To see the other types of publications on this topic, follow the link: Cyber-attack mitigation.
Journal articles on the topic 'Cyber-attack mitigation'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Cyber-attack mitigation.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Bentley, Mark, Alec Stephenson, Peter Toscas, and Zili Zhu. "A Multivariate Model to Quantify and Mitigate Cybersecurity Risk." Risks 8, no. 2 (2020): 61. http://dx.doi.org/10.3390/risks8020061.
Full textAbstract:
The cost of cybersecurity incidents is large and growing. However, conventional methods for measuring loss and choosing mitigation strategies use simplifying assumptions and are often not supported by cyber attack data. In this paper, we present a multivariate model for different, dependent types of attack and the effect of mitigation strategies on those attacks. Utilising collected cyber attack data and assumptions on mitigation approaches, we look at an example of using the model to optimise the choice of mitigations. We find that the optimal choice of mitigations will depend on the goal—to prevent extreme damages or damage on average. Numerical experiments suggest the dependence aspect is important and can alter final risk estimates by as much as 30%. The methodology can be used to quantify the cost of cyber attacks and support decision making on the choice of optimal mitigation strategies.
2
Beg, Omar, Asad Khan, Waqas Rehman, and Ali Hassan. "A Review of AI-Based Cyber-Attack Detection and Mitigation in Microgrids." Energies 16, no. 22 (2023): 7644. http://dx.doi.org/10.3390/en16227644.
Full textAbstract:
In this paper, the application and future vision of Artificial Intelligence (AI)-based techniques in microgrids are presented from a cyber-security perspective of physical devices and communication networks. The vulnerabilities of microgrids are investigated under a variety of cyber-attacks targeting sensor measurements, control signals, and information sharing. With the inclusion of communication networks and smart metering devices, the attack surface has increased in microgrids, making them vulnerable to various cyber-attacks. The negative impact of such attacks may render the microgrids out-of-service, and the attacks may propagate throughout the network due to the absence of efficient mitigation approaches. AI-based techniques are being employed to tackle such data-driven cyber-attacks due to their exceptional pattern recognition and learning capabilities. AI-based methods for cyber-attack detection and mitigation that address the cyber-attacks in microgrids are summarized. A case study is presented showing the performance of AI-based cyber-attack mitigation in a distributed cooperative control-based AC microgrid. Finally, future potential research directions are provided that include the application of transfer learning and explainable AI techniques to increase the trust of AI-based models in the microgrid domain.
3
Sangeetha, Prabhu, and P. S. Nethravathi. "A Review on Conceptual Model of Cyber Attack Detection and Mitigation Using Deep Ensemble Model." International Journal of Applied Engineering and Management Letters (IJAEML) 6, no. 1 (2022): 149–59. https://doi.org/10.5281/zenodo.6349848.
Full textAbstract:
<strong>Purpose: </strong><em>When communication networks and the internet of things are integrated into business control systems, they become more vulnerable to cyber-attacks, which can have disastrous consequences. An Intrusion Detection System is critical for identifying and blocking attacks in IoT networks. As a result, utilizing a unique Classification and Encryption approach, this article offered a novel architecture for attack node mitigation.</em> <strong>Design/Methodology/Approach</strong>: <em>This study reviews the current status of various cyber-attack detection models and their mitigation techniques. The proposed model works so that the system is first trained on the dataset, including the DDoS attack and ransomware components. The model examines if it contains malware from DDoS or Ransomware. When tested, we use trained information or a data set to provide the results on attack existence and what sort of attack we offer the extracted characteristics of the input. When the model identifies the attacker node, it is removed via the BAIT technique from the network. </em> <strong>Findings/Result: </strong><em>Recognizing the importance of information security is critical to combating cybercrime and encouraging cyber security. There are numerous tactics, strategies, and equipment currently in use to detect intrusion in a computer network, and continuing research is being conducted to improve their ability to detect intrusion. The basic version of a cyber-assault detection and mitigation system using the BRELU-RESNET method was evaluated in this study.</em> <strong>Originality/Value: </strong><em>This review-based research article examines the present state of cyber-attack detection and mitigation, as well as the research gaps and research goals.</em> <strong>Paper Type: </strong><em>Review-based research analysis</em>
4
Permana, Agus. "Indonesia's Cyber Defense Strategy in Mitigating The Risk of Cyber Warfare Threats." Syntax Idea 3, no. 1 (2021): 1. http://dx.doi.org/10.36418/syntax-idea.v3i1.860.
