Smart Grid (SG) research and development has drawn much attention from academia, industry and government due to the great impact it will have on society, economics and the environment. Securing the SG is a considerably significant challenge due the increased dependency on communication networks to assist in physical process control, exposing them to various cyber-threats. In addition to attacks that change measurement values using False Data Injection (FDI) techniques, attacks on the communication network may disrupt the power system's real-time operation by intercepting messages, or by flooding the communication channels with unnecessary data. Addressing these attacks requires a cross-layer approach. In this paper a cross-layered strategy is presented, called Cross-Layer Ensemble CorrDet with Adaptive Statistics(CECD-AS), which integrates the detection of faulty SG measurement data as well as inconsistent network inter-arrival times and transmission delays for more reliable and accurate anomaly detection and attack interpretation. Numerical results show that CECD-AS can detect multiple False Data Injections, Denial of Service (DoS) and Man In The Middle (MITM) attacks with a high F1-score compared to current approaches that only use SG measurement data for detection such as the traditional physics-based State Estimation, Ensemble CorrDet with Adaptive Statistics strategy and other machine learning classification-based detection schemes.
相關內容
Cyber Security is a critical topic for organizations with IT/OT networks as they are always susceptible to attack, whether insider or outsider. Since the cyber landscape is an ever-evolving scenario, one must keep upgrading its security systems to enhance the security of the infrastructure. Tools like Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Threat Intelligence Platform (TIP), Information Technology Service Management (ITSM), along with other defensive techniques like Intrusion Detection System (IDS), Intrusion Protection System (IPS), and many others enhance the cyber security posture of the infrastructure. However, the proposed protection mechanisms have their limitations, they are insufficient to ensure security, and the attacker penetrates the network. Deception technology, along with Honeypots, provides a false sense of vulnerability in the target systems to the attackers. The attacker deceived reveals threat intel about their modus operandi. We have developed a Security Orchestration, Automation, and Response (SOAR) Engine that dynamically deploys custom honeypots inside the internal network infrastructure based on the attacker's behavior. The architecture is robust enough to support multiple VLANs connected to the system and used for orchestration. The presence of botnet traffic and DDOS attacks on the honeypots in the network is detected, along with a malware collection system. After being exposed to live traffic for four days, our engine dynamically orchestrated the honeypots 40 times, detected 7823 attacks, 965 DDOS attack packets, and three malicious samples. While our experiments with static honeypots show an average attacker engagement time of 102 seconds per instance, our SOAR Engine-based dynamic honeypots engage attackers on average 3148 seconds.
The extreme pervasive nature of mobile technologies, together with the users need to continuously interact with her personal devices and to be always connected, strengthen the user-centric approach to design and develop new communication and computing solutions. Nowadays users not only represent the final utilizers of the technology, but they actively contribute to its evolution by assuming different roles: they act as humans, by sharing contents and experiences through social networks, and as virtual sensors, by moving freely in the environment with their sensing devices. Smart cities represent an important reference scenario for the active participation of users through mobile technologies. It involves multiple application domains and defines different levels of user engagement. Participatory sensing, opportunistic sensing and Mobile Social Networks currently represent some of the most promising people-centric paradigms. In addition, their integration can further improve the user involvement through new services and applications. In this paper we present SmartCitizen app, a MSN application designed in the framework of a smart city project to stimulate the active participation of citizens in generating and sharing useful contents related to the quality of life in their city. The app has been developed on top of a context- and social-aware middleware platform (CAMEO) able to integrate the main features of people-centric computing paradigms, lightening the app developer effort. Existing middleware platforms generally focus on one single people-centric paradigm, exporting a limited set of features to mobile applications. CAMEO overcomes these limitations. Experimental results shown in this paper can also represent the technical guidelines for the development of heterogeneous people-centric mobile applications, embracing different application domains.
