Abstract
Embedded controllers, sensors, actuators, advanced metering infrastructure, etc. are cornerstone components of cyber-physical energy systems such as microgrids (MGs). Harnessing their monitoring and control functionalities, sophisticated schemes enhancing MG stability can be deployed. However, the deployment of ‘smart’ assets increases the threat surface. Power systems possess mechanisms capable of detecting abnormal operations. Furthermore, the lack of sophistication in attack strategies can render them detectable since they blindly violate power system semantics. On the other hand, the recent increase of process-aware rootkits that can attain persistence and compromise operations in undetectable ways requires special attention. In this work, we investigate the steps followed by stealthy rootkits at the process level of control systems pre- and post-compromise. We investigate the rootkits' precompromise stage involving the deployment to multiple system locations and aggregation of system-specific information to build a neural network-based virtual data-driven model (VDDM) of the system. Then, during the weaponization phase, we demonstrate how the VDDM measurement predictions are paramount, first to orchestrate crippling attacks from multiple system standpoints, maximizing the impact, and second, impede detection blinding system operator situational awareness.
Original language | English |
---|---|
Title of host publication | Proceedings of the 2022 IEEE Power & Energy Society General Meeting (PESGM) |
Publisher | IEEE |
Pages | 1-10 |
Number of pages | 10 |
ISBN (Electronic) | 978-1-6654-0823-3 |
ISBN (Print) | 978-1-6654-0824-0 |
DOIs | |
Publication status | Published - 2022 |
Event | 2022 IEEE Power & Energy Society General Meeting (PESGM) - Denver, United States Duration: 17 Jul 2022 → 21 Jul 2022 |
Conference
Conference | 2022 IEEE Power & Energy Society General Meeting (PESGM) |
---|---|
Country/Territory | United States |
City | Denver |
Period | 17/07/22 → 21/07/22 |
Bibliographical note
Green Open Access added to TU Delft Institutional Repository 'You share, we take care!' - Taverne project https://www.openaccess.nl/en/you-share-we-take-careOtherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.
Keywords
- Rootkit
- cyber-physical microgrid
- intelligent malware
- data-driven prediction
- virtual twin