Full textAbstract:
The purpose of this paper is to analyze and describe the strategy of the Indonesian government in mitigating the risk of dealing the threat of cyber warfare. This paper uses the qualitative method using 3 indicators of risk mitigation theory consisting of prevention, indentification and remedy to interpret the problem and explain it in more detail by collecting data from literature studies. Cyber defense threat mitigation refers to policies and processes put in place by an institution to help in preventing a potential security incident and data breaches as well as to limit the extent of damage when a security attack does happen. The results of the discussion of this study are the Indonesian government's strategy focusing on processes, technology and information, preparedness, response, and follow-up activities, all of which included in instruments for measuring risk mitigation of cyber warfare threats. The conclusion is that Cyber defense in the form of a strategic concept must be concrete if all infrastructure networks are held, then the cyber defense policy can be known. To build a reliable cyber defense system, the government and stakeholders must ensure that the cyberinfrastructure is secure. The Indonesian government must increase capacity and increase cooperation leading stakeholders and government is essential regarding cyber warfare. Having a good risk mitigation plan will help cyber defense policies in Indonesia as the basis for the preparation.
5
Permana, Agus. "Indonesia's Cyber Defense Strategy in Mitigating The Risk of Cyber Warfare Threats." Syntax Idea 3, no. 1 (2021): 1–11. http://dx.doi.org/10.46799/syntax-idea.v3i1.860.
Full textAbstract:
The purpose of this paper is to analyze and describe the strategy of the Indonesian government in mitigating the risk of dealing the threat of cyber warfare. This paper uses the qualitative method using 3 indicators of risk mitigation theory consisting of prevention, indentification and remedy to interpret the problem and explain it in more detail by collecting data from literature studies. Cyber defense threat mitigation refers to policies and processes put in place by an institution to help in preventing a potential security incident and data breaches as well as to limit the extent of damage when a security attack does happen. The results of the discussion of this study are the Indonesian government's strategy focusing on processes, technology and information, preparedness, response, and follow-up activities, all of which included in instruments for measuring risk mitigation of cyber warfare threats. The conclusion is that Cyber defense in the form of a strategic concept must be concrete if all infrastructure networks are held, then the cyber defense policy can be known. To build a reliable cyber defense system, the government and stakeholders must ensure that the cyberinfrastructure is secure. The Indonesian government must increase capacity and increase cooperation leading stakeholders and government is essential regarding cyber warfare. Having a good risk mitigation plan will help cyber defense policies in Indonesia as the basis for the preparation.
6
Merz, Terry, and Romarie Morales Rosado. "Using Deep Reinforcement Learning for Assessing the Consequences of Cyber Mitigation Techniques on Industrial Control Systems." International Conference on Cyber Warfare and Security 18, no. 1 (2023): 577–80. http://dx.doi.org/10.34190/iccws.18.1.1063.
Full textAbstract:
This paper discusses an in-progress study involving the use of deep reinforcement learning (DRL) to mitigate the effects of an advanced cyber-attack against industrial control systems (ICS). The research is a qualitative, exploratory study which emerged as a gap during the execution of two rapid prototyping studies. During these studies, cyber defensive procedures, known as “Mitigation, were characterized as actions taken to minimize the impact of ongoing advanced cyber-attacks against an ICS while enabling primary operations to continue. To execute Mitigation procedures, affected ICS components required rapid isolation and quarantining from “healthy” system segments. However today, with most attacks leveraging automation, mitigation also requires rapid decision-making capabilities operating at the speed of automation yet with human-like refinement. The authors settled on the choice of DRL as a viable solution to this problem due to the algorithm’s designs which involves “intelligent” decisions based upon continuous learning achieved through a rewards system. The primary theory of this study posits that processes informed by data sources relative to the execution path of an advanced cyber-attack as well as the consequences of deploying a particular Mitigation procedure evolve the system into an ever-improving defensive capability. This study seeks to produce a defensive DLR based software agent trained by a DRL based offensive software agent that generates policy refinements based upon extrapolations from a corrupted network state as reported by an IDS and baseline data. Results include an estimation rule that would quantify impacts of various mitigation actions while protecting the operational critical path and isolating an in-progress attack. This study is in a conceptual phase and development has not started.
 This research questions for this study are:
 RQ1: Can this software agent categorize correctly an in-progress cyber-attack and extrapolate the potential ICS assets affected?
 RQ2: Can this software agent categorize novel cyber-attacks and extrapolate a probable attack vector while enumerating affected assets?
 RQ3: Can this software agent characterize how operations are affected by quarantine actions?
 RQ4: Can this software agent generate a set of ranked recommended courses of action by effectiveness, and least negative effects on the operational critical path?
7
Donald, L. Buresh Ph.D. Esq. "The Federal Acquisition Supply Chain Act, the Solarwinds Cyber-Attack, and What Might Have Been Different Had FASCA Been Federal Law at the Time of the Attack." International Journal of Social Science and Human Research 05, no. 07 (2022): 2906–13. https://doi.org/10.5281/zenodo.6800881.
Full textAbstract:
This essay explores the Federal Acquisition Supply Chain Act (FASCA) and the difference it would have made had it been a law during the SolarWinds cyber-attack. The Act is examined from a critical perspective to see what effect it would have had if it had existed when the attack occurred. The SolarWinds cyber attack is then discussed in some detail. In deciding what would have happened if the FASCA was a law at the time of the attack, the events are presumed to be the same as what took place. It was at the time when the cyber-attack information reached the Federal Acquisition Security Council (FASC) that the incident would likely have changed. The paper argues that there would be delays in the actions of the FASC due to the complexity of the bureaucracy involved. The article concludes that the projected outcome would differ from the actual outcome because the cyber-attack would have been handled administratively rather than legislatively in the proposed outcome. This difference may or may not have fostered mitigation of the cyber-attack.
8
Li, Wenpei, Han Fu, Shun Wu, Bin Yang, and Zhixiong Liu. "A Kalman Filter-Based Distributed Cyber-Attack Mitigation Strategy for Distributed Generator Units in Meshed DC Microgrids." Energies 16, no. 24 (2023): 7959. http://dx.doi.org/10.3390/en16247959.
Full textAbstract:
To ensure fast dynamics and the stability of multiple distributed generator units (DGUs) in DC microgrids, communication links among the controllers of DGUs are generally adopted. However, those communication channels are vulnerable to cyber-attacks. To alleviate this hassle, a Kalman Filter (KF)-based distributed cyber-attack mitigation strategy, which is highly involved in both primary and secondary control, is proposed in this paper. The KF, as a robust state estimator, is utilized to accurately estimate the authentic terminal voltages and currents of the DGUs. Based on the discrepancies between the estimated and measured parameters of the systems under cyber-attacks, the proposed control can adaptively compensate the attack signals via an adaptive proportional integral (API) controller and a fractional API (FAPI) controller in cyber-attack-mitigation layers. The main advantage of using the proposed control scheme compared to conventional schemes is the fast dynamic response. The simulation results verify this merit by comparing the adopted KF and comparing it with conventional artificial neural networks (ANN), while the experimental results validate that effectiveness of the proposed control and showcase the superiority of the FAPI control in terms of its perfect compensation for different types of cyber-attacks.
9
K, Aswin. "ENHANCING POWER SYSTEM SECURITY THROUGH RESILIENT FREQUENCY REGULATION IN THE FACE OF HYBRID CYBER-ATTACKS." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 05 (2024): 1–5. http://dx.doi.org/10.55041/ijsrem34210.
Full textAbstract:
The growing reliance on modern communication technologies in power systems for Frequency Regulation (FR) introduces vulnerabilities to cyberattacks, posing significant threats to system stability and reliability. These attacks can disrupt the coordination among various components, such as sensors, control centers, and actuators, thereby compromising the integrity of FR analysis. In response, this article proposes a resilient solution in the form of a deep-learning-based Attack Detection and Mitigation system. By integrating advanced AI techniques, this system aims to fortify the security of FR operations within the cyber-physical framework, swiftly identifying and neutralizing cyber threats. Ultimately, this approach ensures the continuous and reliable operation of power systems, mitigating the risks posed by hybrid cyberattacks and safeguarding critical infrastructure. The proposed system represents a proactive approach to mitigating the escalating risks associated with cyberattacks targeting FR in power systems. Through its deep-learning algorithms, the system can dynamically adapt to emerging threats, enhancing the resilience of FR analysis against malicious intrusions. By bolstering security measures within the cyber-physical model, the system minimizes the potential impact of cyberattacks on power system stability and reliability. Moreover, its ability to detect and mitigate threats in real-time ensures uninterrupted operation, thereby safeguarding the functionality of power systems even amidst the evolving landscape of hybrid cyber threats. This resilient solution represents a crucial step towards fortifying power system security and maintaining essential services in the face of adversarial cyber activities. Keywords: Attack detection and mitigation (ADM) system, Frequency Regulation(FR), hybrid power system, Renewable Energy Sources (RESs), resiliency.
10
ASTROV, Igor, and Sanja BAUK. "Simulating a Cyber-Attack on the Mass Thruster Controllers at Low-Speed Motion." Promet - Traffic&Transportation 36, no. 6 (2024): 1006–21. https://doi.org/10.7307/ptt.v36i6.797.
Full textAbstract:
The aim of this paper is to highlight the vulnerability of Maritime Autonomous Surface Ships (MASS) to cyber-attack and to illustrate, through a simulation experiment on a testbed, how to mitigate a cyber-attack on the MASS thruster controllers during low-speed motion. The first part of the paper is based on a scoping review of relevant articles in the field, including some MASS projects, related cyber threats and modelling techniques to improve cyber resilience. In the second part of the paper, a cyber-attack on the MASS thruster controllers at low speed motion is illustrated along with the impact of the attack on the trajectory motion. The Kalman filter, as an additional device to the thruster controllers, is used as a cyber-attack mitigation aid. Under the conditions of a simulated intrusion on the input and output signals of the thruster, the experiments conducted in the MATLAB Simulink environment provide an insight into the behaviour of the MASS propulsion subsystem from the perspective of the low-speed trajectory, with and without the Kalman filter.
