Ransomware Detection Using Deep Learning in the SCADA System of Electric Vehicle Charging Station

M. Basnet, Subash Poudyal, M. Ali, D. Dasgupta
{"title":"Ransomware Detection Using Deep Learning in the SCADA System of Electric Vehicle Charging Station","authors":"M. Basnet, Subash Poudyal, M. Ali, D. Dasgupta","doi":"10.1109/ISGTLatinAmerica52371.2021.9543031","DOIUrl":null,"url":null,"abstract":"The Supervisory control and data acquisition (SCADA) systems have been continuously leveraging the evolution of network architecture, communication protocols, next-generation communication techniques (5G, 6G, Wi-Fi 6), and the internet of things (IoT). However, SCADA system has become the most profitable and alluring target for ransomware attackers. This paper proposes the deep learning-based novel ransomware detection framework in the SCADA controlled electric vehicle charging station (EVCS) with the performance analysis of three deep learning algorithms, namely deep neural network (DNN), 1D convolution neural network (CNN), and long short-term memory (LSTM) recurrent neural network. All three-deep learning-based simulated frameworks achieve around 97% average accuracy (ACC), more than 98% of the average area under the curve (AUC) and an average F1-score under 10-fold stratified cross-validation with an average false alarm rate (FAR) less than 1.88%. Ransomware driven distributed denial of service (DDoS) attack tends to shift the state of charge (SOC) profile by exceeding the SOC control thresholds. Also, ransomware driven false data injection (FDI) attack has the potential to damage the entire BES or physical system by manipulating the SOC control thresholds. It's a design choice and optimization issue that a deep learning algorithm can deploy based on the tradeoffs between performance metrics.","PeriodicalId":120262,"journal":{"name":"2021 IEEE PES Innovative Smart Grid Technologies Conference - Latin America (ISGT Latin America)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE PES Innovative Smart Grid Technologies Conference - Latin America (ISGT Latin America)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISGTLatinAmerica52371.2021.9543031","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 20

Abstract

The Supervisory control and data acquisition (SCADA) systems have been continuously leveraging the evolution of network architecture, communication protocols, next-generation communication techniques (5G, 6G, Wi-Fi 6), and the internet of things (IoT). However, SCADA system has become the most profitable and alluring target for ransomware attackers. This paper proposes the deep learning-based novel ransomware detection framework in the SCADA controlled electric vehicle charging station (EVCS) with the performance analysis of three deep learning algorithms, namely deep neural network (DNN), 1D convolution neural network (CNN), and long short-term memory (LSTM) recurrent neural network. All three-deep learning-based simulated frameworks achieve around 97% average accuracy (ACC), more than 98% of the average area under the curve (AUC) and an average F1-score under 10-fold stratified cross-validation with an average false alarm rate (FAR) less than 1.88%. Ransomware driven distributed denial of service (DDoS) attack tends to shift the state of charge (SOC) profile by exceeding the SOC control thresholds. Also, ransomware driven false data injection (FDI) attack has the potential to damage the entire BES or physical system by manipulating the SOC control thresholds. It's a design choice and optimization issue that a deep learning algorithm can deploy based on the tradeoffs between performance metrics.
基于深度学习的电动汽车充电站SCADA系统中的勒索软件检测
监控和数据采集(SCADA)系统一直在不断利用网络架构、通信协议、下一代通信技术(5G、6G、Wi-Fi 6)和物联网(IoT)的发展。然而,SCADA系统已成为勒索软件攻击者最有利可图、最具诱惑力的目标。本文提出了基于深度学习的SCADA控制电动汽车充电站(EVCS)勒索软件检测框架,并对深度神经网络(DNN)、一维卷积神经网络(CNN)和长短期记忆(LSTM)递归神经网络三种深度学习算法的性能进行了分析。所有三种基于深度学习的模拟框架在10倍分层交叉验证下均达到97%左右的平均准确率(ACC),超过98%的平均曲线下面积(AUC)和平均f1分数,平均误报率(FAR)低于1.88%。勒索软件驱动的分布式拒绝服务(DDoS)攻击倾向于通过超过SOC控制阈值来改变荷电状态(SOC)配置文件。此外,勒索软件驱动的虚假数据注入(FDI)攻击有可能通过操纵SOC控制阈值来破坏整个BES或物理系统。这是一个设计选择和优化问题,深度学习算法可以基于性能指标之间的权衡来部署。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信