SPEAR SIEM: A Security Information and Event Management system for the Smart Grid

Radoglou-Grammatikis, Panagiotis; Sarigiannidis, Panagiotis; Iturbe, Eider; Rios, Erkuden; Martinez, Saturnino; Sarigiannidis, Antonios; Eftathopoulos, Georgios; Spyridis, Yannis; Sesis, Achilleas; Vakakis, Nikolaos; Tzovaras, Dimitrios; Kafetzakis, Emmanouil; Giannoulakis, Ioannis; Tzifas, Michalis; Giannakoulias, Alkiviadis; Angelopoulos, Michail; Ramos, F.

doi:10.1016/j.comnet.2021.108008

Cited by 60 publications

(33 citation statements)

References 62 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Although the modern electrical grid has many advantages, such as ubiquitous control and self-healing, it poses significant cybersecurity concerns. The combination of unsecured communication protocols, IoT security vulnerabilities, and the rapid advancement of cyberattacks and malware, in particular, might have severe results, including widespread blackouts and brownouts [90]. Exploring blockchain cyber risks, vulnerabilities, and mitigations in the context of safeguarding the grid's edge and offering more secure transactive energy solutions would be a massive benefit to grid cybersecurity and resilience research [47].…”

Section: Cybersecuritymentioning

confidence: 99%

Blockchain-Based Smart Renewable Energy: Review of Operational and Transactional Challenges

Nepal

Yuangyai

Gyawali³

et al. 2022

Energies

View full text Add to dashboard Cite

Blockchain has peculiar characteristics among various digital technologies due to its decentralised and cryptographic properties. The combination of intelligent energy systems and blockchain can innovate new forms of transactive energy and navigate the digital journey to transform the future of renewable energy systems. This review studies various blockchain implementations in the smart energy domain and presents the findings on operational and transactional challenges in a blockchain-based smart renewable energy system. We also identify the differences between operations and transactions in smart energy systems. Furthermore, we identify the most pronounced cryptocurrencies in different studies. The findings highlighted various challenges concerning the implementation of blockchain-based smart energy systems. We identified how these challenges spawn across operational and transactional deliverables. Building on these findings, we discuss various challenges impacting the operational and transactional domains, which we believe have significant value for researchers, practitioners, policy makers, entrepreneurs, and start-ups. It will provide long-term benefits to humankind in fulfilling energy requirements, promoting sustainable energy use by developing countermeasures to combat identified challenges and leveraging the optimal use of blockchain technology.

show abstract

Section: Cybersecuritymentioning

confidence: 99%

Blockchain-Based Smart Renewable Energy: Review of Operational and Transactional Challenges

Nepal

Yuangyai

Gyawali³

et al. 2022

Energies

View full text Add to dashboard Cite

show abstract

“…IDS, firewalls, etc), normalization of the data to a common format and finally synchronization of associated event fields (e.g. timestamps) for further data processing and for performing alert correlation [18], [19]. Apart from data gathering, attack modeling is also important for contextual detection.…”

Section: B Contextual Detection Of Cyber Attacksmentioning

confidence: 99%

On Holistic Multi-Step Cyberattack Detection via a Graph-based Correlation Approach

Sen

Eze

Ulbig

et al. 2022

2022 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)

View full text Add to dashboard Cite

While digitization of distribution grids through information and communications technology brings numerous benefits, it also increases the grid's vulnerability to serious cyber attacks. Unlike conventional systems, attacks on many industrial control systems such as power grids often occur in multiple stages, with the attacker taking several steps at once to achieve its goal. Detection mechanisms with situational awareness are needed to detect orchestrated attack steps as part of a coherent attack campaign. To provide a foundation for detection and prevention of such attacks, this paper addresses the detection of multi-stage cyber attacks with the aid of a graph-based cyber intelligence database and alert correlation approach. Specifically, we propose an approach to detect multi-stage attacks by leveraging heterogeneous data to form a knowledge base and employ a model-based correlation approach on the generated alerts to identify multi-stage cyber attack sequences taking place in the network. We investigate the detection quality of the proposed approach by using a case study of a multi-stage cyber attack campaign in a future-orientated power grid pilot.

show abstract

“…SIEM challenges will continue to evolve as security managers grapple with cloud services, mobile, the Internet of Things, and other new technologies the IT department does not always control. IoT will be a huge factor as it drives the number of endpoints vulnerable to attackers [ 111 , 112 ]. It gets harder for cybercriminals to infiltrate computers but is still fairly easy to hack cameras, refrigerators, microwaves, Bluetooth tools, and other connected devices and use them as an attack vector.…”

Section: The Future Of Siemsmentioning

confidence: 99%

Security Information and Event Management (SIEM): Analysis, Trends, and Usage in Critical Infrastructures

González-Granadillo

González-Zarzosa

Díaz

2021

Sensors

116

View full text Add to dashboard Cite

Security Information and Event Management (SIEM) systems have been widely deployed as a powerful tool to prevent, detect, and react against cyber-attacks. SIEM solutions have evolved to become comprehensive systems that provide a wide visibility to identify areas of high risks and proactively focus on mitigation strategies aiming at reducing costs and time for incident response. Currently, SIEM systems and related solutions are slowly converging with big data analytics tools. We survey the most widely used SIEMs regarding their critical functionality and provide an analysis of external factors affecting the SIEM landscape in mid and long-term. A list of potential enhancements for the next generation of SIEMs is provided as part of the review of existing solutions as well as an analysis on their benefits and usage in critical infrastructures.

show abstract

SPEAR SIEM: A Security Information and Event Management system for the Smart Grid

Cited by 60 publications

References 62 publications

Blockchain-Based Smart Renewable Energy: Review of Operational and Transactional Challenges

Blockchain-Based Smart Renewable Energy: Review of Operational and Transactional Challenges

On Holistic Multi-Step Cyberattack Detection via a Graph-based Correlation Approach

Security Information and Event Management (SIEM): Analysis, Trends, and Usage in Critical Infrastructures

Contact Info

Product

Resources

About