FENG Guo-fu,DING Yan-fei,ZHAN Yi,DONG Xiao-she

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2009.02.001

2009-01-01

Abstract:In the paper,a Host-based Intrusion Detection technology for computing grid was proposed which employs Bottleneck Verification(BV)approach to detect U2R intrusions with both low false alarm rate and high detection rate.Due to working inside operating system kernel and performing BV by integer comparison,the technology achieves more efficiency and accuracy.More important,for analyzing suspicious Grid user's behavior,instead of reporting suspicious events indexed by local user ID to high level Grid-based Intrusion Detection System,the technology reports the events with Grid user ID and the usages of host resources.

Jie Jiang,TieMing Chen,Bo Chen,Limin Jin,Deren Chen

2008-01-01

Abstract:In order to solve the security problems introduced by the dynamic characteristics of grid services in authentication and authorization, a security services access platform based on Grid Security Infrastructure is proposed, which can provide the security grid services including the single sign-on and unified authentication and dynamic authorization. In this platform, a self-signed proxy certificate technique and improved context-constrains role based access control mechanism are deployed. The application in Country Emergency Response Grid Service System shows that the proposed platform can satisfy the need of security for grid services access through the grid portal.

CHEN Rong,GAO Ji,GUO Hang

DOI: https://doi.org/10.3785/j.issn.1008-973X.2006.03.005

2006-01-01

Abstract:To solve the problem of lacking dynamic organizing agility in distributed intrusion detection systems,an on-demand intrusion detection model adaptive to the shared data environment was presented.Considering the dynamic sharing and multi-domain integration properties of grid computing,the intrusion detection system consisted of four parts including security estimate system,work flow programming service,data grid environment and detection resource service in the model based on global detection services.By combining the system and node level reconstructions,detection services were ensured from nodes when global detection services of intrusion detection system failed.Results show that compared with the intrusion detection system Snort,the analysis engine program Higen can consume less detection time and user time in local area network(LAN) and wide area network(WAN) experimental environment,and improve the agility of cooperative detection in grid computing.

Yingjie Xia,Yao Zheng,Yudang Li

DOI: https://doi.org/10.1007/11610496_92

2006-01-01

Abstract:Grids, as one implementation of public computing, can be deployed by some middleware to integrate all kinds of resources across institutional boundaries, to tackle complex problems in scientific and engineering computation, data storage, scientific visualization, etc. In this paper, we propose a public computing grid framework built upon the hierarchical combination of two popular middleware products, Globus Toolkit (GT) and Sun Grid Engine (SGE). The communication between them can be conducted by Transfer-queue Over Globus (TOG). We discuss issues related to the deployment and the usage of this kind of hybrid grids. We examine it using serial programs and parallel program codes, and compare it with the grids deployed by only GT or SGE, respectively. The case studies imply that this hybrid grid is suitable for loosely coupled applications with high computational complexity.

Pei-You Zhu,Ji Gao,Bo-Ou Jiang,Hui Song

DOI: https://doi.org/10.1109/ICMLC.2006.258807

2006-01-01

Abstract:Grid is a new technology which implements flexible, secure, coordinated resource sharing among dynamic collections of individuals, institutions, and resources. Unlike in conventional network systems, the services and resources in Grid are heterogeneous and dynamic, they also belong to different domains. So the intrusion detection system (IDS) for Grid should be a system which could rapidly and dynamically integrate the related node detection resources of a Grid Computing application according to the dynamic detection demand and ensure the security of Grid Computing. Conventional network IDS lack the necessary flexibility needed by Grid environment and could not dynamically adjust their structure to the dynamic Grid Computing applications. This paper provides a new flexible multi-agent approach to intrusion detection for Grid (MAIDG). MAIDG not only takes advantage of the flexibility and autonomy of agent technology, but also makes good use of the Globus Toolkit4.0 (GT4)'s data management components which provide the virtual interfaces for all the (heterogeneous or homogeneous) detection resources and realize the publication, location, and high performance transfer of detection data. In a word, this paper provides a new ideal and way to realize the intrusion detection system for Grid.

