Ransomware Detection Using Deep Learning in the SCADA System of Electric Vehicle Charging Station

The Supervisory control and data acquisition (SCADA) systems have been continuously leveraging the evolution of network architecture, communication protocols, next-generation communication techniques (5G, 6G, Wi-Fi 6), and the internet of things (IoT). However, SCADA system has become the most profitable and alluring target for ransomware attackers. This paper proposes the deep learning-based novel ransomware detection framework in the SCADA controlled electric vehicle charging station (EVCS) with the performance analysis of three deep learning algorithms, namely deep neural network (DNN), 1D convolution neural network (CNN), and long short-term memory (LSTM) recurrent neural network. All three-deep learning-based simulated frameworks achieve around 97% average accuracy (ACC), more than 98% of the average area under the curve (AUC) and an average F1-score under 10-fold stratified cross-validation with an average false alarm rate (FAR) less than 1.88%. Ransomware driven distributed denial of service (DDoS) attack tends to shift the state of charge (SOC) profile by exceeding the SOC control thresholds. Also, ransomware driven false data injection (FDI) attack has the potential to damage the entire BES or physical system by manipulating the SOC control thresholds. It's a design choice and optimization issue that a deep learning algorithm can deploy based on the tradeoffs between performance metrics.

[1]  Panagiotis G. Sarigiannidis,et al.  Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems , 2019, IEEE Access.

[2]  Manoj Basnet,et al.  Deep Learning-based Intrusion Detection System for Electric Vehicle Charging Station , 2020, 2020 2nd International Conference on Smart Power & Internet Energy Systems (SPIES).

[3]  Srinivas Sampalli,et al.  A Survey of Security in SCADA Networks: Current Issues and Future Challenges , 2019, IEEE Access.

[4]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[5]  Haider Abbas,et al.  Cloud-Assisted IoT-Based SCADA Systems Security: A Review of the State of the Art and Future Challenges , 2016, IEEE Access.

[6]  Howon Kim,et al.  Long Short Term Memory Recurrent Neural Network Classifier for Intrusion Detection , 2016, 2016 International Conference on Platform Technology and Service (PlatCon).

[7]  Hamid Jahankhani,et al.  Ransomware Threat and its Impact on SCADA , 2019, 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3).

[8]  Daniel Morato,et al.  A Survey on Detection Techniques for Cryptographic Ransomware , 2019, IEEE Access.

[9]  G. Manimaran,et al.  Vulnerability Assessment of Cybersecurity for SCADA Systems , 2008, IEEE Transactions on Power Systems.

[10]  Mahadevan Supramaniam,et al.  Ransomware , Threat and Detection Techniques : A Review , 2019 .

[11]  Randy L. Ekl,et al.  Security Technology for Smart Grid Networks , 2010, IEEE Transactions on Smart Grid.

[12]  Agustín Zaballos,et al.  Heterogeneous communication architecture for the smart grid , 2011, IEEE Network.

[13]  Hamid Jahankhani,et al.  Ransomware Impact to SCADA Systems and its Scope to Critical Infrastructure , 2019, 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3).

[14]  Simon Parkinson,et al.  Classifying Ransomware Using Machine Learning Algorithms , 2019, IDEAL.