Implementation of Risk-Aggregated Substation Testbed Using Generative Adversarial Networks

Implementation of Risk-Aggregated Substation Testbed Using Generative Adversarial Networks

Capturing the anomalies of a cyber system in power control networks would promote operational awareness. Correlation of such events, e.g., intrusion attempts, traffic flow, and other signatures, together with control alarm events gives operators an in-depth understanding in order to make an informed...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on smart grid 2023-01, Vol.14 (1), p.677-689
Hauptverfasser: Yang, Zhiyuan, Zhang, Shipeng, Ten, Chee-Wooi, Liu, Ting, Pang, Xueyue, Sun, Hao
Format: Artikel
Sprache:eng
Schlagworte:
Anomalies
Co-simulation
Communication networks
Control systems
Coordinates
electronic intrusion
Generative adversarial networks
Intrusion
Machine learning
Power control
power substation
Process control
Production
Security
Substations
Switches
switching attacks
Test stands
Topology
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 689
container_issue 1
container_start_page 677
container_title IEEE transactions on smart grid
container_volume 14
creator Yang, Zhiyuan
Zhang, Shipeng
Ten, Chee-Wooi
Liu, Ting
Pang, Xueyue
Sun, Hao
description Capturing the anomalies of a cyber system in power control networks would promote operational awareness. Correlation of such events, e.g., intrusion attempts, traffic flow, and other signatures, together with control alarm events gives operators an in-depth understanding in order to make an informed decision. This paper proposes a threat inference framework to promote real-time vulnerability assessment associated with cyber intrusions on power communication networks. Wasserstein Generative Adversarial Networks (WGAN) is proposed to estimate the performance of the adversarial model. Additionally, a machine-learning framework is introduced to model the filtering process of the security devices, i.e., firewalls, isolation, and encryption devices, and the posterior fitting method is incorporated to establish an accurate probabilistic formulation. Finally, a testbed is established to coordinate system evaluation. Verification of the intrusion model is part of the implementation to quantify system risks based on the anomalies using (1) the open-source emulator, and (2) an externally imported system analyzer to characterize resulting impacts. The effectiveness and feasibility of the generative models are verified in a comparison study where the proper parameter settings could be obtained. The proposed framework is justified with extensive studies of substation networks using real-world settings.
doi_str_mv 10.1109/TSG.2022.3192522
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_proquest_journals_2757179590</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9834047</ieee_id><sourcerecordid>2757179590</sourcerecordid><originalsourceid>FETCH-LOGICAL-c291t-470169e9b2ce693c7cf4f3a933498e883f6b50278b9c90bff86dc238ac9bfccd3</originalsourceid><addsrcrecordid>eNo9kMtrAjEQxkNpoWK9F3pZ6HltktnXHEVaK0gLVS-9hGx2Iutj1yarpf99I4pzmWG-bx78GHsUfCgEx5fFfDKUXMohCJSplDesJzDBGHgmbq91Cvds4P2ahwCATGKPfU93-y3tqOl0V7dN1Nroq_abeLRaOVrpjqpofij9RV2Q78rQWvq6WUUTasgF4UjRqDqS89rVeht9UPfbuo1_YHdWbz0NLrnPlm-vi_F7PPucTMejWWwkii5Oci4yJCyloQzB5MYmFjQCJFhQUYDNypTLvCjRIC-tLbLKSCi0wdIaU0GfPZ_37l37cwgfqnV7cE04qWSe5iLHFHlw8bPLuNZ7R1btXb3T7k8Jrk4QVYCoThDVBWIYeTqP1ER0tWMBCU9y-Af1dG5S</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2757179590</pqid></control><display><type>article</type><title>Implementation of Risk-Aggregated Substation Testbed Using Generative Adversarial Networks</title><source>IEEE Electronic Library (IEL)</source><creator>Yang, Zhiyuan ; Zhang, Shipeng ; Ten, Chee-Wooi ; Liu, Ting ; Pang, Xueyue ; Sun, Hao</creator><creatorcontrib>Yang, Zhiyuan ; Zhang, Shipeng ; Ten, Chee-Wooi ; Liu, Ting ; Pang, Xueyue ; Sun, Hao</creatorcontrib><description>Capturing the anomalies of a cyber system in power control networks would promote operational awareness. Correlation of such events, e.g., intrusion attempts, traffic flow, and other signatures, together with control alarm events gives operators an in-depth understanding in order to make an informed decision. This paper proposes a threat inference framework to promote real-time vulnerability assessment associated with cyber intrusions on power communication networks. Wasserstein Generative Adversarial Networks (WGAN) is proposed to estimate the performance of the adversarial model. Additionally, a machine-learning framework is introduced to model the filtering process of the security devices, i.e., firewalls, isolation, and encryption devices, and the posterior fitting method is incorporated to establish an accurate probabilistic formulation. Finally, a testbed is established to coordinate system evaluation. Verification of the intrusion model is part of the implementation to quantify system risks based on the anomalies using (1) the open-source emulator, and (2) an externally imported system analyzer to characterize resulting impacts. The effectiveness and feasibility of the generative models are verified in a comparison study where the proper parameter settings could be obtained. The proposed framework is justified with extensive studies of substation networks using real-world settings.