11
Panchamia, Virti, Archita Harchwani, and Tirath Momaya. "Cybersecurity Renaissance: Navigating Threats, Ethical Hacking, and Risk Mitigation in the Digital Era." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 01 (2024): 1–10. http://dx.doi.org/10.55041/ijsrem28181.
Full textAbstract:
Cybercrime has evolved into a $1.5 trillion industry, mirroring legitimate organizations. Despite its recent surge, cybercrime is not a novel threat, dating back centuries. The inaugural cyber attack occurred in 1834 in France, exposing the French telegraph system. The mid-20th century marked cybercrime's emergence, notably with Allen Scherr's 1962 attack on MIT. The '90s ushered in communication technology but also increased cyber threats. The 2000s witnessed more sophisticated attacks, with APTs sponsored by nation- states. The 2010s saw a surge in cybercrime, spawning a parallel growth in cybersecurity jobs and ethical hacking. Notable attacks include Stuxnet in 2010 and the SamSam ransomware in 2015. The 2020s witnessed substantial losses, such as the SolarWinds breach in 2020 and the Colonial Pipeline attack in 2021. The abstract underscores the importance of cybersecurity in safeguarding data from theft and damage. With rising cyber threats, reliance on out-of-the-box solutions is insufficient. A comprehensive approach, including cybersecurity awareness training, is crucial. The global shift towards digital dependence emphasizes the need for robust cybersecurity measures, encompassing all fields to protect against potential data breaches. Cybersecurity's significance is escalating as technology reliance grows, demanding a comprehensive defense strategy. Cyber risk mitigation involves policies, technologies, and procedures to reduce the likelihood and impact of cyber attacks. Challenges include inadequate visibility, manual processes, and resource limitations. The benefits encompass timely risk identification, fewer vulnerabilities, improved security compliance, enhanced brand reputation, and increased revenue. Cyber risk mitigation is pivotal for organizations aiming to navigate the evolving threat landscape successfully. International Journal of Scientific Research in Engineering and Management (IJSREM) Volume: 08 Issue: 01 | January - 2024 SJIF Rating: 8.176 ISSN: 2582-3930 © 2024, IJSREM | www.ijsrem.com DOI: 10.55041/IJSREM28181 | Page 2 Keywords: Cybercrime,Evolution,Inaugural attack,APTs,Cybersecurity jobs,Cybersecurity awareness,Risk mitigation
12
Zhu, Jiawei, and Bhuvana Ramachandran. "An Advanced Optimization Based Simulation Model to Study the Impact of Cyber-Physical Attacks on Power Systems." International Journal of Electronics and Electrical Engineering 8, no. 4 (2020): 74–81. http://dx.doi.org/10.18178/ijeee.8.4.74-81.
Full textAbstract:
The promotion of energy internet causes external information to directly or indirectly affect power system control decisions through various business approaches. The interaction mechanism between power network and information network becomes increasingly complex. Modern power systems become more prone to cyber-attacks and physical attacks because of the high integration of information layer and physical layer. This paper provides an insight into the impacts of cyber and physical attacks on power systems, where the attacks are modeled in the form of mathematical (optimization) equations representing the attacks. Moreover, the cyber and physical attacks are modeled in the form of Mixed Integer Linear Programming (MILP) problem. The authors have simulated cyber-attack on transmission lines and cyber-physical attack on both transmission lines and loads. The MILP problem is solved by commercial solver, CPLEX. A case study on a modified IEEE 14 bus test system is considered to demonstrate the results of this research. Simulation results on the test system show that the cyber and physical attacks on power systems could cause undesirable load curtailment and mitigation of such attacks becomes essential for secure operation of the electric grid. This research would enable the power system operators to understand the potentially damaging effects of cyber-physical attack and advance their knowledge about such attacks so that prevention and mitigation of attacks on the power systems is possible.
13
Ramadhan, Umar Fitra, Jaehyeong Lee, and Minhan Yoon. "A Comprehensive Study of Cyber Attack Mitigation with the Exchange of Frequency Containment Reserves Control in a Multi-Infeed Direct Current Power System." Sensors 23, no. 4 (2023): 1964. http://dx.doi.org/10.3390/s23041964.
