Vulnerability-based and Risk-Aware Honeynet Deployment Framework in Cyber-Physical Power Systems

IF 4.2 3区工程技术 Q2 ENGINEERING, ELECTRICAL & ELECTRONIC

Electric Power Systems Research Pub Date : 2025-09-16 DOI:10.1016/j.epsr.2025.112247

Zhengwei Qu , Jiawei Lv , Jie Yang , Kai Ma , Yunjing Wang

{"title":"Vulnerability-based and Risk-Aware Honeynet Deployment Framework in Cyber-Physical Power Systems","authors":"Zhengwei Qu , Jiawei Lv , Jie Yang , Kai Ma , Yunjing Wang","doi":"10.1016/j.epsr.2025.112247","DOIUrl":null,"url":null,"abstract":"<div><div>Honeynets are commonly employed to enhance network security. However, traditional honeynet deployment strategies lack quantitative assessment of cyber-physical cascading failures, limiting their effectiveness in mitigating chain reactions triggered by attacks. To address this limitation, this paper proposes an integrated defense framework that combines honeynet technology with Cyber-Physical Power Systems (CPPS) to counteract the impact of availability attacks. A static honeynet model based on node vulnerability is developed, incorporating features from both the information and physical layers to guide deployment. Additionally, a dynamic honeynet model based on node risk is proposed, and its protective performance across both layers is analyzed. The results demonstrate that the proposed approach significantly outperforms traditional honeynet strategies, offering improved defense capabilities. Through simulation experiments under resource constraints, the proposed method is shown to reduce load loss rates after availability attacks, enhance the residual connectivity of the information layer, and increase the total generator output. Furthermore, the defense effectiveness is maintained under varying attack intensities.</div></div>","PeriodicalId":50547,"journal":{"name":"Electric Power Systems Research","volume":"251 ","pages":"Article 112247"},"PeriodicalIF":4.2000,"publicationDate":"2025-09-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Electric Power Systems Research","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S037877962500834X","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

Honeynets are commonly employed to enhance network security. However, traditional honeynet deployment strategies lack quantitative assessment of cyber-physical cascading failures, limiting their effectiveness in mitigating chain reactions triggered by attacks. To address this limitation, this paper proposes an integrated defense framework that combines honeynet technology with Cyber-Physical Power Systems (CPPS) to counteract the impact of availability attacks. A static honeynet model based on node vulnerability is developed, incorporating features from both the information and physical layers to guide deployment. Additionally, a dynamic honeynet model based on node risk is proposed, and its protective performance across both layers is analyzed. The results demonstrate that the proposed approach significantly outperforms traditional honeynet strategies, offering improved defense capabilities. Through simulation experiments under resource constraints, the proposed method is shown to reduce load loss rates after availability attacks, enhance the residual connectivity of the information layer, and increase the total generator output. Furthermore, the defense effectiveness is maintained under varying attack intensities.

查看原文本刊更多论文

基于漏洞和风险感知的网络物理电力系统蜜网部署框架

蜜网通常用于增强网络安全。然而，传统的蜜网部署策略缺乏对网络物理级联故障的定量评估，限制了它们在减轻攻击引发的连锁反应方面的有效性。为了解决这一限制，本文提出了一个将蜜网技术与网络物理电力系统（CPPS）相结合的集成防御框架，以抵消可用性攻击的影响。提出了一种基于节点漏洞的静态蜜网模型，结合信息层和物理层的特征来指导部署。此外，提出了一种基于节点风险的动态蜜网模型，并对其跨两层的防护性能进行了分析。结果表明，该方法明显优于传统的蜜网策略，提供了改进的防御能力。在资源约束下的仿真实验表明，该方法降低了可用性攻击后的负载损失率，增强了信息层的剩余连通性，提高了发电机的总输出。此外，在不同的攻击强度下也能保持防御效能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Electric Power Systems Research 工程技术-工程：电子与电气

CiteScore

7.50

自引率

17.90%

发文量

963

审稿时长

3.8 months

期刊介绍： Electric Power Systems Research is an international medium for the publication of original papers concerned with the generation, transmission, distribution and utilization of electrical energy. The journal aims at presenting important results of work in this field, whether in the form of applied research, development of new procedures or components, orginal application of existing knowledge or new designapproaches. The scope of Electric Power Systems Research is broad, encompassing all aspects of electric power systems. The following list of topics is not intended to be exhaustive, but rather to indicate topics that fall within the journal purview. • Generation techniques ranging from advances in conventional electromechanical methods, through nuclear power generation, to renewable energy generation. • Transmission, spanning the broad area from UHV (ac and dc) to network operation and protection, line routing and design. • Substation work: equipment design, protection and control systems. • Distribution techniques, equipment development, and smart grids. • The utilization area from energy efficiency to distributed load levelling techniques. • Systems studies including control techniques, planning, optimization methods, stability, security assessment and insulation coordination.