Xiaofei He,Xinyu Yang,Jie Lin,Linqiang Ge,Wei Yu,Qingyu Yang

DOI: https://doi.org/10.1109/PCCC.2015.7410291

2015-01-01

Abstract:The smart grid is a new type of energy-based cyber-physical system (CPS), which enables interactions between the utility provider and customers through smart meters and advanced metering infrastructures (AMU. Nonetheless, an adversary can inject misleading energy usage information to the utility provider through compromised smart meters and disrupt the grid and electricity market operations. To address this issue, in this paper, we propose an Energy Dispatching False Data Defense (EDF2D) approach, which can effectively detect the forged interactive information between customers and the utility provider with a great accuracy and mitigate the damage raised by attacks on grid operations. Particularly, EDF2D uses the historical interactive information of normal users to determine the conditional probabilities of data anomalies. Based on these conditional probabilities, a Bayesian network designed for detecting false data can be established by EDF2D, and this network is then used to confirm the authenticity of interactive information received by the utility provider originally transmitted from customers. Through a combination of theoretical analysis and performance evaluation, our experimental data shows that EDF2D can effectively detect harmful false interactive data forged by the adversary and mitigate false data injection attacks on smart grid operations.

Yuanzhuo Wang,Chuang Lin,Yang Yang,Junjie Lv,Yang Qu

DOI: https://doi.org/10.1109/GCC.2006.4

2006-01-01

Abstract:Grid services allow the services to be seen as a seamless information processing system that the user can access from any location, the Grid resources are often distributed, autonomic, heterogeneous and dynamic, and they are accessible through the Internet, when users and cooperant servers communicate with a server. Distributed Denial-of-service can make the service requests become hard to implement. An intrusion tolerant mechanism against the attack is formalized for Grid services based on the mechanism design analysis of game theory in this paper. The problems that the attackers could use the authentic IP addresses of the zombies to hide the source of attacks and to increase the computational ability and the likelihood to filter out legitimate traffic are effectively settled under the mechanism. The condition for the legitimate clients being served successfully is further deduced to give an instruction for clients.

Morteza Talebi,Chaoyong Li,Zhihua Qu

DOI: https://doi.org/10.1109/SAM.2012.6250520

2012-01-01

Abstract:For a power grid, false data injection attacks attempt to exploit the configuration and information structure of the power system, introduce erroneous but conforming values into certain state variables, and evade the existing detection techniques based on residual testing, leading to severe security threat to the overall system. Accordingly, an enhanced method of evading false data injection in power grids is proposed. Since the power system can typically be partitioned into a group of microgrids the proposed approach shows that the microgrids (i.e., their boundaries and information sharing structures) are dynamically reconfigured, which makes it impossible to organize a synchronized data injection that exploits a fixed configuration and coordinately attacks certain meters in the configuration. Examples are used to demonstrate the effectiveness of the proposed scheme.

Wang Xingzhi,Yan Zheng,Li Li

DOI: https://doi.org/10.1016/j.compeleceng.2009.12.010

IF: 4.152

2010-01-01

Computers & Electrical Engineering

Abstract:5This paper addresses the problem of parallel dynamic security assessment applications from static homogeneous cluster environment to dynamic heterogeneous grid environment. Functional parallelism and data parallelism are supported by each of the message passing interface model and TCP/IP model. To consider the differences in heterogeneous computing resources and complexity of large-scale power system communities, a kernel-based multilevel algorithm is proposed for network partitioning. Since the bottleneck in distributed computation is low speed network communication, a bi-level latency exploitation technique is introduced for numerically solving system differential equations. The proposed grid-based implementation includes the core simulation engine, grid computing middleware, a Python interface and Python front-end utilities. Tests for a 39-bus network, a 4000-bus network and a 10,000-bus network are reported, and the results of these experiments demonstrate that the proposed scheme is able to execute the distributed simulations on computational grid infrastructure and provide efficient parallelism. (C) 2010 Elsevier Ltd. All rights reserved.

