Ömer Sen scite author profile

While digitization of distribution grids through information and communications technology brings numerous benefits, it also increases the grid's vulnerability to serious cyber attacks. Unlike conventional systems, attacks on many industrial control systems such as power grids often occur in multiple stages, with the attacker taking several steps at once to achieve its goal. Detection mechanisms with situational awareness are needed to detect orchestrated attack steps as part of a coherent attack campaign. To provide a foundation for detection and prevention of such attacks, this paper addresses the detection of multi-stage cyber attacks with the aid of a graph-based cyber intelligence database and alert correlation approach. Specifically, we propose an approach to detect multi-stage attacks by leveraging heterogeneous data to form a knowledge base and employ a model-based correlation approach on the generated alerts to identify multi-stage cyber attack sequences taking place in the network. We investigate the detection quality of the proposed approach by using a case study of a multi-stage cyber attack campaign in a future-orientated power grid pilot.

show abstract

Investigating Man-in-the-Middle-based False Data Injection in a Smart Grid Laboratory Environment

Sen¹,

Velde²,

Linnartz³

et al. 2021

View full text Add to dashboard Cite

Investigating the Cybersecurity of Smart Grids Based on Cyber-Physical Twin Approach

Sen

Carere

Santori

et al. 2022

View full text Add to dashboard Cite

While the increasing penetration of information and communication technology into distribution grid brings numerous benefits, it also opens up a new threat landscape, particularly through cyberattacks. To provide a basis for countermeasures against such threats, this paper addresses the investigation of the impact and manifestations of cyberattacks on smart grids by replicating the power grid in a secure, isolated, and controlled laboratory environment as a cyber-physical twin. Currently, detecting intrusions by unauthorized third parties into the central monitoring and control system of grid operators, especially attacks within the grid perimeter, is a major challenge. The development and validation of methods to detect and prevent coordinated and timed attacks on electric power systems depends not only on the availability and quality of data from such attack scenarios, but also on suitable realistic investigation environments. However, to create a comprehensive investigation environment, a realistic representation of the study object is required to thoroughly investigate critical cyberattacks on grid operations and evaluate their impact on the power grid using real data. In this paper, we demonstrate our cyber-physical twin approach using a microgrid in the context of a cyberattack case study.

show abstract

An Approach of Replicating Multi-Staged Cyber-Attacks and Countermeasures in a Smart Grid Co-Simulation Environment

Sen

Velde²,

N.³

et al. 2021

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ömer Sen

Graph-based Model of Smart Grid Architectures

On using contextual correlation to detect multi-stage cyber attacks in smart grids

Towards an Approach to Contextual Detection of Multi-Stage Cyber Attacks in Smart Grids

Towards a Scalable and Flexible Smart Grid Co-Simulation Environment to Investigate Communication Infrastructures for Resilient Distribution Grid Operation

On Holistic Multi-Step Cyberattack Detection via a Graph-based Correlation Approach

Investigating Man-in-the-Middle-based False Data Injection in a Smart Grid Laboratory Environment

Investigating the Cybersecurity of Smart Grids Based on Cyber-Physical Twin Approach

An Approach of Replicating Multi-Staged Cyber-Attacks and Countermeasures in a Smart Grid Co-Simulation Environment

Contact Info

Product

Resources

About