Security ceremonies still fail despite decades of efforts by researchers and practitioners. Attacks are often a cunning amalgam of exploits for technical systems and of forms of human behaviour. For example, this is the case with the recent news headline of a large-scale attack against Electrum Bitcoin wallets, which manages to spread a malicious update of the wallet app. I therefore set out to look at things through a different lens. I make the (metaphorical) hypothesis that human ancestors arrived on Earth along with security ceremonies from a very far planet, the Cybersecurity planet. My hypothesis continues, in that studying (by huge telescopes) the surface of Cybersecurity in combination with the logical projection on that surface of what happens on Earth is beneficial for us earthlings. I have spotted four cities so far on the remote planet. Democratic City features security ceremonies that allow inhabitants to follow personal paths of practice and, for example, make errors or be driven by emotions. By contrast, security ceremonies in Dictatorial City compel inhabitants to comply, thus behaving like programmed automata. Security ceremonies in Beautiful City are so beautiful that inhabitants just love to follow them precisely. Invisible City has security ceremonies that are not perceivable, hence inhabitants feel like they never encounter any. Incidentally, we use the words "democratic" and "dictatorial" without any political connotation. A key argument I shall develop is that all cities but Democratic City address the human factor, albeit in different ways. In the light of these findings, I will also discuss security ceremonies of our planet, such as WhatsApp web login and flight boarding, and explore room for improving them based upon the current understanding of Cybersecurity.
The current electricity networks were not initially designed for the high integration of variable generation technologies. They suffer significant losses due to the combustion of fossil fuels, the long-distance transmission, and distribution of the power to the network. Recently, \emph{prosumers}, both consumers and producers, emerge with the increasing affordability to invest in domestic solar systems. Prosumers may trade within their communities to better manage their demand and supply as well as providing social and economic benefits. In this paper, we explore the use of Blockchain technologies and auction mechanisms to facilitate autonomous peer-to-peer energy trading within microgrids. We design two frameworks that utilize the smart contract functionality in Ethereum and employ the continuous double auction and uniform-price double-sided auction mechanisms, respectively. We validate our design by conducting A/B tests to compare the performance of different frameworks on a real-world dataset. The key characteristics of the two frameworks and several cost analyses are presented for comparison. Our results demonstrate that a P2P trading platform that integrates the blockchain technologies and agent-based systems is promising to complement the current centralized energy grid. We also identify a number of limitations, alternative solutions, and directions for future work.
Vast amount of data generated from networks of sensors, wearables, and the Internet of Things (IoT) devices underscores the need for advanced modeling techniques that leverage the spatio-temporal structure of decentralized data due to the need for edge computation and licensing (data access) issues. While federated learning (FL) has emerged as a framework for model training without requiring direct data sharing and exchange, effectively modeling the complex spatio-temporal dependencies to improve forecasting capabilities still remains an open problem. On the other hand, state-of-the-art spatio-temporal forecasting models assume unfettered access to the data, neglecting constraints on data sharing. To bridge this gap, we propose a federated spatio-temporal model -- Cross-Node Federated Graph Neural Network (CNFGNN) -- which explicitly encodes the underlying graph structure using graph neural network (GNN)-based architecture under the constraint of cross-node federated learning, which requires that data in a network of nodes is generated locally on each node and remains decentralized. CNFGNN operates by disentangling the temporal dynamics modeling on devices and spatial dynamics on the server, utilizing alternating optimization to reduce the communication cost, facilitating computations on the edge devices. Experiments on the traffic flow forecasting task show that CNFGNN achieves the best forecasting performance in both transductive and inductive learning settings with no extra computation cost on edge devices, while incurring modest communication cost.
As data are increasingly being stored in different silos and societies becoming more aware of data privacy issues, the traditional centralized training of artificial intelligence (AI) models is facing efficiency and privacy challenges. Recently, federated learning (FL) has emerged as an alternative solution and continue to thrive in this new reality. Existing FL protocol design has been shown to be vulnerable to adversaries within or outside of the system, compromising data privacy and system robustness. Besides training powerful global models, it is of paramount importance to design FL systems that have privacy guarantees and are resistant to different types of adversaries. In this paper, we conduct the first comprehensive survey on this topic. Through a concise introduction to the concept of FL, and a unique taxonomy covering: 1) threat models; 2) poisoning attacks and defenses against robustness; 3) inference attacks and defenses against privacy, we provide an accessible review of this important topic. We highlight the intuitions, key techniques as well as fundamental assumptions adopted by various attacks and defenses. Finally, we discuss promising future research directions towards robust and privacy-preserving federated learning.
