Stealthy Rootkit Attacks on Cyber-Physical Microgrids

Autor: Ioannis Zografopoulos, Charalambos Konstantinou, Suman Rath
Rok vydání: 2021
Předmět:
Zdroj: e-Energy
DOI: 10.1145/3447555.3466576
Popis: Cyber-physical microgrids hold the key to a carbon-neutral power sector since they enable renewable and distributed energy resource integration, can alleviate overloaded distribution systems, and provide economic energy by generating and consuming power locally. The utilization of cyber-physical assets such as controllers, IoT sensors and actuators, and communication devices can enhance the stability and improve the control of microgrids. However, such assets, if maliciously operated, can become attack entry points and jeopardize the grid operation. Blind and uncoordinated cyber-attacks can be identified by existing security measures overcoming potential operational disruptions. However, rootkit attacks can stay hidden within cyber-physical systems and leverage system information to mask their presence. Rootkit detection is a strenuous process and requires advanced security methods due to their sophisticated operation. A careful analysis of possible rootkit target locations and their exploitation techniques is necessary to design effective threat detection and mitigation mechanisms. This paper discusses the cyber kill chain of a rootkit which can simultaneously deploy itself at multiple locations in a microgrid in a coordinated and stealthy way in order to maximize the impact on power system operations. The rootkit leverages system measurements to hide its presence and its attack impact from the detection mechanisms.
Databáze: OpenAIRE
Externí odkaz: