Tohid Shekari (ECE, Georgia Tech), Christian Bayens (ECE, Georgia Tech), Morris Cohen (ECE, Georgia Tech), Lukas Graber (ECE, Georgia Tech), Raheem Beyah (ECE, Georgia Tech)

Recently, the number of cyber threats on power systems has increased at an unprecedented rate. For instance, the widespread blackout in Ukrainian power grid on December 2015 was a wakeup call that modern power systems have numerous vulnerabilities, especially in power substations which form the backbone of electricity networks. There have been significant efforts among researchers to develop effective intrusion detection systems (IDSs) in order to prevent such attacks or at least reduce their damaging consequences. However, all of the existing techniques require some level of trust from components on the supervisory control and data acquisition (SCADA) network; hence, they are still vulnerable to sophisticated attacks that can compromise the SCADA system completely. This paper presents a radio frequency-based distributed intrusion detection system (RFDIDS) which remains reliable even when the entire SCADA system is considered untrusted. The proposed system uses radio frequency (RF) emissions to monitor the power grid substation activities. Indeed, it utilizes a radio receiver as a diagnostic tool to provide air-gapped, independent, and verifiable information about the radio emissions from substation components, particularly at low frequencies (LF, 0.05$-$50~kHz, or $>$20~$mu$s period). The simulation and experimental results verified that four types of diagnostic information can be extracted from radio emissions of power system substation circuits: i)~harmonic content of the circuit current, ii)~fundamental frequency of the circuit current, iii)~impulsive signals from rapid circuit current changes, and iv)~sferics from global lightning strokes. Each or a combination of the first three diagnostics can be effectively leveraged to directly detect specific types of power grid attacks. Meanwhile, the last diagnostic is utilized to check the integrity of the receiver's signal as it is encoded with the quasi-random distribution of the global lightning strokes. The simulation and real-world experimental results verified the effectiveness of RFDIDS in protecting the power grid against sophisticated attacks.

View More Papers

NAUTILUS: Fishing for Deep Bugs with Grammars

Cornelius Aschermann (Ruhr-Universität Bochum), Tommaso Frassetto (Technische Universität Darmstadt), Thorsten Holz (Ruhr-Universität Bochum), Patrick Jauernig (Technische Universität Darmstadt), Ahmad-Reza Sadeghi (Technische Universität Darmstadt), Daniel Teuchert (Ruhr-Universität Bochum)

Read More

Master of Web Puppets: Abusing Web Browsers for Persistent...

Panagiotis Papadopoulos (FORTH-ICS, Greece), Panagiotis Ilia (FORTH-ICS), Michalis Polychronakis (Stony Brook University, USA), Evangelos P. Markatos (FORTH-ICS, Greece), Sotiris Ioannidis (FORTH-ICS, Greece), Giorgos Vasiliadis (FORTH-ICS, Greece)

Read More

Privacy Attacks to the 4G and 5G Cellular Paging...

Syed Rafiul Hussain (Purdue University), Mitziu Echeverria (University of Iowa), Omar Chowdhury (University of Iowa), Ninghui Li (Purdue University), Elisa Bertino (Purdue University)

Read More

Neuro-Symbolic Execution: Augmenting Symbolic Execution with Neural Constraints

Shiqi Shen (National University of Singapore), Shweta Shinde (National University of Singapore), Soundarya Ramesh (National University of Singapore), Abhik Roychoudhury (National University of Singapore), Prateek Saxena (National University of Singapore)

Read More