Visible to the public Biblio

Filters: Keyword is attack vectors  [Clear All Filters]
2021-05-13
Tong, Zhongkai, Zhu, Ziyuan, Wang, Zhanpeng, Wang, Limin, Zhang, Yusha, Liu, Yuxin.  2020.  Cache side-channel attacks detection based on machine learning. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :919—926.
Security has always been one of the main concerns in the field of computer architecture and cloud computing. Cache-based side-channel attacks pose a threat to almost all existing architectures and cloud computing. Especially in the public cloud, the cache is shared among multiple tenants, and cache attacks can make good use of this to extract information. Cache side-channel attacks are a problem to be solved for security, in which how to accurately detect cache side-channel attacks has been a research hotspot. Because the cache side-channel attack does not require the attacker to physically contact the target device and does not need additional devices to obtain the side channel information, the cache-side channel attack is efficient and hidden, which poses a great threat to the security of cryptographic algorithms. Based on the AES algorithm, this paper uses hardware performance counters to obtain the features of different cache events under Flush + Reload, Prime + Probe, and Flush + Flush attacks. Firstly, the random forest algorithm is used to filter the cache features, and then the support vector machine algorithm is used to model the system. Finally, high detection accuracy is achieved under different system loads. The detection accuracy of the system is 99.92% when there is no load, the detection accuracy is 99.85% under the average load, and the detection accuracy under full load is 96.57%.
Ilsenstein, Lisa, Koch, Manfred, Steinhart, Heinrich.  2020.  Definition of Attack Vectors to detect possible Cyber-Attacks on Electrical Machines. PCIM Europe digital days 2020; International Exhibition and Conference for Power Electronics, Intelligent Motion, Renewable Energy and Energy Management. :1—7.
System safety and cyber security have a great effect on the availability of devices that are interconnected. With the rising interconnection of critical infrastructures new risks occur, which have to be detected and warded. Therefore, attack vectors are defined to determine deviations to the nominal values of a cyber-physical system in this paper. Through an elaborated cyber security concept, the tasks of a simple motor protecting switch and additional tasks to detect cyber-attacks can be implemented. The simulative result of an exemplary overvoltage shows the impact on the RMS and phase voltages of a monitored drive.
Li, Xu, Zhong, Jinghua, Wu, Xixin, Yu, Jianwei, Liu, Xunying, Meng, Helen.  2020.  Adversarial Attacks on GMM I-Vector Based Speaker Verification Systems. ICASSP 2020 - 2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :6579—6583.
This work investigates the vulnerability of Gaussian Mixture Model (GMM) i-vector based speaker verification systems to adversarial attacks, and the transferability of adversarial samples crafted from GMM i-vector based systems to x-vector based systems. In detail, we formulate the GMM i-vector system as a scoring function of enrollment and testing utterance pairs. Then we leverage the fast gradient sign method (FGSM) to optimize testing utterances for adversarial samples generation. These adversarial samples are used to attack both GMM i-vector and x-vector systems. We measure the system vulnerability by the degradation of equal error rate and false acceptance rate. Experiment results show that GMM i-vector systems are seriously vulnerable to adversarial attacks, and the crafted adversarial samples are proved to be transferable and pose threats to neural network speaker embedding based systems (e.g. x-vector systems).
Chen, Ziyu, Zhu, Jizhong, Li, Shenglin, Luo, Tengyan.  2020.  Detection of False Data Injection Attack in Automatic Generation Control System with Wind Energy based on Fuzzy Support Vector Machine. IECON 2020 The 46th Annual Conference of the IEEE Industrial Electronics Society. :3523—3528.
False data injection attack (FDIA) destroys the automatic generation control (AGC) system and leads to unstable operation of the power system. Fast and accurate detection can help prevent and disrupt malicious attacks. This paper proposes an improved detection method, which is combined with fuzzy theory and support vector machine (SVM) to identify various types of attacks. The impacts of different types of FDIAs on the AGC system are analyzed, and the reliability of the method is proved by a large number of experimental data. This experiment is simulated on a single-area LFC system and the effects of adding a wind storage system were compared in a dynamic model. Simulation studies also show a higher accuracy of fuzzy support vector machine (FSVM) than traditional SVM and fuzzy pattern trees (FPTs).
Hachimi, Marouane, Kaddoum, Georges, Gagnon, Ghyslain, Illy, Poulmanogo.  2020.  Multi-stage Jamming Attacks Detection using Deep Learning Combined with Kernelized Support Vector Machine in 5G Cloud Radio Access Networks. 2020 International Symposium on Networks, Computers and Communications (ISNCC). :1—5.

