Combating DDoS Cyberattacks in the Energy Sector
Abstract
Digitalization of infrastructures with the use of information technologies for efficient intelligent management of power systems and their having rather poor cybersecurity are factors provoking a growing number of cyberattacks in the energy sector. At the same time, the energy sector structural units are critically important facilities malfunctioning of which compromises the national security. The problem has become so serious that cyberattacks on the energy sector infrastructural facilities are seen by the governments of many states as real threats leading to malfunctioning of the fuel and energy complex facilities. There is a steady growth of distributed denial-of-service (DDoS) attacks targeted on energy sector facilities. Electric energy building and control automation systems and call centers of power generating companies are attacked, causing power supply to entire regions become upset for a long period of time. At present, there are no reliable and universal technologies capable to block DDoS attacks. The article describes a method for combating DDoS attacks in power systems based on non-semantic filtering of traffic. The article also presents a new approach to combating DDoS attacks, which protects servers and traffic bandwidth. The proposed approach is based on the interaction of users with server equipment by dynamically changing the IP addresses of the attacked resources according to a pseudo-randomly generated schedule. The developed technology for filtering the network traffic makes it possible to combat DDoS attacks, reducing their intensity by about 92 %. As a result, the loss of legitimate packets, which is unavoidable in implementing any DDoS combating technology, makes less than 2 %.
References
2. Бутырин П.А., Алпатов М.Е. Цифровизация и аналитика в электротехнике. Цифровые двойники трансформаторов. – Электричество, 2021, № 10, с. 4–10.
3. Воропай Н.И. От плана ГОЭЛРО к глобальному электроэнергетическому интернету. – Электричество, 2020, № 12, с. 10–13.
4. Колосок И.Н., Гурина Л.А. Идентификация кибератак на системы SCADA и СМПР в ЭЭС при обработке измерений методами оценивания состояния. – Электричество, 2021, № 6, с. 25–32.
5. Взлом и проникновение. Энергетики и госструктуры взялись за кибербезопасность [Электрон. ресурс], URL: https://www.kommersant.ru/doc/4198110 (дата обращения 29.05.2021).
6. Что такое DDoS-атака [Электрон/ ресурс], URL: https://qrator.net/ru/solutions/ddos/how-qrator-works#s27 (дата обращения 29.05.2021).
7. Массель А.Г., Гаськова Д.А. Методы и подходы к обеспечению кибербезопасности объектов цифровой энергетики. – Энергетическая политика, 2018, № 5, с. 62–72.
8. Chakhchoukh Y., Ishii H. Cyber-Attacks Scenarios on the Measurement Function of Power State Estimation. – American Control Conference (ACC), Chicago, IL, USA, 2015, pp. 3676–3681.
9. Chakhchoukh Y., Ishii H. Enhancing Robustness to CyberAttacks in Power Systems Through Multiple Least Trimmed Squares State Estimations. – IEEE Transactions on Power Systems, 2016, vol. 31 (6), pp. 4395–4405.
10. Zhuang P., Deng R., Liang H. False Data Injection Attacks Against State Estimation in Multiphase and Unbalanced Smart Distribution Systems. – IEEE Transactions on Smart Grid, 2019, vol. 10 (6), pp. 6000–6013.
11. Хохлов М.В. Уязвимость оценивания состояния ЭЭС к кибератакам. – Материалы международ. научного семинара им. Ю.Н. Руденко «Методические вопросы исследования надежности больших систем энергетики», 2015, с. 557–566.
12. Ежегодный отчет Qrator Labs о сетевой безопасности и доступности [Электрон. ресурс], URL: https://blog.qrator.net/ru/2019-report-ru_64 (дата обращения 29.05.2021).
13. В «Ростелеком-Солар» прошли киберучения по защищённости объектов электроэнергетики [Электрон. ресурс], URL: https://rt-solar.ru/events/news/1758 (дата обращения 29.05.2021).
14. Song T., et al. A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes. – IEEE Internet Things J., 2017, No. 4, pp. 1844–1852.
15. Roman R., Lopez J. Security in the Distributed Internet of Things. – 2012 International Conference on Trusted Systems, London, UK, 2012, pp. 65–66.
16. Sosnina E., et al. Voltage Control with Thyristor-Regulated Booster Transformer. – 2018 International Conference on Smart Grid (icSmartGrid), 2018, pp. 202–207, DOI:10.1109/ISGWCP.2018.8634477.
17. Krylov V.V., Kravtsov K.N. DDoS Attack and Interception Resistance IP Fast Hopping Based Protocol. – ArXive, Cornell University, 2012.
