Double-Edged Defense: Thwarting Cyber Attacks and Adversarial Machine Learning in IEC 60870-5-104 Smart Grids
Smart grids (SGs), a cornerstone of modern power systems, facilitate efficient management and distribution of electricity. Despite their advantages, increased connectivity and reliance on communication networks expand their susceptibility to cyber threats. Machine learning (ML) can radically transfo...
Main Authors: | , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
IEEE
2023-01-01
|
Series: | IEEE Open Journal of the Industrial Electronics Society |
Subjects: | |
Online Access: | https://ieeexplore.ieee.org/document/10328057/ |
_version_ | 1797339190751395840 |
---|---|
author | Hadir Teryak Abdullatif Albaseer Mohamed Abdallah Saif Al-Kuwari Marwa Qaraqe |
author_facet | Hadir Teryak Abdullatif Albaseer Mohamed Abdallah Saif Al-Kuwari Marwa Qaraqe |
author_sort | Hadir Teryak |
collection | DOAJ |
description | Smart grids (SGs), a cornerstone of modern power systems, facilitate efficient management and distribution of electricity. Despite their advantages, increased connectivity and reliance on communication networks expand their susceptibility to cyber threats. Machine learning (ML) can radically transform cyber security in SGs and secure protocols as in IEC 60870 standard, an international standard for electric power system communication. Notwithstanding, cyber adversaries are now exploiting ML-based intrusion detection systems (IDS) using adversarial ML attacks, potentially undermining SG security. This article addresses cyber attacks on the communication network of SGs, specifically targeting the IEC 60870-5-104 protocol. We introduce a novel ML-based IDS framework for the IEC 60870-5-104 protocol. Specifically, we employ an artificial neural network (ANN) to analyze a new and realistically representative dataset of IEC 60870-5-104 traffic data, unlike previous research that relies on simulated or unrelated data. This approach assists in identifying anomalies indicative of cyber attacks more accurately. Furthermore, we evaluate the resilience of our ANN model against adversarial attacks, including the fast gradient sign method, projected gradient descent, and Carlini and Wagner attacks. Our results demonstrate that the proposed framework can accurately detect cyber attacks and remains robust to adversarial attacks. This offers efficient and resilient IDS capabilities to detect and mitigate cyber attacks in real-world ML-based adversarial environments. |
first_indexed | 2024-03-08T09:42:22Z |
format | Article |
id | doaj.art-0e68e616b0eb44b6842d7239a4a18f95 |
institution | Directory Open Access Journal |
issn | 2644-1284 |
language | English |
last_indexed | 2024-03-08T09:42:22Z |
publishDate | 2023-01-01 |
publisher | IEEE |
record_format | Article |
series | IEEE Open Journal of the Industrial Electronics Society |
spelling | doaj.art-0e68e616b0eb44b6842d7239a4a18f952024-01-30T00:07:34ZengIEEEIEEE Open Journal of the Industrial Electronics Society2644-12842023-01-01462964210.1109/OJIES.2023.333623410328057Double-Edged Defense: Thwarting Cyber Attacks and Adversarial Machine Learning in IEC 60870-5-104 Smart GridsHadir Teryak0https://orcid.org/0009-0004-2221-8518Abdullatif Albaseer1https://orcid.org/0000-0002-6886-6500Mohamed Abdallah2https://orcid.org/0000-0002-3261-7588Saif Al-Kuwari3https://orcid.org/0000-0002-4402-7710Marwa Qaraqe4https://orcid.org/0000-0003-0767-2478Division of Information and Computing Technology, College of Science and Engineering, Hamad Bin Khlifa University, Doha, QatarDivision of Information and Computing Technology, College of Science and Engineering, Hamad Bin Khlifa University, Doha, QatarDivision of Information and Computing Technology, College of Science and Engineering, Hamad Bin Khlifa University, Doha, QatarDivision of Information and Computing