In 5G networks, the Cloud Radio Access Network (C-RAN) is considered a promising future architecture in terms of minimizing energy consumption and allocating resources efficiently by providing real-time cloud infrastructures, cooperative radio, and centralized data processing. Recently, given their vulnerability to malicious attacks, the security of C-RAN networks has attracted significant attention. Among various anomaly-based intrusion detection techniques, the most promising one is the machine learning-based intrusion detection as it learns without human assistance and adjusts actions accordingly. In this direction, many solutions have been proposed, but they show either low accuracy in terms of attack classification or they offer just a single layer of attack detection. This research focuses on deploying a multi-stage machine learning-based intrusion detection (ML-IDS) in 5G C-RAN that can detect and classify four types of jamming attacks: constant jamming, random jamming, deceptive jamming, and reactive jamming. This deployment enhances security by minimizing the false negatives in C-RAN architectures. The experimental evaluation of the proposed solution is carried out using WSN-DS (Wireless Sensor Networks DataSet), which is a dedicated wireless dataset for intrusion detection. The final classification accuracy of attacks is 94.51% with a 7.84% false negative rate.

Gomathi, S., Parmar, Nilesh, Devi, Jyoti, Patel, Namrata.  2020.  Detecting Malware Attack on Cloud using Deep Learning Vector Quantization. 2020 12th International Conference on Computational Intelligence and Communication Networks (CICN). :356—361.

In recent times cloud services are used widely and due to which there are so many attacks on the cloud devices. One of the major attacks is DDos (distributed denial-of-service) -attack which mainly targeted the Memcached which is a caching system developed for speeding the websites and the networks through Memcached's database. The DDoS attack tries to destroy the database by creating a flood of internet traffic at the targeted server end. Attackers send the spoofing applications to the vulnerable UDP Memcached server which even manipulate the legitimate identity of the sender. In this work, we have proposed a vector quantization approach based on a supervised deep learning approach to detect the Memcached attack performed by the use of malicious firmware on different types of Cloud attached devices. This vector quantization approach detects the DDoas attack performed by malicious firmware on the different types of cloud devices and this also classifies the applications which are vulnerable to attack based on cloud-The Hackbeased services. The result computed during the testing shows the 98.2 % as legally positive and 0.034% as falsely negative.

Susukailo, Vitalii, Opirskyy, Ivan, Vasylyshyn, Sviatoslav.  2020.  Analysis of the attack vectors used by threat actors during the pandemic. 2020 IEEE 15th International Conference on Computer Sciences and Information Technologies (CSIT). 2:261—264.

This article describes attacks methods, vectors and technics used by threat actors during pandemic situations in the world. Identifies common targets of threat actors and cyber-attack tactics. The article analyzes cybersecurity challenges and specifies possible solutions and improvements in cybersecurity. Defines cybersecurity controls, which should be taken against analyzed attack vectors.

Fei, Wanghao, Moses, Paul, Davis, Chad.  2020.  Identification of Smart Grid Attacks via State Vector Estimator and Support Vector Machine Methods. 2020 Intermountain Engineering, Technology and Computing (IETC). :1—6.

In recent times, an increasing amount of intelligent electronic devices (IEDs) are being deployed to make power systems more reliable and economical. While these technologies are necessary for realizing a cyber-physical infrastructure for future smart power grids, they also introduce new vulnerabilities in the grid to different cyber-attacks. Traditional methods such as state vector estimation (SVE) are not capable of identifying cyber-attacks while the geometric information is also injected as an attack vector. In this paper, a machine learning based smart grid attack identification method is proposed. The proposed method is carried out by first collecting smart grid power flow data for machine learning training purposes which is later used to classify the attacks. The performance of both the proposed SVM method and the traditional SVE method are validated on IEEE 14, 30, 39, 57 and 118 bus systems, and the performance regarding the scale of the power system is evaluated. The results show that the SVM-based method performs better than the SVE-based in attack identification over a much wider scale of power systems.

Hong, Tang, Ju, Tailiang, Li, Yao.  2020.  Address Collision Attacks on ECSM Protected by ADPA. 2020 17th International Computer Conference on Wavelet Active Media Technology and Information Processing (ICCWAMTIP). :235—239.

