All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Accurate Automata-Based Detection of Cyber Threats in Smart Grid Communication

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F22%3APU145949" target="_blank" >RIV/00216305:26230/22:PU145949 - isvavai.cz</a>

  • Result on the web

    <a href="https://ieeexplore.ieee.org/document/9927376" target="_blank" >https://ieeexplore.ieee.org/document/9927376</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1109/TSG.2022.3216726" target="_blank" >10.1109/TSG.2022.3216726</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Accurate Automata-Based Detection of Cyber Threats in Smart Grid Communication

  • Original language description

    Several industry sectors, including critical infrastructure, have experienced severe cyber attacks against their Industrial Control  Systems (ICS) due to the malware that masqueraded itself as a legitimate ICS process and communicated with valid ICS messages. Such behavior is difficult to detect by standard techniques. Intrusion Detection Systems (IDS) usually filter illegitimate communication using pre-defined patterns while statistical-based Anomaly Detection Systems (ADS) mostly observe selected attributes of transmitted packets without deeper analysis of ICS messages. We propose a new detection approach based on Deterministic Probabilistic Automata (DPAs) that capture the intended semantics of the ICS message exchange. The method models normal ICS message sequences using a set of DPAs representing expected traffic patterns. Then the detection system applies reasoning about the model to reveal a malicious activity in the ICS traffic expressed by unexpected ICS messages. In this paper, we significantly improve the performance of the automata-based detection method and reduce its false-positive rate. We also present a technique that produces additional details about detected anomalies, which is important for real-world deployment. The approach is demonstrated on IEC 104 or MMS communication from different ICS systems.

  • Czech name

  • Czech description

Classification

  • Type

    J<sub>SC</sub> - Article in a specialist periodical, which is included in the SCOPUS database

  • CEP classification

  • OECD FORD branch

    20206 - Computer hardware and architecture

Result continuities

  • Project

    <a href="/en/project/VI20192022138" target="_blank" >VI20192022138: Security monitoring of ICS communication in the smart grid</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2022

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Name of the periodical

    IEEE Transactions on Smart Grid

  • ISSN

    1949-3053

  • e-ISSN

    1949-3061

  • Volume of the periodical

    2022

  • Issue of the periodical within the volume

    1

  • Country of publishing house

    US - UNITED STATES

  • Number of pages

    14

  • Pages from-to

    1-14

  • UT code for WoS article

  • EID of the result in the Scopus database

    2-s2.0-85141545608

Similar results(10)

Efficient Modelling of ICS Communication For Anomaly Detection Using Probabilistic AutomataAnomaly Detection of ICS Communication Using Statistical ModelsLearning Probabilistic Automata in the Context of IEC 104