RAINCOAT: RAndomization of Network Communication in Power Grid Cyber INfrastructure to Mislead Attackers

Research output: Contribution to journalArticlepeer-review

Abstract

Though attackers aim to introduce different physical perturbations on power grids, they need to rely on periodic data acquisitions performed by control centers to estimate the physical state of the grid and thus to prepare for destructive activities. In this paper, we present Raincoat, which randomizes data acquisitions to disrupt and mislead attackers’ preparations. We transform one data acquisition into multiple rounds. In each round, we dynamically manipulate network flows in the control networks so that randomly selected “online” devices respond with real measurements. Meanwhile, we intelligently spoof measurements for other “offline” devices to mislead attackers into designing ineffective strategies. Based on experiments using large-scale power systems and six real wide area networks, Raincoat is effective against false data injection and control-related attacks with small overhead. The probability of successful attacks can be reduced from 70% to 1%; attacks introduce little damage even if they are executed. Network latency of data acquisition increases on average by less than 6%.

Original languageEnglish (US)
Pages (from-to)4893-4906
Number of pages14
JournalIEEE Transactions on Smart Grid
Volume10
Issue number5
DOIs
StatePublished - Sep 2018

Keywords

  • Moving target defense
  • SCADA
  • decoy attacks
  • software-defined networking

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint

Dive into the research topics of 'RAINCOAT: RAndomization of Network Communication in Power Grid Cyber INfrastructure to Mislead Attackers'. Together they form a unique fingerprint.

Cite this