.
go back to reference K.P. Murphy, Dynamic bayesian networks: representation, inference and learning. Ph.D thesis, University of California, Berkeley (2002) K.P. Murphy, Dynamic bayesian networks: representation, inference and learning. Ph.D thesis, University of California, Berkeley (2002)
21.
go back to reference L. Portinale, D. Codetta, Modeling and Analysis of Dependable Systems: A Probabilistic Graphical Model Perspective (World Sc, USA, 2015)CrossRef L. Portinale, D. Codetta, Modeling and Analysis of Dependable Systems: A Probabilistic Graphical Model Perspective (World Sc, USA, 2015)CrossRef
23.
go back to reference X. Boyen, D. Koller, Tractable inference for complex stochastic processes, in Conference on Uncertainty in Artificial Intelligence (Morgan Kaufmann, USA, 1998), pp. 33–42 X. Boyen, D. Koller, Tractable inference for complex stochastic processes, in Conference on Uncertainty in Artificial Intelligence (Morgan Kaufmann, USA, 1998), pp. 33–42
Metadata
Title
A Modular Infrastructure for the Validation of Cyberattack Detection Systems
Authors
Davide Cerotti
Daniele Codetta Raiteri
Giovanna Dondossola
Lavinia Egidi
Giuliana Franceschinis
Luigi Portinale
Roberta Terruggia
Copyright Year
2023
DOI
https://doi.org/10.1007/978-3-031-20360-2_13