Full textAbstract:
By 2040, the Korean government aims for a penetration rate of 30–35% of the total power from renewable sources. Due to a lack of inertia, particularly in remote systems such as those on Jeju Island, these circumstances will reduce network stability. To maintain the diversity and unpredictability of RES penetration, HVDC systems with an exchange of frequency containment reserve control are utilized. An exchange of frequency containment reserves control (E-FCR) is one of the balancing arrangement concepts of HVDC systems. However, the development of E-FCR concepts is vulnerable to cyber attacks because this concept only considers one wide-area measurement for data exchange. This study established a simultaneous cyber attack operation, i.e., an attack was set at the same time as a contingency operation that affects the balancing arrangement between two regions. Multiple possibilities of cyber attack and mitigation operations were suggested according to their ability to access information in the MIDC system. Then, a cyber detection strategy was proposed through a normalized correlation concept to activate mitigation control that could enhance the frequency stability by adjusting the value of the ramp-rate deviation between two HVDC types. By simulating the Korean power system model that was implemented in PSS/E, along with a Python script, simulation results demonstrated that a cyber attack on missing data can cause severe low-frequency nadir responses, and the proposed methodology can practically detect and mitigate cyber attacks.
14
Kwon, Cheolhyeon, and Inseok Hwang. "Cyber attack mitigation for cyber–physical systems: hybrid system approach to controller design." IET Control Theory & Applications 10, no. 7 (2016): 731–41. http://dx.doi.org/10.1049/iet-cta.2014.1013.
Full text
15
Li, Wenpei, Han Fu, Shun Wu, Bin Yang, and Zhixiong Liu. "RETRACTED: Li et al. A Kalman Filter-Based Distributed Cyber-Attack Mitigation Strategy for Distributed Generator Units in Meshed DC Microgrids. Energies 2023, 16, 7959." Energies 17, no. 23 (2024): 6075. https://doi.org/10.3390/en17236075.
Full text
16
Damalla, Jyothi. "Enhancing Cyber Attack detection using Deep Learning." International Journal of Research and Applications 10, no. 40 (2023): 3001–7. https://doi.org/10.5281/zenodo.15251861.
Full textAbstract:
Financial institutions must utilize digital more efficiently with greater customer-centricity, yet the more they lean toward that, the greater the vulnerability to attacks like ransom ware and phishing. The traditional Cyber Threat Intelligence approaches through signature based systems happen to be ineffective against these evolving threats [3]. The application of artificial intelligence (AI) and machine learning (ML) offers a solution to analyze large amounts of data to detect risks and predict danger in real time [5]. This allows banks to be proactive and agile in their risk mitigation. This paper discusses the disruptive impact of AI and ML in CTI, their capabilities, integration challenges and areas for future research to strengthen the cyber security infrastructure [6]. Keywords: Cyber Threat Intelligence, Financial Institutions, Artificial Intelligence, SIEM (Security Information and Event Management), Machine Learning, Ransom ware, Advanced Persistent Threats, Cyber Security.
17
Yousef Alshunaifi, Sulaiman, Shailendra Mishra, and Mohammed Abdul Rahman AlShehri. "Cyber-Attack Detection and Mitigation Using SVM for 5G Network." Intelligent Automation & Soft Computing 31, no. 1 (2022): 13–28. http://dx.doi.org/10.32604/iasc.2022.019121.
Full text
18
Sree Varshini, G. Y., and S. Latha. "Detection and mitigation of coordinated cyber-physical attack in CPPS." Heliyon 10, no. 4 (2024): e26332. http://dx.doi.org/10.1016/j.heliyon.2024.e26332.
Full text
19
EL-Ebiary, Ahmed H., Mohamed Mokhtar, Atef M. Mansour, Fathy H. Awad, Mostafa I. Marei, and Mahmoud A. Attia. "Distributed Mitigation Layers for Voltages and Currents Cyber-Attacks on DC Microgrids Interfacing Converters." Energies 15, no. 24 (2022): 9426. http://dx.doi.org/10.3390/en15249426.
Full textAbstract:
The wide use of communication layers in DC microgrids to transmit voltage and current measurements of each distributed generator unit (DGU) increases the possibility of exposure to cyber-attacks. Cyber-attackers can manipulate the measured data to distort the control system of microgrids, which may lead to a shutdown. This paper proposes distributed mitigation layers for the false data injection attacks (FDIA) on voltages and currents of DGUs in meshed DC microgrids. The proposed control strategy is based on integrating two layers for cyber-attack detection and mitigation to immune the primary and the secondary control loops of each DGU. The first layer is assigned to mitigate FDIAs on the voltage measurements needed for the voltage regulation task of the primary control loop. The second layer is devoted to the mitigation of FDIAs on the DGU current measurements, which are crucial for the secondary control level to guarantee the proper current sharing of each DGU. Artificial neural networks (ANNs) are employed to support these layers by estimating the authenticated measurements. Different simulation and experimental case studies are provided to demonstrate the proposed mitigation layers’ effectiveness in detecting and mitigating cyber-attacks on voltage and current measurements. The simulation and experimental results are provided to evaluate the dynamic performance of the suggested control approach and to ensure the accurate operation of DC microgrids despite the existence of cyber-attacks on the measurements employed in the control strategy. Moreover, the control strategy succeeds to keep the maximum voltage error and the maximum error in current sharing within tolerance.
