File Download

There are no files associated with this item.

  Links for fulltext
     (May Require Subscription)
Supplementary

Article: Multi-Scale Traffic Aware Cybersecurity Situational Awareness Online Model for Intelligent Power Substation Communication Network

TitleMulti-Scale Traffic Aware Cybersecurity Situational Awareness Online Model for Intelligent Power Substation Communication Network
Authors
KeywordsAnomaly detection
cybersecurity
risk analysis
substation communication network (SCN)
traffic pattern analysis
Issue Date2023
Citation
IEEE Internet of Things Journal, 2023, v. 10, n. 2, p. 1666-1681 How to Cite?
AbstractSubstation communication network (SCN) provides real-time, high-speed, and reliable data transmissions for the advanced monitoring and control functionalities, which are facing increasing cyberspace threats and attacks. Efficient threat perception and cyber situational awareness are essential to enhance secure and reliable SCN operations. This article explores multiscale SCN traffic pattern characteristics with holistic network traffic, separated network traffic for included devices (especially IoT devices) and separated network traffic of certain types of protocol. The proposed online traffic-oriented SCN traffic anomaly detection and cyber situational awareness models are designed for the network anomalies and cyber-attacks that could cause network traffic pattern variations. We leverage a fractional autoregressive integration moving average (FARIMA)-based dynamic threshold model to detect abnormal traffic patterns without sophisticated computations or deep packet inspection. The SCN real-time operation conditions are timely quantified through the statistical methods with the alliance of SCN topology and protocols. The cyber situational awareness model is further carried out to evaluate the most affected protocol and security risks of various devices in SCN using Grubbs' test. The experiment results are carried out based on a real 110-kV intelligent power substation. The numerical results confirm the comparative low mean square error (MSE) and low complexity of the online traffic characterization when forecasting holistic network traffic and separated network traffics. Furthermore, the timely and quantified cybersecurity risk analysis is conducted based on the SCN traffic with varying scales to detect cyberspace threats and identify the high-risk SCN devices and the most affected protocol.
Persistent Identifierhttp://hdl.handle.net/10722/336334
ISI Accession Number ID

 

DC FieldValueLanguage
dc.contributor.authorHao, Weijie-
dc.contributor.authorYang, Qiang-
dc.contributor.authorLi, Zhiyi-
dc.contributor.authorHu, Shiyan-
dc.contributor.authorLiu, Bo-
dc.contributor.authorRuan, Wei-
dc.date.accessioned2024-01-15T08:25:43Z-
dc.date.available2024-01-15T08:25:43Z-
dc.date.issued2023-
dc.identifier.citationIEEE Internet of Things Journal, 2023, v. 10, n. 2, p. 1666-1681-
dc.identifier.urihttp://hdl.handle.net/10722/336334-
dc.description.abstractSubstation communication network (SCN) provides real-time, high-speed, and reliable data transmissions for the advanced monitoring and control functionalities, which are facing increasing cyberspace threats and attacks. Efficient threat perception and cyber situational awareness are essential to enhance secure and reliable SCN operations. This article explores multiscale SCN traffic pattern characteristics with holistic network traffic, separated network traffic for included devices (especially IoT devices) and separated network traffic of certain types of protocol. The proposed online traffic-oriented SCN traffic anomaly detection and cyber situational awareness models are designed for the network anomalies and cyber-attacks that could cause network traffic pattern variations. We leverage a fractional autoregressive integration moving average (FARIMA)-based dynamic threshold model to detect abnormal traffic patterns without sophisticated computations or deep packet inspection. The SCN real-time operation conditions are timely quantified through the statistical methods with the alliance of SCN topology and protocols. The cyber situational awareness model is further carried out to evaluate the most affected protocol and security risks of various devices in SCN using Grubbs' test. The experiment results are carried out based on a real 110-kV intelligent power substation. The numerical results confirm the comparative low mean square error (MSE) and low complexity of the online traffic characterization when forecasting holistic network traffic and separated network traffics. Furthermore, the timely and quantified cybersecurity risk analysis is conducted based on the SCN traffic with varying scales to detect cyberspace threats and identify the high-risk SCN devices and the most affected protocol.-
dc.languageeng-
dc.relation.ispartofIEEE Internet of Things Journal-
dc.subjectAnomaly detection-
dc.subjectcybersecurity-
dc.subjectrisk analysis-
dc.subjectsubstation communication network (SCN)-
dc.subjecttraffic pattern analysis-
dc.titleMulti-Scale Traffic Aware Cybersecurity Situational Awareness Online Model for Intelligent Power Substation Communication Network-
dc.typeArticle-
dc.description.naturelink_to_subscribed_fulltext-
dc.identifier.doi10.1109/JIOT.2022.3210946-
dc.identifier.scopuseid_2-s2.0-85139430709-
dc.identifier.volume10-
dc.identifier.issue2-
dc.identifier.spage1666-
dc.identifier.epage1681-
dc.identifier.eissn2327-4662-
dc.identifier.isiWOS:001011036600052-

Export via OAI-PMH Interface in XML Formats


OR


Export to Other Non-XML Formats