Ontology-based approach for malicious behaviour detection in synchrophasor networks

Synchrophasor systems are becoming a vital requirement for real-time monitoring, control and protection of emerging Smart Grids that need cyber security issues be carefully analysed and mitigated. This paper proposes a behaviour-based ontology on the Syncrophasor communications for the detection of malicious system behaviours. Syncrophasor activities are represented with their causal relationships using a flexible semantic model. The developed model bridges the gap between system behaviours and the exchanged data and commands in the network. A set of semantic rules are created to assist in identifying malicious activities that are deviating from the expected behaviour in the model. The proposed approach is prototyped and tested for its applicability in detecting cyber-attacks. Furthermore, a use case for valuable information extraction is described using query-based engine over the ontology knowledge. The presented results demonstrate the usefulness and flexibility of the proposed approach in detecting malicious activities that could improve Syncrophasor network security.

[1]  Huang Yan-Hao,et al.  The construction of power system knowledge database based on ontology theory and semantic web technology , 2014, 2014 International Conference on Power System Technology.

[2]  Mohamed Gaha,et al.  Application of an Ontology-Based and Rule-Based Model in Electric Power Utilities , 2013, 2013 IEEE Seventh International Conference on Semantic Computing.

[3]  Thomas Wilhelm,et al.  Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research , 2007 .

[4]  Daniel Krauss,et al.  Ontology-based detection of cyber-attacks to SCADA-systems in critical infrastructures , 2016, 2016 Sixth International Conference on Digital Information and Communication Technology and its Applications (DICTAP).

[5]  Brian McBride,et al.  Jena: A Semantic Web Toolkit , 2002, IEEE Internet Comput..

[6]  Chen-Ching Liu,et al.  Cyber-Physical System Security of a Power Grid: State-of-the-Art , 2016 .

[7]  Sebastien Guillon,et al.  Understanding events for wide-area situational awareness , 2014, ISGT 2014.

[8]  Wolfgang Kastner,et al.  Ontology-based abstraction layer for smart grid interaction in building energy management systems , 2016, 2016 IEEE International Energy Conference (ENERGYCON).

[9]  Aitor Pe Distributed Semantic Repositories in Smart Grids , 2011 .

[10]  Xiaoxin Zhou,et al.  Knowledge model for electric power big data based on ontology and semantic web , 2015 .

[11]  Yogesh L. Simmhan,et al.  Semantic Information Modeling for Emerging Applications in Smart Grid , 2012, 2012 Ninth International Conference on Information Technology - New Generations.

[12]  Qin Lijun,et al.  Information model for power grid fault diagnosis based on CIM , 2011, 2011 4th International Conference on Electric Utility Deregulation and Restructuring and Power Technologies (DRPT).

[13]  E. Prud hommeaux,et al.  SPARQL query language for RDF , 2011 .

[14]  Mladen Kezunovic,et al.  An Overview of the IEEE Standard C37.118.2—Synchrophasor Data Transfer for Power Systems , 2014, IEEE Transactions on Smart Grid.

[15]  D Wang,et al.  Ontology-based fault diagnosis for power transformers , 2010, IEEE PES General Meeting.