20
Manish Rana. "Fortifying Cyber Defenses: Leveraging Honeypots for Proactive Threat Mitigation and DoS Attack Prevention." Journal of Information Systems Engineering and Management 10, no. 19s (2025): 443–52. https://doi.org/10.52783/jisem.v10i19s.3056.
Full textAbstract:
As cyber threats become more sophisticated, organizations must adopt proactive defence mechanisms to safeguard their digital infrastructure. Distributed Denial of Service (DoS) attacks pose a significant risk by overwhelming networks, causing service disruptions, and leading to financial and reputational losses. Traditional security measures, such as firewalls and intrusion detection systems (IDS), often struggle to provide real-time threat intelligence and adaptive countermeasures. This study explores the use of honeypots as a proactive defence mechanism for threat mitigation and DoS attack prevention. Honeypots are deceptive security systems designed to attract attackers, allowing organizations to monitor malicious activities, analyze attack patterns, and develop robust cybersecurity strategies. The research involves deploying and analyzing different types of honeypots, including low-interaction and high-interaction models, to gather insights into attacker behaviour integrating honeypots into cybersecurity frameworks, organizations can enhance their ability to detect and prevent cyber threats before they escalate. The findings of this study demonstrate how honeypots contribute to strengthening cyber defenses, providing real-time threat intelligence, and mitigating the impact of DoS attacks. The research also highlights challenges and future directions, such as AI-driven honeypot systems for adaptive threat detection
21
Gupta, Shaveta, Dinesh Grover, and Abhinav Bhandari. "Vulnerability Analysis of Existing Distributed Denial of Service (DDoS) Defense Frameworks." Asian Journal of Computer Science and Technology 7, no. 3 (2018): 62–67. http://dx.doi.org/10.51983/ajcst-2018.7.3.1895.
Full textAbstract:
The world is quickly moving towards an era of digitization. Scope and volume of the network are becoming vast that makes these machines more prone to cyber-attack due to vulnerabilities of the network. There are various types of cyber-attacks but most common and equally impactful is DDOS attack. A foolproof defense mechanism is need of the hour. Analysis of various existing defense mechanism frameworks has been done and their shortcomings have been reported by us. This analysis will help to define a framework which can provide better accuracy, lesser detection time and reduced false negative and positive rates. It will further ensure better response and mitigation against the attack.
22
Islam, M. Mattah, Saifullah Shahid, Khush Bakhat Awar, Rashid Khan, and Muhammad Sohail. "Cyber-Security: Dos Attack Outcomes are Dangerous." European Journal of Electrical Engineering and Computer Science 5, no. 3 (2021): 54–59. http://dx.doi.org/10.24018/ejece.2021.5.3.297.
Full textAbstract:
Dos attacks are an attractive and hot topic nowadays because it is very common for attackers to make a victim and exploit it. In this paper, different kinds of techniques and commands have implemented and contrast for the outcomes of these attacks. By performing, experiments problems are identified. By following experiments, the goal is prevention and mitigation of Dos attacks at large extent by knowing the outcomes of the attacks. For proving the work, different types of experiments are performed on different platforms and observed that Dos attacks are how dangerous to our systems. In this paper, hping3 and syn flooding are performed. Hping3 is used for sending packets in a modified, crafted form. It is the networking tool used by developers to perform a DOS attack. SYN flooding is used for sending so many requests in an insane amount to the server and used all of the resources of the server.
23
Mr.Edukondalu Simhadati. "Behavioral Profiling of Cyber Attackers: Identifying Patterns and Mitigating Threats." international journal of engineering technology and management sciences 9, Special Issue 1 (2025): 96–100. https://doi.org/10.46647/ijetms.2025.v09si01.015.
Full textAbstract:
Cyber attackers employ an incredibly wide range of tactics, techniques, and procedures (TTPs) for attacking cyber system vulnerabilities. Behavioral profiling of the cyber attacker is a crucial process for ascertaining the intention, motivation, and work style of attackers. The goal of this research is to study the behavior of attack using machine learning, threat intelligence, and forensics for categorizing the attacker personas and predicting future dangers. Through examination of attack vectors, social engineering attacks, and intrusion tactics, the research seeks to improve cybersecurity defense and offer intelligence to enable proactive mitigation of threats. The findings will guide the creation of more potent detection systems and risk assessment frameworks to ultimately enhance cybersecurity resilience to ever-evolving threats.
