A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems. Issue 64 (January 2017)
- Record Type:
- Journal Article
- Title:
- A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems. Issue 64 (January 2017)
- Main Title:
- A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems
- Authors:
- Patel, Ahmed
Alhussian, Hitham
Pedersen, Jens Myrup
Bounabat, Bouchaib
Júnior, Joaquim Celestino
Katsikas, Sokratis - Abstract:
- Highlights: Precise review of Intrusion Detection and Prevention Systems for Smart Grid (SG) Presents the salient requirements for Collaborative Smart-IDPS (CSIDPS) for SG Defines a fully distributed management framework and architecture for SGs with CSIDPS Specifies CSIDPS design with autonomic and soft computing properties for SG Experimental results of CSIDPS exhibit decrease in false positive and negative alarms Abstract: Smart Grid (SG) systems are critical, intelligent infrastructure utility services connected through open networks that are potentially susceptible to cyber-attacks with very acute security risks of shutdown, loss of life, and loss of revenue. Traditional intrusion detection systems based on signature and anomaly techniques are no longer sufficient to protect SGs due to their new connectivity and management challenges, the ever-rapidly-evolving masquerades, and cyber criminality levied against them. SGs require cyber-security systems to render them resilient and protected through advanced Intrusion Detection and Prevention System (IDPS) techniques and mechanisms. This paper proposes a smart collaborative advanced IDPS to provide the best possible protection of SGs with a fully distributed management structure that supports the network and host based detections and the prevention of attacks. By facilitating a reliable, scalable, and flexible design, the specific requirements of IDPS for SGs can be more easily met via a fuzzy risk analyzer, an independentHighlights: Precise review of Intrusion Detection and Prevention Systems for Smart Grid (SG) Presents the salient requirements for Collaborative Smart-IDPS (CSIDPS) for SG Defines a fully distributed management framework and architecture for SGs with CSIDPS Specifies CSIDPS design with autonomic and soft computing properties for SG Experimental results of CSIDPS exhibit decrease in false positive and negative alarms Abstract: Smart Grid (SG) systems are critical, intelligent infrastructure utility services connected through open networks that are potentially susceptible to cyber-attacks with very acute security risks of shutdown, loss of life, and loss of revenue. Traditional intrusion detection systems based on signature and anomaly techniques are no longer sufficient to protect SGs due to their new connectivity and management challenges, the ever-rapidly-evolving masquerades, and cyber criminality levied against them. SGs require cyber-security systems to render them resilient and protected through advanced Intrusion Detection and Prevention System (IDPS) techniques and mechanisms. This paper proposes a smart collaborative advanced IDPS to provide the best possible protection of SGs with a fully distributed management structure that supports the network and host based detections and the prevention of attacks. By facilitating a reliable, scalable, and flexible design, the specific requirements of IDPS for SGs can be more easily met via a fuzzy risk analyzer, an independent and ontology knowledge-based inference engine module. These can work collaboratively by managing functions across multiple IDPS domains. A set of extensive and intensive simulated experiments shows that with its smart advanced components incorporating soft computing machine-learning techniques and a rich ontology knowledge base with fuzzy logic analysis, it detects and prevents intrusions more efficiently. The multi-faceted results of the simulation also show that the proposed Collaborative Smart IDPS (CSIDPS) system increases the intrusion detection accuracy and decreases the false positive alarms when compared to traditional IDPSs. This is epitomized by the skillful use of the confusion matrix technique for organizing classifiers, visualizing their performance, and assessing their overall behavior. In the final analysis, the CSIDPS architecture is designed toward contributing to de facto norms for SG ecosystems. … (more)
- Is Part Of:
- Computers & security. Issue 64(2017)
- Journal:
- Computers & security
- Issue:
- Issue 64(2017)
- Issue Display:
- Volume 64, Issue 64 (2017)
- Year:
- 2017
- Volume:
- 64
- Issue:
- 64
- Issue Sort Value:
- 2017-0064-0064-0000
- Page Start:
- 92
- Page End:
- 109
- Publication Date:
- 2017-01
- Subjects:
- Smart Grid (SG) -- Intrusion Detection and Prevention System (IDPS) -- Intelligent Collaborative Autonomic Management -- Risk assessment management -- Soft computing -- SCADA
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2016.07.002 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 2697.xml