</description><identifier>ISSN: 1949-3053</identifier><identifier>EISSN: 1949-3061</identifier><identifier>DOI: 10.1109/TSG.2022.3192522</identifier><identifier>CODEN: ITSGBQ</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Anomalies ; Co-simulation ; Communication networks ; Control systems ; Coordinates ; electronic intrusion ; Generative adversarial networks ; Intrusion ; Machine learning ; Power control ; power substation ; Process control ; Production ; Security ; Substations ; Switches ; switching attacks ; Test stands ; Topology</subject><ispartof>IEEE transactions on smart grid, 2023-01, Vol.14 (1), p.677-689</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c291t-470169e9b2ce693c7cf4f3a933498e883f6b50278b9c90bff86dc238ac9bfccd3</citedby><cites>FETCH-LOGICAL-c291t-470169e9b2ce693c7cf4f3a933498e883f6b50278b9c90bff86dc238ac9bfccd3</cites><orcidid>0000-0003-0657-6310 ; 0000-0002-7600-0934 ; 0000-0002-9290-8926 ; 0000-0003-3353-2305</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9834047$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>315,781,785,797,27929,27930,54763</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9834047$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Yang, Zhiyuan</creatorcontrib><creatorcontrib>Zhang, Shipeng</creatorcontrib><creatorcontrib>Ten, Chee-Wooi</creatorcontrib><creatorcontrib>Liu, Ting</creatorcontrib><creatorcontrib>Pang, Xueyue</creatorcontrib><creatorcontrib>Sun, Hao</creatorcontrib><title>Implementation of Risk-Aggregated Substation Testbed Using Generative Adversarial Networks</title><title>IEEE transactions on smart grid</title><addtitle>TSG</addtitle><description>Capturing the anomalies of a cyber system in power control networks would promote operational awareness. Correlation of such events, e.g., intrusion attempts, traffic flow, and other signatures, together with control alarm events gives operators an in-depth understanding in order to make an informed decision. This paper proposes a threat inference framework to promote real-time vulnerability assessment associated with cyber intrusions on power communication networks. Wasserstein Generative Adversarial Networks (WGAN) is proposed to estimate the performance of the adversarial model. Additionally, a machine-learning framework is introduced to model the filtering process of the security devices, i.e., firewalls, isolation, and encryption devices, and the posterior fitting method is incorporated to establish an accurate probabilistic formulation. Finally, a testbed is established to coordinate system evaluation. Verification of the intrusion model is part of the implementation to quantify system risks based on the anomalies using (1) the open-source emulator, and (2) an externally imported system analyzer to characterize resulting impacts. The effectiveness and feasibility of the generative models are verified in a comparison study where the proper parameter settings could be obtained. The proposed framework is justified with extensive studies of substation networks using real-world settings.</description><subject>Anomalies</subject><subject>Co-simulation</subject><subject>Communication networks</subject><subject>Control systems</subject><subject>Coordinates</subject><subject>electronic intrusion</subject><subject>Generative adversarial networks</subject><subject>Intrusion</subject><subject>Machine learning</subject><subject>Power control</subject><subject>power substation</subject><subject>Process control</subject><subject>Production</subject><subject>Security</subject><subject>Substations</subject><subject>Switches</subject><subject>switching attacks</subject><subject>Test stands</subject><subject>Topology</subject><issn>1949-3053</issn><issn>1949-3061</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kMtrAjEQxkNpoWK9F3pZ6HltktnXHEVaK0gLVS-9hGx2Iutj1yarpf99I4pzmWG-bx78GHsUfCgEx5fFfDKUXMohCJSplDesJzDBGHgmbq91Cvds4P2ahwCATGKPfU93-y3tqOl0V7dN1Nroq_abeLRaOVrpjqpofij9RV2Q78rQWvq6WUUTasgF4UjRqDqS89rVeht9UPfbuo1_YHdWbz0NLrnPlm-vi_F7PPucTMejWWwkii5Oci4yJCyloQzB5MYmFjQCJFhQUYDNypTLvCjRIC-tLbLKSCi0wdIaU0GfPZ_37l37cwgfqnV7cE04qWSe5iLHFHlw8bPLuNZ7R1btXb3T7k8Jrk4QVYCoThDVBWIYeTqP1ER0tWMBCU9y-Af1dG5S</recordid><startdate>202301</startdate><enddate>202301</enddate><creator>Yang, Zhiyuan</creator><creator>Zhang, Shipeng</creator><creator>Ten, Chee-Wooi</creator><creator>Liu, Ting</creator><creator>Pang, Xueyue</creator><creator>Sun, Hao</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SP</scope><scope>7TB</scope><scope>8FD</scope><scope>FR3</scope><scope>KR7</scope><scope>L7M</scope><orcidid>https://orcid.org/0000-0003-0657-6310</orcidid><orcidid>https://orcid.org/0000-0002-7600-0934</orcidid><orcidid>https://orcid.org/0000-0002-9290-8926</orcidid><orcidid>https://orcid.org/0000-0003-3353-2305</orcidid></search><sort><creationdate>202301</creationdate><title>Implementation of Risk-Aggregated Substation Testbed Using