24
Pendyala, Shamili Srimani. "Securing the Internet of Things: Predictive Defense Algorithm for Attack Mitigation." International Journal of Scientific Methods in Engineering and Management 02, no. 03 (2024): 47–53. http://dx.doi.org/10.58599/ijsmem.2024.2305.
Full textAbstract:
The Internet of Things (IoT) presents unprecedented opportunities for connectivity and efficiency across various sectors. However, its decentralized nature and the vast number of interconnected devices also pose significant security challenges, making IoT networks vulnerable to cyber-attacks. In this paper, we propose a predictive defense algorithm leveraging Differential Privacy (DP) techniques to enhance IoT security. By analyzing historical attack data while preserving the privacy of sensitive information, our algorithm predicts potential cyber threats and proactively mitigates them before they manifest. We present the theoretical framework of the DP algorithm, its implementation in IoT environments, and evaluate its effectiveness through simulations and real-world experiments. Our results demonstrate the algorithm’s ability to accurately predict and prevent a wide range of attacks, thus bolstering the resilience of IoT ecosystems against evolving cyber threats.
25
Xu, Lezhong, Yupeng Zhu, Zhuoyu Li, and Quanqi Zhang. "Safety Control for Cyber–Physical Systems Under False Data Injection Attacks." Electronics 14, no. 6 (2025): 1103. https://doi.org/10.3390/electronics14061103.
Full textAbstract:
Cyber–physical systems (CPSs) are increasingly susceptible to cyber threats, especially false data injection (FDI) attacks, which can compromise their stability and safety. Ensuring system safety while mitigating such attacks is a critical challenge. In the paper, we address the safety control issue for CPSs by designing a control strategy that considers both false data injection attacks and physical safety constraints. A baseline controller is first designed to guarantee system stability when there are no attacks and when the safety constraints are satisfied. To address FDI attacks, we propose a neural network-based estimator to detect and estimate the magnitude of such attacks. The attack estimate is then incorporated into the controller to dynamically adjust control actions, ensuring that the system remains stable and resilient to malicious interference. Furthermore, we introduce a safety control algorithm based on control barrier functions to enforce safety constraints, where the attack estimate is integrated to handle unknown attacks. Finally, the effectiveness of the proposed scheme is validated by simulation results, demonstrating that the combined control strategy outperforms traditional methods in both attack mitigation and safety enforcement.
26
Jiang, Yuning, Wei Wang, Jianguo Ding, Xin Lu, and Yanguo Jing. "Leveraging Digital Twin Technology for Enhanced Cybersecurity in Cyber–Physical Production Systems." Future Internet 16, no. 4 (2024): 134. http://dx.doi.org/10.3390/fi16040134.
Full textAbstract:
The convergence of cyber and physical systems through cyber–physical systems (CPSs) has been integrated into cyber–physical production systems (CPPSs), leading to a paradigm shift toward intelligent manufacturing. Despite the transformative benefits that CPPS provides, its increased connectivity exposes manufacturers to cyber-attacks through exploitable vulnerabilities. This paper presents a novel approach to CPPS security protection by leveraging digital twin (DT) technology to develop a comprehensive security model. This model enhances asset visibility and supports prioritization in mitigating vulnerable components through DT-based virtual tuning, providing quantitative assessment results for effective mitigation. Our proposed DT security model also serves as an advanced simulation environment, facilitating the evaluation of CPPS vulnerabilities across diverse attack scenarios without disrupting physical operations. The practicality and effectiveness of our approach are illustrated through its application in a human–robot collaborative assembly system, demonstrating the potential of DT technology.
27
Merkebaiuly, Medet. "Overview of Distributed Denial of Service (DDoS) attack types and mitigation methods." InterConf, no. 43(193) (March 20, 2024): 494–508. http://dx.doi.org/10.51582/interconf.19-20.03.2024.048.
Full textAbstract:
In the evolving landscape of cyber threats, Distributed Denial of Service (DDoS) attacks pose a significant challenge to internet security. This research provides a comprehensive overview of various DDoS attack types and explores the efficacy of current mitigation strategies and categorizes DDoS attacks based on their methods and targets, highlighting their unique characteristics and impacts. The study delves into a range of mitigation methods, from traditional network-based approaches to recent advancements in artificial intelligence, assessing their strengths and limitations. Key findings indicate a dynamic interplay between the evolving complexity of DDoS attacks and the advancement of mitigation techniques. The research identifies gaps in current strategies and suggests areas for further development, emphasizing the need for adaptive, multi-layered defense mechanisms. This scientific article aims to provide cybersecurity professionals with a nuanced understanding of DDoS threats and a critical evaluation of the mitigation methods, guiding effective strategies to combat these evolving cyber risks.
