Ontology modeling for APT attack detection in an IoT-based power system

Smart grid technology is the core technology for the next-generation power grid system with enhanced energy efficiency through decision-making communication between suppliers and consumers enabled by integrating the IoT into the existing grid. This open architecture allowing bilateral information exchange makes it vulnerable to various types of cyberattack. APT attacks, one of the most common cyberattacks, are highly tricky and sophisticated attacks that can circumvent the existing detection technology and attack the targeted system after a certain latent period after intrusion. This paper proposes an ontology-based attack detection system capable of early detection of and response to APT attacks by analyzing their attacking patterns.

[1]  Junho Choi,et al.  Ontology-based access control model for security policy reasoning in cloud computing , 2013, The Journal of Supercomputing.

[2]  Wolfgang Kastner,et al.  Ontology-based abstraction layer for smart grid interaction in building energy management systems , 2016, 2016 IEEE International Energy Conference (ENERGYCON).

[3]  Erdogan Dogdu,et al.  Ontology-centric data modelling and decision support in smart grid applications a distribution service operator perspective , 2014, 2014 IEEE International Conference on Intelligent Energy and Power Systems (IEPS).

[4]  Dongho Won,et al.  Design for Zombie PCs and APT Attack Detection based on traffic analysis , 2014, Inscrypt 2014.

[5]  Colin Tankard,et al.  Advanced Persistent threats and how to monitor and deter them , 2011, Netw. Secur..

[6]  Michael Uschold,et al.  Ontologies: principles, methods and applications , 1996, The Knowledge Engineering Review.

[7]  Junho Choi,et al.  Ontology Based APT Attack Behavior Analysis in Cloud Computing , 2015, 2015 10th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA).

[8]  Daesung Moon,et al.  Host based Feature Description Method for Detecting APT Attack , 2014, Inscrypt 2014.