A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems

Smart Grid (SG) systems are critical, intelligent infrastructure utility services connected through open networks that are potentially susceptible to cyber-attacks with very acute security risks of shutdown, loss of life, and loss of revenue. Traditional intrusion detection systems based on signatur...

Full description

Saved in:
Bibliographic Details
Main Authors: Patel, A., Alhussian, H., Pedersen, J.M., Bounabat, B., Júnior, J.C., Katsikas, S.
Format: Article
Published: Elsevier Ltd 2017
Online Access:https://www.scopus.com/inward/record.uri?eid=2-s2.0-84994874812&doi=10.1016%2fj.cose.2016.07.002&partnerID=40&md5=5f6f90e6647d272108664e9c5f43cf5e
http://eprints.utp.edu.my/19880/
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Universiti Teknologi Petronas
id my.utp.eprints.19880
record_format eprints
spelling my.utp.eprints.198802018-04-22T13:13:17Z A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems Patel, A. Alhussian, H. Pedersen, J.M. Bounabat, B. Júnior, J.C. Katsikas, S. Smart Grid (SG) systems are critical, intelligent infrastructure utility services connected through open networks that are potentially susceptible to cyber-attacks with very acute security risks of shutdown, loss of life, and loss of revenue. Traditional intrusion detection systems based on signature and anomaly techniques are no longer sufficient to protect SGs due to their new connectivity and management challenges, the ever-rapidly-evolving masquerades, and cyber criminality levied against them. SGs require cyber-security systems to render them resilient and protected through advanced Intrusion Detection and Prevention System (IDPS) techniques and mechanisms. This paper proposes a smart collaborative advanced IDPS to provide the best possible protection of SGs with a fully distributed management structure that supports the network and host based detections and the prevention of attacks. By facilitating a reliable, scalable, and flexible design, the specific requirements of IDPS for SGs can be more easily met via a fuzzy risk analyzer, an independent and ontology knowledge-based inference engine module. These can work collaboratively by managing functions across multiple IDPS domains. A set of extensive and intensive simulated experiments shows that with its smart advanced components incorporating soft computing machine-learning techniques and a rich ontology knowledge base with fuzzy logic analysis, it detects and prevents intrusions more efficiently. The multi-faceted results of the simulation also show that the proposed Collaborative Smart IDPS (CSIDPS) system increases the intrusion detection accuracy and decreases the false positive alarms when compared to traditional IDPSs. This is epitomized by the skillful use of the confusion matrix technique for organizing classifiers, visualizing their performance, and assessing their overall behavior. In the final analysis, the CSIDPS architecture is designed toward contributing to de facto norms for SG ecosystems. © 2016 Elsevier Ltd Elsevier Ltd 2017 Article PeerReviewed https://www.scopus.com/inward/record.uri?eid=2-s2.0-84994874812&doi=10.1016%2fj.cose.2016.07.002&partnerID=40&md5=5f6f90e6647d272108664e9c5f43cf5e Patel, A. and Alhussian, H. and Pedersen, J.M. and Bounabat, B. and Júnior, J.C. and Katsikas, S. (2017) A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems. Computers and Security, 64 . pp. 92-109. http://eprints.utp.edu.my/19880/
institution Universiti Teknologi Petronas
building UTP Resource Centre
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Teknologi Petronas
content_source UTP Institutional Repository
url_provider http://eprints.utp.edu.my/
description Smart Grid (SG) systems are critical, intelligent infrastructure utility services connected through open networks that are potentially susceptible to cyber-attacks with very acute security risks of shutdown, loss of life, and loss of revenue. Traditional intrusion detection systems based on signature and anomaly techniques are no longer sufficient to protect SGs due to their new connectivity and management challenges, the ever-rapidly-evolving masquerades, and cyber criminality levied against them. SGs require cyber-security systems to render them resilient and protected through advanced Intrusion Detection and Prevention System (IDPS) techniques and mechanisms. This paper proposes a smart collaborative advanced IDPS to provide the best possible protection of SGs with a fully distributed management structure that supports the network and host based detections and the prevention of attacks. By facilitating a reliable, scalable, and flexible design, the specific requirements of IDPS for SGs can be more easily met via a fuzzy risk analyzer, an independent and ontology knowledge-based inference engine module. These can work collaboratively by managing functions across multiple IDPS domains. A set of extensive and intensive simulated experiments shows that with its smart advanced components incorporating soft computing machine-learning techniques and a rich ontology knowledge base with fuzzy logic analysis, it detects and prevents intrusions more efficiently. The multi-faceted results of the simulation also show that the proposed Collaborative Smart IDPS (CSIDPS) system increases the intrusion detection accuracy and decreases the false positive alarms when compared to traditional IDPSs. This is epitomized by the skillful use of the confusion matrix technique for organizing classifiers, visualizing their performance, and assessing their overall behavior. In the final analysis, the CSIDPS architecture is designed toward contributing to de facto norms for SG ecosystems. © 2016 Elsevier Ltd
format Article
author Patel, A.
Alhussian, H.
Pedersen, J.M.
Bounabat, B.
Júnior, J.C.
Katsikas, S.
spellingShingle Patel, A.
Alhussian, H.
Pedersen, J.M.
Bounabat, B.
Júnior, J.C.
Katsikas, S.
A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems
author_facet Patel, A.
Alhussian, H.
Pedersen, J.M.
Bounabat, B.
Júnior, J.C.
Katsikas, S.
author_sort Patel, A.
title A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems
title_short A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems
title_full A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems
title_fullStr A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems
title_full_unstemmed A nifty collaborative intrusion detection and prevention architecture for Smart Grid ecosystems
title_sort nifty collaborative intrusion detection and prevention architecture for smart grid ecosystems
publisher Elsevier Ltd
publishDate 2017
url https://www.scopus.com/inward/record.uri?eid=2-s2.0-84994874812&doi=10.1016%2fj.cose.2016.07.002&partnerID=40&md5=5f6f90e6647d272108664e9c5f43cf5e
http://eprints.utp.edu.my/19880/
_version_ 1738656132407230464