2021
DOI: 10.48550/arxiv.2102.11455
|View full text |Cite
Preprint
|
Sign up to set email alerts
|

Man-in-The-Middle Attacks and Defense in a Power System Cyber-Physical Testbed

Patrick Wlazlo,
Abhijeet Sahu,
Zeyu Mao
et al.

Abstract: Man-in-The-Middle (MiTM) attacks present numerous threats to a smart grid. In a MiTM attack, an intruder embeds itself within a conversation between two devices to either eavesdrop or impersonate one of the devices, making it appear to be a normal exchange of information. Thus, the intruder can perform false data injection (FDI) and false command injection (FCI) attacks that can compromise power system operations, such as state estimation, economic dispatch, and automatic generation control (AGC). Very few res… Show more

Help me understand this report
View published versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
5
0

Year Published

2021
2021
2023
2023

Publication Types

Select...
3
1

Relationship

1
3

Authors

Journals

citations
Cited by 4 publications
(5 citation statements)
references
References 14 publications
0
5
0
Order By: Relevance
“…The evidences are collected at three locations: DNP3 Master, Substation Router, and server hosting PWDS. Details on the testbed's architecture, use cases, and fusion are published in [11,21,33], respectively.…”
Section: Testbed Architecturementioning
confidence: 99%
See 1 more Smart Citation
“…The evidences are collected at three locations: DNP3 Master, Substation Router, and server hosting PWDS. Details on the testbed's architecture, use cases, and fusion are published in [11,21,33], respectively.…”
Section: Testbed Architecturementioning
confidence: 99%
“…The objective of the intruder is to disrupt grid operations through False Command and Data Injection, whose impacts are detailed in [21,33]. Four use cases with this threat model are considered here.…”
Section: Threat Model: Modifying Measurements and Commandsmentioning
confidence: 99%
“…In addition, studies have been conducted on synthesis frameworks for specific attack vectors [23] as well as on an automated marking process for deployed protocol-specific attack [13]. In this context, research on stealthy MITM attacks for FDI in DNP3 or Profinet is also conducted in a cyber-physical test environment to analyze the impact on latency [24] or generate datasets for datadriven detection approaches [25]. Many of the related works involve the study of cyber-attacks on power grids for data generation and consequence analysis.…”
Section: Related Workmentioning
confidence: 99%
“…Another prominent assault against remote access services is the dictionary attack, which uses a dictionary or word list to guess a password, allowing attackers to take over the server remotely. Another type of cyberattack is the man in the middle (MitM) attack, which aims to exploit communication between two endpoints by intercepting and eavesdropping on legal nodes [15,16]. In the most recent attack against IIoT applications, many power plants in Ukraine were reportedly infiltrated, resulting in a power outage affecting around 225,000 clients [17].…”
Section: Introductionmentioning
confidence: 99%