The demand for artificial intelligence has grown significantly over the last decade and this growth has been fueled by advances in machine learning techniques and the ability to leverage hardware acceleration. However, in order to increase the quality of predictions and render machine learning solutions feasible for more complex applications, a substantial amount of training data is required. Although small machine learning models can be trained with modest amounts of data, the input for training larger models such as neural networks grows exponentially with the number of parameters. Since the demand for processing training data has outpaced the increase in computation power of computing machinery, there is a need for distributing the machine learning workload across multiple machines, and turning the centralized into a distributed system. These distributed systems present new challenges, first and foremost the efficient parallelization of the training process and the creation of a coherent model. This article provides an extensive overview of the current state-of-the-art in the field by outlining the challenges and opportunities of distributed machine learning over conventional (centralized) machine learning, discussing the techniques used for distributed machine learning, and providing an overview of the systems that are available.
Person re-identification (re-ID) has attracted much attention recently due to its great importance in video surveillance. In general, distance metrics used to identify two person images are expected to be robust under various appearance changes. However, our work observes the extreme vulnerability of existing distance metrics to adversarial examples, generated by simply adding human-imperceptible perturbations to person images. Hence, the security danger is dramatically increased when deploying commercial re-ID systems in video surveillance, especially considering the highly strict requirement of public safety. Although adversarial examples have been extensively applied for classification analysis, it is rarely studied in metric analysis like person re-identification. The most likely reason is the natural gap between the training and testing of re-ID networks, that is, the predictions of a re-ID network cannot be directly used during testing without an effective metric. In this work, we bridge the gap by proposing Adversarial Metric Attack, a parallel methodology to adversarial classification attacks, which can effectively generate adversarial examples for re-ID. Comprehensive experiments clearly reveal the adversarial effects in re-ID systems. Moreover, by benchmarking various adversarial settings, we expect that our work can facilitate the development of robust feature learning with the experimental conclusions we have drawn.
Methods that align distributions by minimizing an adversarial distance between them have recently achieved impressive results. However, these approaches are difficult to optimize with gradient descent and they often do not converge well without careful hyperparameter tuning and proper initialization. We investigate whether turning the adversarial min-max problem into an optimization problem by replacing the maximization part with its dual improves the quality of the resulting alignment and explore its connections to Maximum Mean Discrepancy. Our empirical results suggest that using the dual formulation for the restricted family of linear discriminators results in a more stable convergence to a desirable solution when compared with the performance of a primal min-max GAN-like objective and an MMD objective under the same restrictions. We test our hypothesis on the problem of aligning two synthetic point clouds on a plane and on a real-image domain adaptation problem on digits. In both cases, the dual formulation yields an iterative procedure that gives more stable and monotonic improvement over time.
The field of Multi-Agent System (MAS) is an active area of research within Artificial Intelligence, with an increasingly important impact in industrial and other real-world applications. Within a MAS, autonomous agents interact to pursue personal interests and/or to achieve common objectives. Distributed Constraint Optimization Problems (DCOPs) have emerged as one of the prominent agent architectures to govern the agents' autonomous behavior, where both algorithms and communication models are driven by the structure of the specific problem. During the last decade, several extensions to the DCOP model have enabled them to support MAS in complex, real-time, and uncertain environments. This survey aims at providing an overview of the DCOP model, giving a classification of its multiple extensions and addressing both resolution methods and applications that find a natural mapping within each class of DCOPs. The proposed classification suggests several future perspectives for DCOP extensions, and identifies challenges in the design of efficient resolution algorithms, possibly through the adaptation of strategies from different areas.
小貼士
登錄享
相關主題
注冊地址: 北京市海淀區羊坊店路18號2幢3層301-191