Using the physical characteristics of the encryption device, an attacker can more easily obtain the key, which is called side-channel attack. Common side-channel attacks, such as simple power analysis (SPA) and differential power analysis (DPA), mainly focus on the statistical analysis of the data involved in the encryption algorithm, while there are relatively few studies on the Hamming weight of the addresses. Therefore, a new method of address-based Hamming weight analysis, address collision attack, is proposed in this research. The collision attack method (CA) and support vector machines algorithm (SVM) are used for analysis, meanwhile, the scalar multiplication implemented by protected address-bit DPA (ADPA) can be attack on the ChipWhisperer-Pro CW1200.

2020-12-14
Habibi, G., Surantha, N..  2020.  XSS Attack Detection With Machine Learning and n-Gram Methods. 2020 International Conference on Information Management and Technology (ICIMTech). :516–520.

Cross-Site Scripting (XSS) is an attack most often carried out by attackers to attack a website by inserting malicious scripts into a website. This attack will take the user to a webpage that has been specifically designed to retrieve user sessions and cookies. Nearly 68% of websites are vulnerable to XSS attacks. In this study, the authors conducted a study by evaluating several machine learning methods, namely Support Vector Machine (SVM), K-Nearest Neighbour (KNN), and Naïve Bayes (NB). The machine learning algorithm is then equipped with the n-gram method to each script feature to improve the detection performance of XSS attacks. The simulation results show that the SVM and n-gram method achieves the highest accuracy with 98%.

Pandey, S., Singh, V..  2020.  Blackhole Attack Detection Using Machine Learning Approach on MANET. 2020 International Conference on Electronics and Sustainable Communication Systems (ICESC). :797–802.

Mobile Ad-hoc Network (MANET) consists of different configurations, where it deals with the dynamic nature of its creation and also it is a self-configurable type of a network. The primary task in this type of networks is to develop a mechanism for routing that gives a high QoS parameter because of the nature of ad-hoc network. The Ad-hoc-on-Demand Distance Vector (AODV) used here is the on-demand routing mechanism for the computation of the trust. The proposed approach uses the Artificial neural network (ANN) and the Support Vector Machine (SVM) for the discovery of the black hole attacks in the network. The results are carried out between the black hole AODV and the security mechanism provided by us as the Secure AODV (SAODV). The results were tested on different number of nodes, at last, it has been experimented for 100 nodes which provide an improvement in energy consumption of 54.72%, the throughput is 88.68kbps, packet delivery ratio is 92.91% and the E to E delay is of about 37.27ms.

2020-08-28
Gayathri, Bhimavarapu, Yammani, Chandrasekhar.  2019.  Multi-Attacking Strategy on Smart Grid with Incomplete Network Information. 2019 8th International Conference on Power Systems (ICPS). :1—5.

The chances of cyber-attacks have been increased because of incorporation of communication networks and information technology in power system. Main objective of the paper is to prove that attacker can launch the attack vector without the knowledge of complete network information and the injected false data can't be detected by power system operator. This paper also deals with analyzing the impact of multi-attacking strategy on the power system. This false data attacks incurs lot of damage to power system, as it misguides the power system operator. Here, we demonstrate the construction of attack vector and later we have demonstrated multiple attacking regions in IEEE 14 bus system. Impact of attack vector on the power system can be observed and it is proved that the attack cannot be detected by power system operator with the help of residue check method.

Brewer, John N., Dimitoglou, George.  2019.  Evaluation of Attack Vectors and Risks in Automobiles and Road Infrastructure. 2019 International Conference on Computational Science and Computational Intelligence (CSCI). :84—89.

The evolution of smart automobiles and vehicles within the Internet of Things (IoT) - particularly as that evolution leads toward a proliferation of completely autonomous vehicles - has sparked considerable interest in the subject of vehicle/automotive security. While the attack surface is wide, there are patterns of exploitable vulnerabilities. In this study we reviewed, classified according to their attack surface and evaluated some of the common vehicle and infrastructure attack vectors identified in the literature. To remediate these attack vectors, specific technical recommendations have been provided as a way towards secure deployments of smart automobiles and transportation infrastructures.

Aravindhar, D. John, Gino Sophia, S. G., Krishnan, Padmaveni, Kumar, D. Praveen.  2019.  Minimization of Black hole Attacks in AdHoc Networks using Risk Aware Response Mechanism. 2019 3rd International conference on Electronics, Communication and Aerospace Technology (ICECA). :1391—1394.

