Litcius/Paper detail

DecIED: Scalable k-Anonymous Deception for IEC61850-Compliant Smart Grid Systems

Dianshi Yang, Daisuke Mashima, Wei Lin, Jianying Zhou

202018 citationsDOI

Abstract

As demonstrated by the past real-world incidents, sophisticated attackers targeting our critical infrastructure may be hiding in the system, perhaps at this moment, in order to collect information and prepare for massive attacks. If an attacker is mostly passive and monitoring SCADA communication traffic or is clever enough to act under the radar of intrusion/anomaly detection systems, it is challenging to counter them. In this direction, deception technology is an effective cybersecurity tool, by deploying a large number of dummy and decoy devices throughout the system infrastructure to be protected, for capturing probing attempts and lateral movement of persistent attackers and malware. In this paper, we discuss the practical design and implementation of high-fidelity deception devices for smart power grid systems, named DecIED. DecIED imitates the device characteristics and communication models of IEC 61850-compliant IEDs (intelligent electronic devices) and thus realize k-anonymous smokescreen, which virtually shows k-1 indistinguishable decoy devices, to protect our critical infrastructure. Based on our prototype implementation, a single industry PC can host over 200 deception devices, which demonstrates DecIED's scalability and feasibility of integration into the existing systems.

Topics & Concepts

Computer scienceScalabilityComputer securityDeceptionCritical infrastructureEavesdroppingIEC 61850DecoyMalwareSmart gridHoneypotAnomaly detectionFidelityAutomationTelecommunicationsEngineeringElectrical engineeringDatabaseSocial psychologyChemistryPsychologyData miningBiochemistryReceptorMechanical engineeringSmart Grid Security and ResilienceNetwork Security and Intrusion DetectionInternet Traffic Analysis and Secure E-voting
DecIED: Scalable k-Anonymous Deception for IEC61850-Compliant Smart Grid Systems | Litcius