Robust Cyber Threat Intelligence Sharing Using Federated Learning for Smart Grids

IF 4.5 2区计算机科学 Q1 COMPUTER SCIENCE, CYBERNETICS

IEEE Transactions on Computational Social Systems Pub Date : 2024-12-02 DOI:10.1109/TCSS.2024.3496746

Saifur Rahman;Shantanu Pal;Zahra Jadidi;Chandan Karmakar

{"title":"Robust Cyber Threat Intelligence Sharing Using Federated Learning for Smart Grids","authors":"Saifur Rahman;Shantanu Pal;Zahra Jadidi;Chandan Karmakar","doi":"10.1109/TCSS.2024.3496746","DOIUrl":null,"url":null,"abstract":"Given the escalating diversity, sophistication, and frequency of cyber attacks, it is imperative for critical infrastructure entities, e.g. smart grids, to recognize the inherent risks of operating in isolation. Sharing cyber threat intelligence (CTI) helps them stand together and build a collective cyber defense by knowledge, skills, and experience encompassing information related to identifying and evaluating cyber and physical threats. The present studies lack on robust CTI sharing strategies in smart grid systems. To address the critical need for secure and effective CTI sharing in smart grid systems, this article proposes a novel approach. Our solution leverages encrypted federated learning (FL) with integrated malicious client detection mechanisms. This approach facilitates collaborative learning of a threat detection model while preserving the privacy of raw CTI data. Employing real-world, heterogeneous smart grid datasets, we rigorously evaluated our approach under two distinct attack scenarios. The results demonstrate resilience against both man-in-the-middle attacks and malicious clients, exceeding the performance typically observed in traditional FL models.","PeriodicalId":13044,"journal":{"name":"IEEE Transactions on Computational Social Systems","volume":"12 2","pages":"635-644"},"PeriodicalIF":4.5000,"publicationDate":"2024-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Computational Social Systems","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10772305/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, CYBERNETICS","Score":null,"Total":0}

引用次数: 0

Abstract

Given the escalating diversity, sophistication, and frequency of cyber attacks, it is imperative for critical infrastructure entities, e.g. smart grids, to recognize the inherent risks of operating in isolation. Sharing cyber threat intelligence (CTI) helps them stand together and build a collective cyber defense by knowledge, skills, and experience encompassing information related to identifying and evaluating cyber and physical threats. The present studies lack on robust CTI sharing strategies in smart grid systems. To address the critical need for secure and effective CTI sharing in smart grid systems, this article proposes a novel approach. Our solution leverages encrypted federated learning (FL) with integrated malicious client detection mechanisms. This approach facilitates collaborative learning of a threat detection model while preserving the privacy of raw CTI data. Employing real-world, heterogeneous smart grid datasets, we rigorously evaluated our approach under two distinct attack scenarios. The results demonstrate resilience against both man-in-the-middle attacks and malicious clients, exceeding the performance typically observed in traditional FL models.

查看原文本刊更多论文

基于联邦学习的智能电网鲁棒网络威胁情报共享

鉴于网络攻击的多样性、复杂性和频率不断升级，关键基础设施实体（如智能电网）必须认识到孤立运行的内在风险。CTI （cyber threat intelligence）信息共享，可以帮助他们通过知识、技能和经验，结合网络和物理威胁的识别和评估信息，共同构建集体网络防御。目前的研究缺乏对智能电网系统中鲁棒CTI共享策略的研究。为了解决智能电网系统中安全有效的CTI共享的关键需求，本文提出了一种新的方法。我们的解决方案利用加密联邦学习（FL）和集成的恶意客户端检测机制。这种方法促进了威胁检测模型的协作学习，同时保留了原始CTI数据的隐私性。采用真实世界的异构智能电网数据集，我们在两种不同的攻击场景下严格评估了我们的方法。结果显示了针对中间人攻击和恶意客户端的弹性，超过了传统FL模型中通常观察到的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Computational Social Systems Social Sciences-Social Sciences (miscellaneous)

CiteScore

10.00

自引率

20.00%

发文量

316

期刊介绍： IEEE Transactions on Computational Social Systems focuses on such topics as modeling, simulation, analysis and understanding of social systems from the quantitative and/or computational perspective. "Systems" include man-man, man-machine and machine-machine organizations and adversarial situations as well as social media structures and their dynamics. More specifically, the proposed transactions publishes articles on modeling the dynamics of social systems, methodologies for incorporating and representing socio-cultural and behavioral aspects in computational modeling, analysis of social system behavior and structure, and paradigms for social systems modeling and simulation. The journal also features articles on social network dynamics, social intelligence and cognition, social systems design and architectures, socio-cultural modeling and representation, and computational behavior modeling, and their applications.