Mobile Ad hoc Network (MANET) is the collection of mobile devices which could change the locations and configure themselves without a centralized base point. Mobile Ad hoc Networks are vulnerable to attacks due to its dynamic infrastructure. The routing attacks are one among the possible attacks that causes damage to MANET. This paper gives a new method of risk aware response technique which is combined version the Dijkstra's shortest path algorithm and Destination Sequenced Distance Vector (DSDV) algorithm. This can reduce black hole attacks. Dijkstra's algorithm finds the shortest path from the single source to the destination when the edges have positive weights. The DSDV is an improved version of the conventional technique by adding the sequence number and next hop address in each routing table.

Duncan, Adrian, Creese, Sadie, Goldsmith, Michael.  2019.  A Combined Attack-Tree and Kill-Chain Approach to Designing Attack-Detection Strategies for Malicious Insiders in Cloud Computing. 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1—9.

Attacks on cloud-computing services are becoming more prevalent with recent victims including Tesla, Aviva Insurance and SIM-card manufacturer Gemalto[1]. The risk posed to organisations from malicious insiders is becoming more widely known about and consequently many are now investing in hardware, software and new processes to try to detect these attacks. As for all types of attack vector, there will always be those which are not known about and those which are known about but remain exceptionally difficult to detect - particularly in a timely manner. We believe that insider attacks are of particular concern in a cloud-computing environment, and that cloud-service providers should enhance their ability to detect them by means of indirect detection. We propose a combined attack-tree and kill-chain based method for identifying multiple indirect detection measures. Specifically, the use of attack trees enables us to encapsulate all detection opportunities for insider attacks in cloud-service environments. Overlaying the attack tree on top of a kill chain in turn facilitates indirect detection opportunities higher-up the tree as well as allowing the provider to determine how far an attack has progressed once suspicious activity is detected. We demonstrate the method through consideration of a specific type of insider attack - that of attempting to capture virtual machines in transit within a cloud cluster via use of a network tap, however, the process discussed here applies equally to all cloud paradigms.

Mishra, Narendra, Singh, R K.  2019.  Taxonomy Analysis of Cloud Computing Vulnerabilities through Attack Vector, CVSS and Complexity Parameter. 2019 International Conference on Issues and Challenges in Intelligent Computing Techniques (ICICT). 1:1—8.

The world is witnessing an exceptional expansion in the cloud enabled services which is further growing day by day due to advancement & requirement of technology. However, the identification of vulnerabilities & its exploitation in the cloud computing will always be the major challenge and concern for any cloud computing system. To understand the challenges and its consequences and further provide mitigation techniques for the vulnerabilities, the identification of cloud specific vulnerabilities needs to be examined first and after identification of vulnerabilities a detailed taxonomy must be positioned. In this paper several cloud specific identified vulnerabilities have been studied which is listed by the NVD, ENISA CSA etc accordingly a unified taxonomy for security vulnerabilities has been prepared. In this paper we proposed a comprehensive taxonomy for cloud specific vulnerabilities on the basis of several parameters like attack vector, CVSS score, complexity etc which will be further act as input for the analysis and mitigation of cloud vulnerabilities. Scheming of Taxonomy of vulnerabilities is an effective way for cloud administrators, cloud mangers, cloud consumers and other stakeholders for identifying, understanding and addressing security risks.

McFadden, Danny, Lennon, Ruth, O’Raw, John.  2019.  AIS Transmission Data Quality: Identification of Attack Vectors. 2019 International Symposium ELMAR. :187—190.

Due to safety concerns and legislation implemented by various governments, the maritime sector adopted Automatic Identification System (AIS). Whilst governments and state agencies have an increasing reliance on AIS data, the underlying technology can be found to be fundamentally insecure. This study identifies and describes a number of potential attack vectors and suggests conceptual countermeasures to mitigate such attacks. With interception by Navy and Coast Guard as well as marine navigation and obstacle avoidance, the vulnerabilities within AIS call into question the multiple deployed overlapping AIS networks, and what the future holds for the protocol.