Beibei Li,Gaoxi Xiao,Rongxing Lu,Ruilong Deng,Haiyong Bao

DOI: https://doi.org/10.1109/tii.2019.2922215

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:Recent studies have investigated the possibilities of proactively detecting the high-profile false data injection (FDI) attacks on power grid state estimation by using the distributed flexible ac transmission system (D-FACTS) devices, termed as proactive false data detection (PFDD) approach. However, the feasibility and limitations of such an approach have not been systematically studied in the existing literature. In this paper, we explore the feasibility and limitations of adopting the PFDD approach to thwart FDI attacks on power grid state estimation. Specifically, we thoroughly study the feasibility of using PFDD to detect FDI attacks by considering single-bus, uncoordinated multiple-bus, and coordinated multiple-bus FDI attacks, respectively. We prove that PFDD can detect all these three types of FDI attacks targeted on buses or super-buses with degrees larger than 1, if and only if the deployment of D-FACTS devices covers branches at least containing a spanning tree of the grid graph. The minimum efforts required for activating D-FACTS devices to detect each type of FDI attacks are, respectively, evaluated. In addition, we also discuss the limitations of this approach; it is strictly proved that PFDD is not able to detect FDI attacks targeted on buses or super-buses with degrees equalling 1.

Jianjun Jiang,Jiguang Liu,Yun Yao

DOI: https://doi.org/10.1109/imsccs.2006.35

2006-01-01

Abstract:In recent years, the technology of grid is developed quickly, but it has to face some problems waiting for resolution, such as improving the real time of grid. And at present the researches focus on two related efforts, the development of protocols enabling negotiation for the QoS of resource use, and the development of resource management pertinence strategies and algorithms. Considering the requests of Equipment Grid, this paper proposes an interrupt mechanism in grid environment that implements interrupt trigger, interrupt priority management, interrupt handling, etc. This interrupt mechanism, adopting the method for hardware management in computer, improves the real time of resource discovery in the level of resource management for grid in order to enhance that of the whole system.

WEIJIE LIU,YONGJUN ZHU,WOOJU KIM,HAKJIN KIM,P. SURESH KUMAR,Dimitrios Damopoulos,Georgios Kambourakis,Marios Anagnostopoulos,Yuan Tian,Biao Song,Eui-nam Huh,Wei Tang,Doan Man Nguyen,Jun Young Park,Sang Ho Na,Tian yiμan,Eui-Nam Huh,Bofeng Zhang,Jianxing Zheng,Jianhua Ma,Yinsheng Li,Guobing Zou,Jongik Kim,Eunseok Lee,Yun Won Chung,Byoungwook Kim,HeonChang Yu,EunYoung Lee,Rize Jin,Tae-Sun Chung,Tien Dung,Eui Nam,NGUYEN DOAN MAN,JUN-YOUNG PARK,NA SANG-HO,TIAN YUAN

2012-01-01

Abstract:Intrusion Detection Systems (lDSs), nowadays, critically becomes an important security component in the novel commercial computing models to detect malicious behaviors timely and protect either network infrastructure or individual hosts from the serious damage of attacks. For Cloud Computing, various application scenarios and complexity at a higher level make the traditional IDS approaches difficult to find out the actual threats from the novel multi-step attacks, which stem from the new vulnerabilities of Cloud environments. Therefore, information about novel attack scenarios is an urgent requirement to operate IDSs built in Cloud Computing more efficiently and accurately. This paper focuses on developing a data mining-based approach to construct new attack scenarios from the sequences of low-level alerts gathered from multiple traditional IDSs. In addition, an Attack Signature Exchange (ASE) model between Interconnect Clouds in a Collaborative Cloud Computing environment which is considered as a prior knowledge exchange is also presented. Key-words: Intrusion Detection System, Cloud Computing, Attack scenario, Attack Signature, Collaborative Cloud