Generative Adversarial Networks</title><author>Yang, Zhiyuan ; Zhang, Shipeng ; Ten, Chee-Wooi ; Liu, Ting ; Pang, Xueyue ; Sun, Hao</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c291t-470169e9b2ce693c7cf4f3a933498e883f6b50278b9c90bff86dc238ac9bfccd3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Anomalies</topic><topic>Co-simulation</topic><topic>Communication networks</topic><topic>Control systems</topic><topic>Coordinates</topic><topic>electronic intrusion</topic><topic>Generative adversarial networks</topic><topic>Intrusion</topic><topic>Machine learning</topic><topic>Power control</topic><topic>power substation</topic><topic>Process control</topic><topic>Production</topic><topic>Security</topic><topic>Substations</topic><topic>Switches</topic><topic>switching attacks</topic><topic>Test stands</topic><topic>Topology</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Yang, Zhiyuan</creatorcontrib><creatorcontrib>Zhang, Shipeng</creatorcontrib><creatorcontrib>Ten, Chee-Wooi</creatorcontrib><creatorcontrib>Liu, Ting</creatorcontrib><creatorcontrib>Pang, Xueyue</creatorcontrib><creatorcontrib>Sun, Hao</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Mechanical &amp; Transportation Engineering Abstracts</collection><collection>Technology Research Database</collection><collection>Engineering Research Database</collection><collection>Civil Engineering Abstracts</collection><collection>Advanced Technologies Database with Aerospace</collection><jtitle>IEEE transactions on smart grid</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Yang, Zhiyuan</au><au>Zhang, Shipeng</au><au>Ten, Chee-Wooi</au><au>Liu, Ting</au><au>Pang, Xueyue</au><au>Sun, Hao</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Implementation of Risk-Aggregated Substation Testbed Using Generative Adversarial Networks</atitle><jtitle>IEEE transactions on smart grid</jtitle><stitle>TSG</stitle><date>2023-01</date><risdate>2023</risdate><volume>14</volume><issue>1</issue><spage>677</spage><epage>689</epage><pages>677-689</pages><issn>1949-3053</issn><eissn>1949-3061</eissn><coden>ITSGBQ</coden><abstract>Capturing the anomalies of a cyber system in power control networks would promote operational awareness. Correlation of such events, e.g., intrusion attempts, traffic flow, and other signatures, together with control alarm events gives operators an in-depth understanding in order to make an informed decision. This paper proposes a threat inference framework to promote real-time vulnerability assessment associated with cyber intrusions on power communication networks. Wasserstein Generative Adversarial Networks (WGAN) is proposed to estimate the performance of the adversarial model. Additionally, a machine-learning framework is introduced to model the filtering process of the security devices, i.e., firewalls, isolation, and encryption devices, and the posterior fitting method is incorporated to establish an accurate probabilistic formulation. Finally, a testbed is established to coordinate system evaluation. Verification of the intrusion model is part of the implementation to quantify system risks based on the anomalies using (1) the open-source emulator, and (2) an externally imported system analyzer to characterize resulting impacts. The effectiveness and feasibility of the generative models are verified in a comparison study where the proper parameter settings could be obtained. The proposed framework is justified with extensive studies of substation networks using real-world settings.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/TSG.2022.3192522</doi><tpages>13</tpages><orcidid>https://orcid.org/0000-0003-0657-6310</orcidid><orcidid>https://orcid.org/0000-0002-7600-0934</orcidid><orcidid>https://orcid.org/0000-0002-9290-8926</orcidid><orcidid>https://orcid.org/0000-0003-3353-2305</orcidid></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1949-3053
ispartof IEEE transactions on smart grid, 2023-01, Vol.14 (1), p.677-689
issn 1949-3053
1949-3061
language eng
recordid cdi_proquest_journals_2757179590
source IEEE Electronic Library (IEL)
subjects Anomalies
Co-simulation
Communication networks
Control systems
Coordinates
electronic intrusion
Generative adversarial networks
Intrusion
Machine learning
Power control
power substation
Process control
Production
Security
Substations
Switches
switching attacks
Test stands
Topology
title Implementation of Risk-Aggregated Substation Testbed Using Generative Adversarial Networks
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-12T00%3A52%3A59IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Implementation%20of%20Risk-Aggregated%20Substation%20Testbed%20Using%20Generative%20Adversarial%20Networks&rft.jtitle=IEEE%20transactions%20on%20smart%20grid&rft.au=Yang,%20Zhiyuan&rft.date=2023-01&rft.volume=14&rft.issue=1&rft.spage=677&rft.epage=689&rft.pages=677-689&rft.issn=1949-3053&rft.eissn=1949-3061&rft.coden=ITSGBQ&rft_id=info:doi/10.1109/TSG.2022.3192522&rft_dat=%3Cproquest_RIE%3E2757179590%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2757179590&rft_id=info:pmid/&rft_ieee_id=9834047&rfr_iscdi=true