More Like this

1. Detecting Injection Attacks in ADS-B Devices Using RNN-Based Models

   https://doi.org/10.1109/ICNS60906.2024.10550816  

   Khoei, Tala Talaei; Ould_Slimane, Hadjar; Shamaileh, Khair Al; Kumar_Devabhaktuni, Vijaya; Kaabouch, Naima (April 2024, IEEE)

   The Automatic Dependent Surveillance Broadcast (ADS-B) system is a critical communication and surveillance technology used in the Next Generation (NextGen) project as it improves the accuracy and efficiency of air navigation. These systems allow air traffic controllers to have more precise and real-time information on the location and movement of aircraft, leading to increased safety and improved efficiency in the airspace. While ADS-B has been made mandatory for all aircraft in the Federal Aviation Administration (FAA) monitored airspace, its lack of security measures leaves it vulnerable to cybersecurity threats. Particularly, ADS-B signals are susceptible to false data injection attacks due to the lack of authentication and integrity measures, which poses a serious threat to the safety of the National Airspace System (NAS). Many studies have attempted to address these vulnerabilities; however, machine learning and deep learning approaches have gained significant interest due to their ability to enhance security without modifying the existing infrastructure. This paper investigates the use of Recurrent Neural Networks for detecting injection attacks in ADS-B data, leveraging the time-dependent nature of the data. The paper reviews previous studies that used different machine learning and deep learning techniques and presents the potential benefits of using RNN algorithms to improve ADS-B security. 

   more » « less
2. An Efficient Computational Strategy for Cyber-Physical Contingency Analysis in Smart Grids

   https://doi.org/10.1109/PESGM46819.2021.9637857  

   Emadi, Hamid; Clanin, Joe; Hyder, Burhan; Khanna, Kush; Govindarasu, Manimaran; Bhattacharya, Sourabh (July 2021, IEEE PES General Meeting)

   The increasing penetration of cyber systems into smart grids has resulted in these grids being more vulnerable to cyber physical attacks. The central challenge of higher order cyber-physical contingency analysis is the exponential blow-up of the attack surface due to a large number of attack vectors. This gives rise to computational challenges in devising efficient attack mitigation strategies. However, a system operator can leverage private information about the underlying network to maintain a strategic advantage over an adversary equipped with superior computational capability and situational awareness. In this work, we examine the following scenario: A malicious entity intrudes the cyber-layer of a power network and trips the transmission lines. The objective of the system operator is to deploy security measures in the cyber-layer to minimize the impact of such attacks. Due to budget constraints, the attacker and the system operator have limits on the maximum number of transmission lines they can attack or defend. We model this adversarial interaction as a resource-constrained attacker-defender game. The computational intractability of solving large security games is well known. However, we exploit the approximately modular behavior of an impact metric known as the disturbance value to arrive at a linear-time algorithm for computing an optimal defense strategy. We validate the efficacy of the proposed strategy against attackers of various capabilities and provide an algorithm for a real-time implementation. 

   more » « less
3. iPUF: A Novel Security-by-Design Paradigm to Mitigate Data Manipulation and External Attacks in Cyber-Physical Systems

   Aarella, S G; Agarwal, S; Mohanty, S P; Kougianos, E; Iyer, V; Rout, B (February 2025, IEEE)

   Amsaad, F; Abdelgawad, A; Jamil, A (Ed.)

   Fault Injection attack is a type of side-channel attack on the Physical Unclonable Function (PUF) module that can induce faults in the PUF response by manipulating the PUF circuit behavior through voltage glitches, laser attacks, temperature manipulations, or any other attacks potentially leading to information loss or security system failure. This type of attack exposes the physical characteristics of PUFs that can be analyzed to predict or compromise the unique challenge response pairs (CRPs) reducing the security and reliability of the PUF. Mitigation strategies against such attacks typically include adding noise to the PUF output, using error-correcting codes, or enhanced cryptographic protocols that obscure physical side-channel attacks. In this research, we propose a Generative Adversarial Network (GAN) based security model, that monitors the PUF behavior and detects the variations in PUF response. The model can detect glitches in the PUF response and generate alerts to take mitigation measures. 

   more » « less
4. A Four-layer Cyber-physical Security Model for Electric Machine Drives considering Control Information Flow

   https://doi.org/10.1109/JESTPE.2024.3366089  

   Yang, Bowen; Yang, He; Ye, Jin (January 2024, IEEE Journal of Emerging and Selected Topics in Power Electronics)

   Despite the IEEE Power Electronics Society (PELS) establishing Technical Committee 10 on Design Methodologies with a focus on the cyber-physical security of power electronics systems, a holistic design methodology for addressing security vulnerabilities remains underdeveloped. This gap largely stems from the limited integration of computer science and power/control engineering studies in this interdisciplinary field. Addressing the inadequacy of unilateral cyber or control perspectives, this paper presents a novel four-layer cyber-physical security model specifically designed for electric machine drives. Central to this model is the innovative Control Information Flow (CIF) model, residing within the control layer, which serves as a pivotal link between the cyber layer’s vulnerable resources and the physical layer’s state-space models. By mapping vulnerable resources to control variable space and tracing attack propagation, the CIF model facilitates accurate impact predictions based on tainted control laws. The effectiveness and validity of this proposed model are demonstrated through hardware experiments involving two typical cyber-attack scenarios, underscoring its potential as a comprehensive framework for multidisciplinary security strategies. 

   more » « less
5. Recent Advances in Cyberattack Detection and Mitigation Techniques for Renewable Photovoltaic Distributed Energy CPS

   Jessica Whitaker and Danda B. Rawat (June 2023, Computing Conference)

   Cyberattacks targeted to the energy cyber-physical system (ECPS), also known as the smart grid, could interrupt the electricity supply with major ramifications. Attackers identify and exploit any vulnerable portion of the energy power grid, including the inverters with solar-powered photovoltaic (PV) panels. PV presents unique challenges as electricity consumers have also become providers of solar energy for utilities. As mandates require increased PV penetration across the world for positive environmental impacts, increased cyberattacks targeted at PV systems impact reliability and efficiency within the ECPS. The new technologies continuously being introduced to manage the ECPS and ensure bi-directional communications and energy flow between components also lead to more attack surfaces, system vulnerabilities, and heightened malicious attacks. Data integrity attacks are increasing within PV systems. In this paper, we present a survey of different methods that are proposed and explored for identifying and preventing cyberattacks targeted at PV systems. The attack detection methods include voltage control, data diodes, and voltage measurement algorithms. Furthermore, we present blockchain, cyber switching, and other attack mitigation techniques for PV systems. 

   more » « less