{"title":"保护智能电网通信的移动目标防御:架构、实施和评估","authors":"Aswin Chidambaram Pappa, A. Ashok, G. Manimaran","doi":"10.1109/ISGT.2017.8085954","DOIUrl":null,"url":null,"abstract":"Supervisory Control and Data Acquisition(SCADA) communications are often subjected to various sophisticated cyber-attacks mostly because of their static system characteristics, enabling an attacker for easier profiling of the target system(s) and thereby impacting the Critical Infrastructures(CI). In this Paper, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, leveraging the existing communication network with an end-to-end IP-Hopping technique among trusted peers. The main contribution involves the design and implementation of MTD Architecture on Iowa State's PowerCyber testbed for targeted cyber-attacks, without compromising the availability of a SCADA system and studying the delay and throughput characteristics for different hopping rates in a realistic environment. Finally, we study two cases and provide mitigations for potential weaknesses of the proposed mechanism. Also, we propose to incorporate port mutation to further increase attack complexity as part of future work.","PeriodicalId":296398,"journal":{"name":"2017 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-04-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"Moving target defense for securing smart grid communications: Architecture, implementation & evaluation\",\"authors\":\"Aswin Chidambaram Pappa, A. Ashok, G. Manimaran\",\"doi\":\"10.1109/ISGT.2017.8085954\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Supervisory Control and Data Acquisition(SCADA) communications are often subjected to various sophisticated cyber-attacks mostly because of their static system characteristics, enabling an attacker for easier profiling of the target system(s) and thereby impacting the Critical Infrastructures(CI). In this Paper, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, leveraging the existing communication network with an end-to-end IP-Hopping technique among trusted peers. The main contribution involves the design and implementation of MTD Architecture on Iowa State's PowerCyber testbed for targeted cyber-attacks, without compromising the availability of a SCADA system and studying the delay and throughput characteristics for different hopping rates in a realistic environment. Finally, we study two cases and provide mitigations for potential weaknesses of the proposed mechanism. Also, we propose to incorporate port mutation to further increase attack complexity as part of future work.\",\"PeriodicalId\":296398,\"journal\":{\"name\":\"2017 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-04-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISGT.2017.8085954\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISGT.2017.8085954","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Supervisory Control and Data Acquisition(SCADA) communications are often subjected to various sophisticated cyber-attacks mostly because of their static system characteristics, enabling an attacker for easier profiling of the target system(s) and thereby impacting the Critical Infrastructures(CI). In this Paper, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, leveraging the existing communication network with an end-to-end IP-Hopping technique among trusted peers. The main contribution involves the design and implementation of MTD Architecture on Iowa State's PowerCyber testbed for targeted cyber-attacks, without compromising the availability of a SCADA system and studying the delay and throughput characteristics for different hopping rates in a realistic environment. Finally, we study two cases and provide mitigations for potential weaknesses of the proposed mechanism. Also, we propose to incorporate port mutation to further increase attack complexity as part of future work.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
