City Research Online

Modelling smart grid IT-OT dependencies for DDoS impact propagation

Acarali, D. ORCID: 0000-0003-1787-6300, Rajesh Rao, K., Rajarajan, M. ORCID: 0000-0001-5814-9922, Chema, D. and Ginzburg, M. (2022). Modelling smart grid IT-OT dependencies for DDoS impact propagation. Computers & Security, 112, 102528. doi: 10.1016/j.cose.2021.102528

Abstract

The traditional power network has now evolved into the smart grid, where cyber technology enables automated control, greater efficiency, and improved stability. However, this integration of information technology exposes critical infrastructure to potential cyber-attacks. Furthermore, the interdependent nature of the grid’s composite information and operational technology networks means that vulnerability extends across interconnected devices and systems. Therefore, a DDoS (Distributed Denial-of-Service) attack, which is relatively easy to deploy but potentially highly disruptive, can be used strategically against the smart grid with particularly egregious results. In this paper, we take inspiration from epidemiological modelling to propose a compromise propagation model, alongside a behavioural DDoS model, to explore how dependencies between the grid’s networks might influence the scale and impact of DDoS attacks. We found that the internal connectedness of a network amplifies the received impact of failures in an external network on which it is dependent. Furthermore, testing showed that alongside attack force, attack duration influences recovery times, due to both the quantity of resources consumed and the time needed to accumulate recoveries. The models were validated against simulations conducted with cyber-security providers L7 Defense, showing our approach to be a viable companion or alternative to traditional graph-based dependency models.

Publication Type: Article
Additional Information: © 2022. This manuscript version is made available under the CC-BY-NC-ND 4.0 license https://creativecommons.org/licenses/by-nc-nd/4.0/
Publisher Keywords: Smart grids, DDoS modelling, DDoS mitigation, Critical infrastructure, Epidemiology
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
T Technology > TK Electrical engineering. Electronics Nuclear engineering
Departments: School of Mathematics, Computer Science & Engineering > Engineering > Electrical & Electronic Engineering
Project Input:
Project IDFunder NameFunder ID
832907European Union’s H2020 Research and Innovation Programmehttps://doi.org/10.13039/100010661
Date available in CRO: 23 Nov 2021 13:31
Date deposited: 23 November 2021
Date of acceptance: 25 October 2021
Date of first online publication: 6 November 2021
URI: https://openaccess.city.ac.uk/id/eprint/27131
[img] Text - Accepted Version
This document is not freely accessible until 6 November 2022 due to copyright restrictions.
Available under License Creative Commons Attribution Non-commercial No Derivatives.

To request a copy, please use the button below.

Request a copy

Export

Downloads

Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login