Yichi Zhang,Lingfeng Wang,Weiqing Sun,Robert C. Green,Mansoor Alam

DOI: https://doi.org/10.1109/tsg.2011.2159818

IF: 10.275

2011-01-01

IEEE Transactions on Smart Grid

Abstract:The advent of the smart grid promises to usher in an era that will bring intelligence, efficiency, and optimality to the power grid. Most of these changes will occur as an Internet-like communications network is superimposed on top of the current power grid using wireless mesh network technologies with the 802.15.4, 802.11, and WiMAX standards. Each of these will expose the power grid to cybersecurity threats. In order to address this issue, this work proposes a distributed intrusion detection system for smart grids (SGDIDS) by developing and deploying an intelligent module, the analyzing module (AM), in multiple layers of the smart grid. Multiple AMs will be embedded at each level of the smart grid-the home area networks (HANs), neighborhood area networks (NANs), and wide area networks (WANs)-where they will use the support vector machine (SVM) and artificial immune system (AIS) to detect and classify malicious data and possible cyberattacks. AMs at each level are trained using data that is relevant to their level and will also be able to communicate in order to improve detection. Simulation results demonstrate that this is a promising methodology for supporting the optimal communication routing and improving system security through the identification of malicious network traffic.

Jh Yang,Zh Wu,Sl Tang,Xs Guo

DOI: https://doi.org/10.1007/978-3-540-30207-0_21

2004-01-01

Abstract:HLA-based distributed simulation has no mechanisms for managing execution according to the dynamically changing conditions of computing resources and no implementation with dynamical discovery. Grid Computing is designed to coordinate resources that are not subject to centralized control. We present the design of a system supporting execution of HLA-based Parallel and Distributed Simulation (PADS) on the Grid Computing Environment. Firstly, we focus on the architecture of Distributed Interactive Simulation on the Grid (DISG). The architecture definition consists of descriptions of functionality of new tools and Grid Services and indicates where interfaces should be described. We present a model of Virtual Battlefield Attack-Defense Countermeasure Simulation (VBADCS) on the Grid. This model describes how to plug HLA/RTI simulations into the Grid Services framework. Finally, we give an experimental instance of DISG to validate the feasibility and examine the performance of the key techniques of DISG.

Yichi Zhang,Lingfeng Wang,Weiqing Sun,Robert C. Green,Mansoor Alam

DOI: https://doi.org/10.1109/PES.2011.6039697

2011-01-01

Abstract:The advent of the smart grid promises to usher in an era that will bring intelligence, efficiency, and optimality to the power grid. Most of these changes will occur as an Internet-like communications network is superimposed on top of the current power grid using wireless technologies including 802.15.4, 802.11, and the Zigbee protocol. Each of these will expose the power grid to cyber security threats. In order to address this issue, this work proposes a Distributed Intrusion Detection System for Smart Grids (SGDIDS) by developing and deploying an intelligent module, the Analyzing Module (AM) in the multiple layers of smart grids. Multiple AMs will be embedded at each level of the smart grid - the home area network (HAN), neighborhood area network (NAN), and the Wide Area Network (WAN) - where they will use Artificial Immune System (AIS) to detect and classify malicious data and possible cyber attacks. AMs at each level will be trained using data that is relevant to their level and will also be able to communicate in order to improve detection. Simulation results demonstrate that this is a promising methodology for identifying malicious network traffic and improving system security.

Po-Yu Chen,Shusen Yang,Julie A. McCann,Jie Lin,Xinyu Yang

DOI: https://doi.org/10.1109/MCOM.2015.7045410

IF: 9.03

2015-01-01

IEEE Communications Magazine

Abstract:Smart grids are essentially electric grids that use information and communication technology to provide reliable, efficient electricity transmission and distribution. Security and trust are of paramount importance. Among various emerging security issues, FDI attacks are one of the most substantial ones, which can significantly increase the cost of the energy distribution process. However, most current research focuses on countermeasures to FDIs for traditional power grids rather smart grid infrastructures. We propose an efficient and real-time scheme to detect FDI attacks in smart grids by exploiting spatial-temporal correlations between grid components. Through realistic simulations based on the US smart grid, we demonstrate that the proposed scheme provides an accurate and reliable solution.