Technology, College of Science and Engineering, Hamad Bin Khlifa University, Doha, QatarDivision of Information and Computing Technology, College of Science and Engineering, Hamad Bin Khlifa University, Doha, QatarSmart grids (SGs), a cornerstone of modern power systems, facilitate efficient management and distribution of electricity. Despite their advantages, increased connectivity and reliance on communication networks expand their susceptibility to cyber threats. Machine learning (ML) can radically transform cyber security in SGs and secure protocols as in IEC 60870 standard, an international standard for electric power system communication. Notwithstanding, cyber adversaries are now exploiting ML-based intrusion detection systems (IDS) using adversarial ML attacks, potentially undermining SG security. This article addresses cyber attacks on the communication network of SGs, specifically targeting the IEC 60870-5-104 protocol. We introduce a novel ML-based IDS framework for the IEC 60870-5-104 protocol. Specifically, we employ an artificial neural network (ANN) to analyze a new and realistically representative dataset of IEC 60870-5-104 traffic data, unlike previous research that relies on simulated or unrelated data. This approach assists in identifying anomalies indicative of cyber attacks more accurately. Furthermore, we evaluate the resilience of our ANN model against adversarial attacks, including the fast gradient sign method, projected gradient descent, and Carlini and Wagner attacks. Our results demonstrate that the proposed framework can accurately detect cyber attacks and remains robust to adversarial attacks. This offers efficient and resilient IDS capabilities to detect and mitigate cyber attacks in real-world ML-based adversarial environments.https://ieeexplore.ieee.org/document/10328057/Adversarial attacksdeep learningIEC 60870-5-104 protocolintrusion detection systems (IDS)machine learning (ML)smart grids (SGs) |
spellingShingle | Hadir Teryak Abdullatif Albaseer Mohamed Abdallah Saif Al-Kuwari Marwa Qaraqe Double-Edged Defense: Thwarting Cyber Attacks and Adversarial Machine Learning in IEC 60870-5-104 Smart Grids IEEE Open Journal of the Industrial Electronics Society Adversarial attacks deep learning IEC 60870-5-104 protocol intrusion detection systems (IDS) machine learning (ML) smart grids (SGs) |
title | Double-Edged Defense: Thwarting Cyber Attacks and Adversarial Machine Learning in IEC 60870-5-104 Smart Grids |
title_full | Double-Edged Defense: Thwarting Cyber Attacks and Adversarial Machine Learning in IEC 60870-5-104 Smart Grids |
title_fullStr | Double-Edged Defense: Thwarting Cyber Attacks and Adversarial Machine Learning in IEC 60870-5-104 Smart Grids |
title_full_unstemmed | Double-Edged Defense: Thwarting Cyber Attacks and Adversarial Machine Learning in IEC 60870-5-104 Smart Grids |
title_short | Double-Edged Defense: Thwarting Cyber Attacks and Adversarial Machine Learning in IEC 60870-5-104 Smart Grids |
title_sort | double edged defense thwarting cyber attacks and adversarial machine learning in iec 60870 5 104 smart grids |
topic | Adversarial attacks deep learning IEC 60870-5-104 protocol intrusion detection systems (IDS) machine learning (ML) smart grids (SGs) |
url | https://ieeexplore.ieee.org/document/10328057/ |
work_keys_str_mv | AT hadirteryak doubleedgeddefensethwartingcyberattacksandadversarialmachinelearninginiec608705104smartgrids AT abdullatifalbaseer doubleedgeddefensethwartingcyberattacksandadversarialmachinelearninginiec608705104smartgrids AT mohamedabdallah doubleedgeddefensethwartingcyberattacksandadversarialmachinelearninginiec608705104smartgrids AT saifalkuwari doubleedgeddefensethwartingcyberattacksandadversarialmachinelearninginiec608705104smartgrids AT marwaqaraqe doubleedgeddefensethwartingcyberattacksandadversarialmachinelearninginiec608705104smartgrids |