2020
DOI: 10.3390/s20185305
|View full text |Cite
|
Sign up to set email alerts
|

Abstract: The advent of the Smart Grid (SG) raises severe cybersecurity risks that can lead to devastating consequences. In this paper, we present a novel anomaly-based Intrusion Detection System (IDS), called ARIES (smArt gRid Intrusion dEtection System), which is capable of protecting efficiently SG communications. ARIES combines three detection layers that are devoted to recognising possible cyberattacks and anomalies against (a) network flows, (b) Modbus/Transmission Control Protocol (TCP) packets and (c) operationa… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
27
0

Year Published

2021
2021
2023
2023

Publication Types

Select...
6
1

Relationship

2
5

Authors

Journals

citations
Cited by 34 publications
(27 citation statements)
references
References 59 publications
0
27
0
Order By: Relevance
“…Furthermore, apart from [44], [45], most of them either do not consider the SCADA protocols that constitute the root of the most anomalies/intrusions in CIs or cover them partially (i.e., they recognise only a few relevant attacks). Therefore, based on the aforementioned remarks, this paper extends our previous work in [46] by enhancing ARIESGAN and introducing an Autoencoder-GAN architecture with novel minimisation functions, taking into account both the adversarial error and the reconstruction difference. In particular, the proposed Autoencoder-GAN architecture was validated in four real SG evaluation environments that use the Modbus/TCP and DNP3 protocols.…”
Section: Related Workmentioning
confidence: 68%
See 2 more Smart Citations
“…Furthermore, apart from [44], [45], most of them either do not consider the SCADA protocols that constitute the root of the most anomalies/intrusions in CIs or cover them partially (i.e., they recognise only a few relevant attacks). Therefore, based on the aforementioned remarks, this paper extends our previous work in [46] by enhancing ARIESGAN and introducing an Autoencoder-GAN architecture with novel minimisation functions, taking into account both the adversarial error and the reconstruction difference. In particular, the proposed Autoencoder-GAN architecture was validated in four real SG evaluation environments that use the Modbus/TCP and DNP3 protocols.…”
Section: Related Workmentioning
confidence: 68%
“…In particular, for the anomaly detection, the following ML and DL methods were used: (a) Angle-Based Outlier Detection (ABOD) [54], [55], (b) Isolation Forest (Iforest) [56], (c) Principal Component Analysis (PCA) [57], (d) Minimum Covariance Determinant (MCD) [58], (e) Local Outlier Factor (LOF) [59], (f) DIDEROT Autoencoder [45], (g) ARIES GAN [46] and BlackBox IDS [60]. Similarly, for the anomaly classification, the subsequent methods were utilised: (a) Logistic Regression [61], (b) Linear Discriminant Analysis (LDA) [62], (c) Decision Tree Classifier [63], (d) Gaussian Naive Bayes (Gaussian NB) [64], (e) Support Vector Machine (SVM), (f) Random Forest [65], (g) Multilayer Perceptron (MLP) [66], (h) Adaptive Boosting (AdaBoost) [67], (i) Quadratic Discriminant Analysis [68], (j) Dense DNN ReLU [46] and (k) Dense DNN Tanh [46]. The DIDEROT Autoencoder and the ARIES GAN, Dense DNN Relu and Dense DNN Tanh originate from our previous works in [45] and [46], respectively.…”
Section: B Datasets and Comparative Methodsmentioning
confidence: 99%
See 1 more Smart Citation
“…The authors of [ 31 ] provided a Modbus TCP solution integrating trusted platform module (TPM) functions to ensure the correctness of sent messages and effectively resist man-in-the-middle attacks. The authors of [ 22 ] used machine learning and artificial intelligent technologies to implement an intrusion detection system by detecting Modbus TCP packets of possible network attacks and abnormality. In addition, industrial equipment interactively communicates with the SCADA system through the Modbus TCP/IP protocol, thus the authentication of the device can be realized on the Modbus TCP side.…”
Section: Related Workmentioning
confidence: 99%
“…The growing demand for automatic industrial control systems has brought SCADA from strictly isolated networks to the highly interconnected Internet [ 21 ]; thus, infrastructure is exposed to the risk of information security and may be attacked by hackers at any time, which will result in significant economic losses. However, with the rapid development of intelligent energy facilities (for example, smart grids and microgrids), the authors of [ 22 , 23 ] pointed out that the current open protocol Modbus TCP to deploy smart grids or microgrids can effectively improve the heterogeneity of the required hardware and software components. Modbus TCP currently plays an important role in the system integration of monitoring, operation, and maintenance in industrial applications.…”
Section: Introductionmentioning
confidence: 99%