针对能源网络物理系统中智能入侵检测模块增强弹性的针对性攻击

2017 19th International Conference on Intelligent System Application to Power Systems (ISAP) Pub Date : 2017-09-01 DOI:10.1109/ISAP.2017.8071363

M. E. Hariri, Eric Harmon, H. Habib, T. Youssef, Osama A. Mohammed

{"title":"针对能源网络物理系统中智能入侵检测模块增强弹性的针对性攻击","authors":"M. E. Hariri, Eric Harmon, H. Habib, T. Youssef, Osama A. Mohammed","doi":"10.1109/ISAP.2017.8071363","DOIUrl":null,"url":null,"abstract":"Secure high-speed communication is required to ensure proper operation of complex power grid systems and prevent malicious tampering activities. In this paper, artificial neural networks with temporal dependency are introduced for false data identification and mitigation for broadcasted IEC 61850 SMV messages. The fast responses of such intelligent modules in intrusion detection make them suitable for time-critical applications, such as protection. However, care must be taken in selecting the appropriate intelligence model and decision criteria. As such, this paper presents a customizable malware script to sniff and manipulate SMV messages and demonstrates the ability of the malware to trigger false positives in the neural network's response. The malware developed is intended to be as a vaccine to harden the intrusion detection system against data manipulation attacks by enhancing the neural network's ability to learn and adapt to these attacks.","PeriodicalId":257100,"journal":{"name":"2017 19th International Conference on Intelligent System Application to Power Systems (ISAP)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"A targeted attack for enhancing resiliency of intelligent intrusion detection modules in energy cyber physical systems\",\"authors\":\"M. E. Hariri, Eric Harmon, H. Habib, T. Youssef, Osama A. Mohammed\",\"doi\":\"10.1109/ISAP.2017.8071363\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Secure high-speed communication is required to ensure proper operation of complex power grid systems and prevent malicious tampering activities. In this paper, artificial neural networks with temporal dependency are introduced for false data identification and mitigation for broadcasted IEC 61850 SMV messages. The fast responses of such intelligent modules in intrusion detection make them suitable for time-critical applications, such as protection. However, care must be taken in selecting the appropriate intelligence model and decision criteria. As such, this paper presents a customizable malware script to sniff and manipulate SMV messages and demonstrates the ability of the malware to trigger false positives in the neural network's response. The malware developed is intended to be as a vaccine to harden the intrusion detection system against data manipulation attacks by enhancing the neural network's ability to learn and adapt to these attacks.\",\"PeriodicalId\":257100,\"journal\":{\"name\":\"2017 19th International Conference on Intelligent System Application to Power Systems (ISAP)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 19th International Conference on Intelligent System Application to Power Systems (ISAP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISAP.2017.8071363\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 19th International Conference on Intelligent System Application to Power Systems (ISAP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISAP.2017.8071363","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 14

摘要

为了保证复杂电网系统的正常运行和防止恶意篡改活动，需要安全的高速通信。本文引入了具有时间依赖关系的人工神经网络，用于iec61850 SMV广播报文的错误数据识别和缓解。这种智能模块在入侵检测中的快速响应使其适合于时间要求严格的应用，例如保护。然而，在选择适当的情报模型和决策标准时必须小心。因此，本文提出了一个可定制的恶意软件脚本来嗅探和操纵SMV消息，并演示了恶意软件在神经网络响应中触发误报的能力。开发的恶意软件旨在通过增强神经网络学习和适应这些攻击的能力，作为加强入侵检测系统抵御数据操纵攻击的疫苗。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A targeted attack for enhancing resiliency of intelligent intrusion detection modules in energy cyber physical systems

Secure high-speed communication is required to ensure proper operation of complex power grid systems and prevent malicious tampering activities. In this paper, artificial neural networks with temporal dependency are introduced for false data identification and mitigation for broadcasted IEC 61850 SMV messages. The fast responses of such intelligent modules in intrusion detection make them suitable for time-critical applications, such as protection. However, care must be taken in selecting the appropriate intelligence model and decision criteria. As such, this paper presents a customizable malware script to sniff and manipulate SMV messages and demonstrates the ability of the malware to trigger false positives in the neural network's response. The malware developed is intended to be as a vaccine to harden the intrusion detection system against data manipulation attacks by enhancing the neural network's ability to learn and adapt to these attacks.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 19th International Conference on Intelligent System Application to Power Systems (ISAP)

自引率

0.00%

发文量