Xl Gui,B Xie,Yn Li,Dp Qian

DOI: https://doi.org/10.1007/978-3-540-30207-0_60

2004-01-01

Abstract:Computational Grids need support the distributed high performance computing with security and reliability. While the fact is when malicious users apply computational resources or illegally modify their secure levels, they can get system-level data or outputs belong to other applications by running cock-horse, even more they can destroy the whole system. For solving these security problems in Grids, a Grid security model with users behaviors and trusts is introduced. And by improving the components of reputation in traditional trust [1], [2] model, a new trust model with mathematical description is presented, and the grid security infrastructure with this trust model is described.

Lingjie Hou,Xiaoyuan Luo,Xinyu Wang,Xinping Guan

DOI: https://doi.org/10.1109/isass.2019.8757771

2019-01-01

Abstract:Due to vulnerability caused by the openness of smart grids, False Data Injection Attack (FDIA) can be injected by hacker with a bank of false attack sequences to damage the operation of the grid system by compromising the measurement equipment. Hence, the emergence of the FDIA has brought enormous threats to the security mechanism of smart grids. To solve this problem, an adaptive defense scheme against FDIA is proposed in this paper. A dynamic grid model that considers the changes of internally physical dynamics is established. Based on this model, a class of adaptive defense controllers are constructed by studying the characteristics of FDIA. The designed adaptive defense controller can update the information from the system in real time and adjust the states constantly, which makes the grid system under attacks keep stable. Finally, the effectiveness of the adaptive defense scheme against the FDIA is verified by the simulation results on the IEEE-9 bus smart grid system.

A. Gomez Ramirez,C. Lara,L. Betev,D. Bilanovic,U. Kebschull

DOI: https://doi.org/10.48550/arXiv.1801.04179

2018-01-12

Abstract:Grid computing systems require innovative methods and tools to identify cybersecurity incidents and perform autonomous actions i.e. without administrator intervention. They also require methods to isolate and trace job payload activity in order to protect users and find evidence of malicious behavior. We introduce an integrated approach of security monitoring via Security by Isolation with Linux Containers and Deep Learning methods for the analysis of real time data in Grid jobs running inside virtualized High-Throughput Computing infrastructure in order to detect and prevent intrusions. A dataset for malware detection in Grid computing is described. We show in addition the utilization of generative methods with Recurrent Neural Networks to improve the collected dataset. We present Arhuaco, a prototype implementation of the proposed methods. We empirically study the performance of our technique. The results show that Arhuaco outperforms other methods used in Intrusion Detection Systems for Grid Computing. The study is carried out in the ALICE Collaboration Grid, part of the Worldwide LHC Computing Grid.

Distributed, Parallel, and Cluster Computing,Cryptography and Security,Machine Learning

Yating Li,Jianjin Li,Xiaoyuan Luo,Xinyu Wang,Xinping Guan

DOI: https://doi.org/10.23919/chicc.2018.8484076

2018-01-01

Abstract:This paper studies the detection and isolation problem against False Data Injection Attack (FDIA) for distributed smart grids, by using the designed Unknown Input Observer (UIO). Firstly, a simple but classical mathematics model of distributed smart grid is introduced. Considering the covert of FDIA, the Unknown Input Observer is designed for detecting and isolating cyber attack in smart grids. Then, considering the disturbance and uncertainty of grid system model, the adaptive thresholds are computed for detecting the cyber attack. Furthermore, UIO-based attack detection and isolation Algorithm is proposed, by computing the observed residuals. Finally, simulations are given to illustrate the effectiveness of the proposed algorithm.