Generation of Cyber-security Reinforcement Strategies for Smart Grid Based on the Attribute-based Attack Graph

  • Bo Zhang Nanjing University of Science and Technology
  • Qianmu Li Nanjing University of Science and Technology
  • Yiying Zhang China University of Mining & Technology
  • Xuan Liu Illinois Institute of Technology
  • Zhen Ni Nanjing University of Science and Technology

Abstract

A smart grid is a kind of energy cyber-physical system (ECPS) with the interdependency of information and physicality.A cyber-attack gravely threatens the safe and stable operation of a physical power grid. Cyber-security reinforcement of smartgrid has become a research issue. However, the information network scale of a smart grid is massive, and the generation ofsecurity reinforcement strategies has become a problem. Therefore, a generation method of security reinforcement strategiesbased on an attribute-based attack graph was proposed in this study. The method defined a smart grid based on premise andconsequence attributes to form an attribute-based attack graph. With this graph, the method for the generation of securityreinforcement strategies was transferred to the minimum dominating set of the attribute-based attack graph and solved torealize space reduction in the security reinforcement strategies. An algorithm for the generation of security reinforcementstrategies was designed based on the greedy algorithm, and strategies for large-scale cyber security reinforcement of thesmart grid were determined to eliminate the complexity and difficulty of this problem effectively. Through a simulation analysisof a large-scale node network, the efficiency of the generation method of reinforcement strategies based on the attributebasedattack graph and minimum dominating set was verified. Results show that the proposed method can be used forsecurity reinforcement of large-scale complicated networks of a smart grid.

References

[1] Chen F., Liu D., Zhang Y., and Su J. A scalable approach to analyzing
network security using compact attack graphs. Journal of Networks, 5(5):543–550, 2010.
[2] Spanos G. and Angelis L. Impact metrics of security vulnerabilities:
Analysis and weighing. Information Security Journal: A Global Perspective,
pages 1–15, 2015.
[3] Wang L., Yao C., Singhal A., and Jajodia S. Implementing interactive
analysis of attack graphs using relational database. Journal of Computer
Security, 16(4):419–437, 2008.
[4] Xu L., Li Y.P., Li Q.M., Yang Y.W., Tang Z.M., and Zhang X.F. Proportional
fair resource allocation based on hybrid ant colony optimization
for slow adaptive ofdma system. Information Science, 293:1–10, 2015.
[5] Alhomidi M. and Reed M. Risk assessment and analysis through
population–based attack graph modelling. World Congress in Internet
Security (WorldCIS), pages 19–24, 2013.
[6] Idika N. and Bhargava B. Extending attack graph-based security metrics
and aggregating their application. IEEE Transactions on Dependable
& Secure Computing, 9(1):75–85, 2012.
[7] Poolsappasit N., Dewri R., and Ray I. Dynamic security risk management
using bayesian attack graphs. IEEE Transactions on Dependable
and Secure Computing, 9(1):61–74, 2012.
[8] Li Q. Multiple qos constraints finding paths algorithm in tmn. Information,
14(3):731–737, 2011.
[9] Li Q.M. and Zhang. H. Information security risk assessment technology
of cyberspace: a review. International Journal on Information, 15
(11):4677–4683, 2012.
[10] Xia R., Xu F., Zong C.Q., Li Q., Qi Y., and Li T. Dual sentiment analysis:
Considering two sides of one review. IEEE Transactions on Knowledge
and Data Engineering, 27(8):2120–2133, 2015.
[11] Noel S. and Jajodia S. Metrics suite for network attack graph analytics.
Proceedings of the 9th Annual Cyber and Information Security
Research Conference ACM, pages 5–8, 2014.
[12] Roschke S., Cheng F., and Meinel C. High-quality attack graph-based
ids correlation. Logic Journal of IGPL, 21(4):571–591, 2013.
[13] Saurabh S. and Sairam A.S. A more accurate completion condition
for attack-graph reconstruction in probabilistic packet marketing algorithm.
National Conference on Communications (NCC) IEEE, pages
1–5, 2013.
[14] Chen X.J., Fang B.X., and Zhang H.L. Inferring attack intent of malicious
insider based on probabilistic attack graph model. Chinese Journal
of Computers, 37(1):62–72, 2014.
[15] Yun Y., Xishan X., Yan J., and Chang Q. Z. An attack graph-based
probabilistic computing approach of network security. Chinese Journal
of Computers, 33(10):1987–1996, 2010.
Published
2016-10-29
How to Cite
ZHANG, Bo et al. Generation of Cyber-security Reinforcement Strategies for Smart Grid Based on the Attribute-based Attack Graph. Journal of Power Technologies, [S.l.], v. 96, n. 3, p. 170--177, oct. 2016. ISSN 2083-4195. Available at: <https://papers.itc.pw.edu.pl/index.php/JPT/article/view/923>. Date accessed: 27 sep. 2021.
Section
Energy Engineering and Technology

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.