18. Микрокомпьютер Raspberry Pi Model B+ [Электрон. ресурс], URL: http://www.dns-shop.ru/product/6bf2486e24083120/mikrokomputer-raspberry-pi-model-b/ (дата обращения 29.05.2021).
19. TCP/IP [Электрон. ресурс], URL: https://ru.wikipedia.org/wiki/TCP/IPel-b/ (дата обращения 01.09.2021).
---
Исследование выполнено за счет гранта РНФ (проект № 20-19-00541).
#
1. Tan Y.S., Ng Y.T., Low J.S.C. Internet-of-Things Enabled Real-Time Monitoring of Energy Efficiency on Manufacturing Shop Floors. Procedia CIRP, 2017, 61, 376–381, DOI:10.1016/j.procir.2016.11.242.
2. Butyrin P.А., Alpatov М.Е. Elektrichestvo – in Russ. (Electri-city), 2021, No. 10, pp. 4–10.
3. Voropay N.I. Elektrichestvo – in Russ. (Electricity), 2020, No. 12, pp. 10–13.
4. Kolosok I.N., Gurina L.А. Elektrichestvo – in Russ. (Electricity), 2021, No. 6, pp. 25–32.
5. Vzlom i proniknovenie. Energetiki i gosstruktury vzyalis' za kiberbezopasnost' (Breaking and Entering. Energy and Government Agencies Have Taken up Cybersecurity) [Electron. resource], URL: https://www.kommersant.ru/doc/4198110 (Date of appeal 29.05.2021).
6. Chto takoe DDoS-ataka (What is a DDoS Attack) [Electron. resource], URL: https://qrator.net/ru/solutions/ddos/how-qrator-works#s27 (Date of appeal 29.05.2021).
7. Massel A.G., Gas'kova D.А. Energeticheskaya politika – in Russ. (Energy Policy), 2018, No. 5, pp. 62–72.
8. Chakhchoukh Y., Ishii H. Cyber-Attacks Scenarios on the Measurement Function of Power State Estimation. – American Control Conference (ACC), Chicago, IL, USA, 2015, pp. 3676–3681.
9. Chakhchoukh Y., Ishii H. Enhancing Robustness to CyberAttacks in Power Systems Through Multiple Least Trimmed Squares State Estimations. – IEEE Transactions on Power Systems, 2016, vol. 31 (6), pp. 4395–4405.
10. Zhuang P., Deng R., Liang H. False Data Injection Attacks Against State Estimation in Multiphase and Unbalanced Smart Distribution Systems. – IEEE Transactions on Smart Grid, 2019, vol. 10 (6), pp. 6000–6013.
11. Khokhlov M.V. Materialy мezhdunarod. nauchnogo seminara im. Yu.N. Rudenko «Metodicheskie voprosy issledovaniya nadezhnosti bol'shikh sistem energetiki» – in Russ. (Materials of the International Scientific Seminar n. a. Yu.N. Rudenko "Methodological Issues of Reliability Research of Large Power Systems"), 2015, pp. 557–566.
12. Ezhegodnyy otchet Qrator Labs o setevoy bezopasnosti i dostupnosti (QratorLabs Annual Report on Network Security and Availability) [Electron. resource], URL: https://blog.qrator.net/ru/2019-report-ru_64 (Date of appeal 29.05.2021).
13. V «Rostelekom-Solar» proshli kiberucheniya po zashchishchyon-nosti ob"ektov elektroenergetiki (At Rostelecom-Solar, Cyber-Trainings on the Security of Electric Power Facilities Were Held) [Electron. resource], URL: https://rt-solar.ru/events/news/1758 (Date of appeal 29.05.2021).
14. Song T., et al. A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes. – IEEE Internet Things J., 2017, No. 4, pp. 1844–1852.
15. Roman R., Lopez J. Security in the Distributed Internet of Things. – 2012 International Conference on Trusted Systems, London, UK, 2012, pp. 65–66.
16. Sosnina E., et al. Voltage Control with Thyristor-Regulated Booster Transformer. – 2018 International Conference on Smart Grid (icSmartGrid), 2018, pp. 202–207, DOI:10.1109/ISGWCP.2018.8634477.
17. Krylov V.V., Kravtsov K.N. DDoS Attack and Interception Resistance IP Fast Hopping Based Protocol. – ArXive, Cornell University, 2012.
18. Microcomputer Raspberry Pi Model B+ [Electron. resource], URL: http://www.dns-shop.ru/product/6bf2486e24083120/mikrokomputer-raspberry-pi-model-b/ (Date of appeal 29.05.2021).
19. TCP/IP [Electron. resource], URL: https://ru.wikipedia.org/wiki/TCP/IPel-b/ (Date of appeal 01.09.2021).
---
The study was carried out at the expense of the RGNF grant (Project No. 20-19-00541).