2020-07-27
Lambert, Christoph, Völp, Marcus, Decouchant, Jérémie, Esteves-Verissimo, Paulo.  2018.  Towards Real-Time-Aware Intrusion Tolerance. 2018 IEEE 37th Symposium on Reliable Distributed Systems (SRDS). :269–270.
Technologies such as Industry 4.0 or assisted/autonomous driving are relying on highly customized cyber-physical realtime systems. Those systems are designed to match functional safety regulations and requirements such as EN ISO 13849, EN IEC 62061 or ISO 26262. However, as systems - especially vehicles - are becoming more connected and autonomous, they become more likely to suffer from new attack vectors. New features may meet the corresponding safety requirements but they do not consider adversaries intruding through security holes with the purpose of bringing vehicles into unsafe states. As research goal, we want to bridge the gap between security and safety in cyber-physical real-time systems by investigating real-time-aware intrusion-tolerant architectures for automotive use-cases.
2020-05-26
Tripathi, Shripriya.  2019.  Performance Analysis of AODV and DSR Routing Protocols of MANET under Wormhole Attack and a Suggested Trust Based Routing Algorithm for DSR. 2019 IEEE International WIE Conference on Electrical and Computer Engineering (WIECON-ECE). :1–5.

The nodes in Mobile Ad hoc Network (MANET) can self-assemble themselves, locomote unreservedly and can interact with one another without taking any help from a centralized authority or fixed infrastructure. Due to its continuously changing and self-organizing nature, MANET is vulnerable to a variety of attacks like spoofing attack, wormhole attack, black hole attack, etc. This paper compares and analyzes the repercussion of the wormhole attack on MANET's two common routing protocols of reactive category, specifically, Dynamic Source Routing (DSR) and Ad-hoc On-Demand Distance Vector (AODV) by increasing the number of wormhole tunnels in MANET. The results received by simulation will reveal that DSR is greatly affected by this attack. So, as a solution, a routing algorithm for DSR which is based on trust is proposed to prevent the routes from caching malicious nodes.

2020-04-17
Efendy, Rezky Aulia, Almaarif, Ahmad, Budiono, Avon, Saputra, Muhardi, Puspitasari, Warih, Sutoyo, Edi.  2019.  Exploring the Possibility of USB based Fork Bomb Attack on Windows Environment. 2019 International Conference on ICT for Smart Society (ICISS). 7:1—4.

The need for data exchange and storage is currently increasing. The increased need for data exchange and storage also increases the need for data exchange devices and media. One of the most commonly used media exchanges and data storage is the USB Flash Drive. USB Flash Drive are widely used because they are easy to carry and have a fairly large storage. Unfortunately, this increased need is not directly proportional to an increase in awareness of device security, both for USB flash drive devices and computer devices that are used as primary storage devices. This research shows the threats that can arise from the use of USB Flash Drive devices. The threat that is used in this research is the fork bomb implemented on an Arduino Pro Micro device that is converted to a USB Flash drive. The purpose of the Fork Bomb is to damage the memory performance of the affected devices. As a result, memory performance to execute the process will slow down. The use of a USB Flash drive as an attack vector with the fork bomb method causes users to not be able to access the operating system that was attacked. The results obtained indicate that the USB Flash Drive can be used as a medium of Fork Bomb attack on the Windows operating system.

2020-02-26
Bikov, T. D., Iliev, T. B., Mihaylov, Gr. Y., Stoyanov, I. S..  2019.  Phishing in Depth – Modern Methods of Detection and Risk Mitigation. 2019 42nd International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO). :447–450.

Nowadays, everyone is living in a digital world with various of virtual experiences and realities, but all of them may eventually cause real threats in our real world. Some of these threats have been born together with the first electronic mail service. Some of them might be considered as really basic and simple, compared to others that were developed and advanced in time to adapt themselves for the security defense mechanisms of the modern digital world. On a daily basis, more than 238.4 billion emails are sent worldwide, which makes more than 2.7 million emails per second, and these statistics are only from the publicly visible networks. Having that information and considering around 60% and above of all emails as threatening or not legitimate, is more than concerning. Unfortunately, even the modern security measures and systems are not capable to identify and prevent all the fraudulent content that is created and distributed every day. In this paper we will cover the most common attack vectors, involving the already mass email infrastructures, the required contra measures to minimize the impact over the corporate environments and what else should be developed to mitigate the modern sophisticated email attacks.

Bhatnagar, Dev, Som, Subhranil, Khatri, Sunil Kumar.  2019.  Advance Persistant Threat and Cyber Spying - The Big Picture, Its Tools, Attack Vectors and Countermeasures. 2019 Amity International Conference on Artificial Intelligence (AICAI). :828–839.

Advance persistent threat is a primary security concerns to the big organizations and its technical infrastructure, from cyber criminals seeking personal and financial information to state sponsored attacks designed to disrupt, compromising infrastructure, sidestepping security efforts thus causing serious damage to organizations. A skilled cybercriminal using multiple attack vectors and entry points navigates around the defenses, evading IDS/Firewall detection and breaching the network in no time. To understand the big picture, this paper analyses an approach to advanced persistent threat by doing the same things the bad guys do on a network setup. We will walk through various steps from foot-printing and reconnaissance, scanning networks, gaining access, maintaining access to finally clearing tracks, as in a real world attack. We will walk through different attack tools and exploits used in each phase and comparative study on their effectiveness, along with explaining their attack vectors and its countermeasures. We will conclude the paper by explaining the factors which actually qualify to be an Advance Persistent Threat.

2020-02-17
Yin, Mingyong, Wang, Qixu, Cao, Mingsheng.  2019.  An Attack Vector Evaluation Method for Smart City Security Protection. 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob). :1–7.

In the network security risk assessment on critical information infrastructure of smart city, to describe attack vectors for predicting possible initial access is a challenging task. In this paper, an attack vector evaluation model based on weakness, path and action is proposed, and the formal representation and quantitative evaluation method are given. This method can support the assessment of attack vectors based on known and unknown weakness through combination of depend conditions. In addition, defense factors are also introduced, an attack vector evaluation model of integrated defense is proposed, and an application example of the model is given. The research work in this paper can provide a reference for the vulnerability assessment of attack vector.

Skopik, Florian, Filip, Stefan.  2019.  Design principles for national cyber security sensor networks: Lessons learned from small-scale demonstrators. 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security). :1–8.
The timely exchange of information on new threats and vulnerabilities has become a cornerstone of effective cyber defence in recent years. Especially national authorities increasingly assume their role as information brokers through national cyber security centres and distribute warnings on new attack vectors and vital recommendations on how to mitigate them. Although many of these initiatives are effective to some degree, they also suffer from severe limitations. Many steps in the exchange process require extensive human involvement to manually review, vet, enrich, analyse and distribute security information. Some countries have therefore started to adopt distributed cyber security sensor networks to enable the automatic collection, analysis and preparation of security data and thus effectively overcome limiting scalability factors. The basic idea of IoC-centric cyber security sensor networks is that the national authorities distribute Indicators of Compromise (IoCs) to organizations and receive sightings in return. This effectively helps them to estimate the spreading of malware, anticipate further trends of spreading and derive vital findings for decision makers. While this application case seems quite simple, there are some tough questions to be answered in advance, which steer the further design decisions: How much can the monitored organization be trusted to be a partner in the search for malware? How much control of the scanning process should be delegated to the organization? What is the right level of search depth? How to deal with confidential indicators? What can be derived from encrypted traffic? How are new indicators distributed, prioritized, and scan targets selected in a scalable manner? What is a good strategy to re-schedule scans to derive meaningful data on trends, such as rate of spreading? This paper suggests a blueprint for a sensor network and raises related questions, outlines design principles, and discusses lessons learned from small-scale pilots.
2020-02-10
Neema, Himanshu, Vardhan, Harsh, Barreto, Carlos, Koutsoukos, Xenofon.  2019.  Web-Based Platform for Evaluation of Resilient and Transactive Smart-Grids. 2019 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES). :1–6.
Today's smart-grids have seen a clear rise in new ways of energy generation, transmission, and storage. This has not only introduced a huge degree of variability, but also a continual shift away from traditionally centralized generation and storage to distributed energy resources (DERs). In addition, the distributed sensors, energy generators and storage devices, and networking have led to a huge increase in attack vectors that make the grid vulnerable to a variety of attacks. The interconnection between computational and physical components through a largely open, IP-based communication network enables an attacker to cause physical damage through remote cyber-attacks or attack on software-controlled grid operations via physical- or cyber-attacks. Transactive Energy (TE) is an emerging approach for managing increasing DERs in the smart-grids through economic and control techniques. Transactive Smart-Grids use the TE approach to improve grid reliability and efficiency. However, skepticism remains in their full-scale viability for ensuring grid reliability. In addition, different TE approaches, in specific situations, can lead to very different outcomes in grid operations. In this paper, we present a comprehensive web-based platform for evaluating resilience of smart-grids against a variety of cyber- and physical-attacks and evaluating impact of various TE approaches on grid performance. We also provide several case-studies demonstrating evaluation of TE approaches as well as grid resilience against cyber and physical attacks.