28
Kela, Rushabh, Abhinav Chawla, Pratishtha Gaur, and Dr Manikandan K. "IMPLEMENTATION OF CYBER SECURITY ATTACKS AND STRATEGIC MITIGATION MECHANISMS." international journal of advanced research in computer science 13, no. 4 (2022): 28–34. http://dx.doi.org/10.26483/ijarcs.v13i4.6890.
Full textAbstract:
Cyber threats have increased drastically in the recent years and the most common targets are organisation applications or systems for data theft, disrupting the operations or any other malicious use. Incorporating website security prevents these sorts of attacks on the system. It is the act/practice of protecting websites from unauthorized access, use, modification, destruction, or disruption. A web application will be created and tested on various attacks such as Brute Force Dictionary attack, Denial-of-Service attacks, Cross Site Scripting (XSS) attack, NoSQL injections and WebSocket attacks. The vulnerabilities will be analysed, and resolved to ensure that the confidentiality, integrity, and authenticity of the user data is not compromised. To improve the website security and privacy, measures will be taken to add security features and the code of the website will be modified.
29
Saxena, Sahaj, Sajal Bhatia, and Rahul Gupta. "Cybersecurity Analysis of Load Frequency Control in Power Systems: A Survey." Designs 5, no. 3 (2021): 52. http://dx.doi.org/10.3390/designs5030052.
Full textAbstract:
Today, power systems have transformed considerably and taken a new shape of geographically distributed systems from the locally centralized systems thereby leading to a new infrastructure in the framework of networked control cyber-physical system (CPS). Among the different important operations to be performed for smooth generation, transmission, and distribution of power, maintaining the scheduled frequency, against any perturbations, is an important one. The load frequency control (LFC) operation actually governs this frequency regulation activity after the primary control. Due to CPS nature, the LFC operation is vulnerable to attacks, both from physical and cyber standpoints. The cyber-attack strategies ranges from a variety of attacks such as jamming the network communication, time-delay attack, and false data injection. Motivated by these perspectives, this paper studies the cybersecurity issues of the power systems during the LFC operation, and a survey is conducted on the security analysis of LFC. Various cyber-attack strategies, their mathematical models, and vulnerability assessments are performed to understand the possible threats and sources causing failure of frequency regulation. The LFC operation of two-area power systems is considered as a tutorial example to quantify the vulnerabilities. Mitigation strategies through control theoretic approaches are then reviewed and highlighted for LFC operation under cyber-attack.
30
Gia Anisa and Fitria Widianingsih. "SolarWinds Attack: Stages, Implications, and Mitigation Strategies in the Cyber Age." Electronic Integrated Computer Algorithm Journal 2, no. 1 (2024): 47–52. http://dx.doi.org/10.62123/enigma.v2i1.31.
Full textAbstract:
SolarWinds is a software company based in the United States that provides IT monitoring and management tools. Founded in 1999, SolarWinds offers a variety of products that help organizations manage networks, systems, IT infrastructure, applications and cloud-based services. SolarWinds products are used for performance monitoring, log management, IT security, and data analysis. The company became widely known after a major cybersecurity incident came to light in late 2020, in which their network management software, Orion, was used as a vector for attacks by a state-backed hacking group. These attacks affected many organizations, including government agencies and private companies, and led to an increased focus on software supply chain security. This paper has reviewed stages, Implications, and mitigation strategies of SolarWinds.
31
Sándor, Hunor, Béla Genge, Zoltán Szántó, Lőrinc Márton, and Piroska Haller. "Cyber attack detection and mitigation: Software Defined Survivable Industrial Control Systems." International Journal of Critical Infrastructure Protection 25 (June 2019): 152–68. http://dx.doi.org/10.1016/j.ijcip.2019.04.002.
Full text
32
Devi, Savita, and Taran Singh Bharti. "A Review on Detection and Mitigation Analysis of Distributed Denial of Service Attacks and Their Effects on the Cloud." International Journal of Cloud Applications and Computing 12, no. 1 (2022): 1–21. http://dx.doi.org/10.4018/ijcac.311036.
Full textAbstract:
To save money on maintenance and administrative costs, cloud computing aims to move high-end computer equipment to the internet and put it online. Both victims and attackers may reap the advantages of cloud computing. On the other side, attacks on cloud components might lead to massive losses for cloud service providers and users. Numerous cyber-attacks have been launched as a consequence of this readily available resource. One of the most significant hazards to communication networks and applications has long been DoS and DDoS attacks. Operations, availability, and security for companies are becoming a nightmare because of these attacks. Since cloud computing resources are scalable, these resources may be dynamically scaled to recognise the attack components and immediately withstand the attack. For this cyber-attack against cloud computing, fast exploitation of the attack data is necessary. This article addresses the majority of the previously published strategies for DDoS attack avoidance, early identification, and remediation.
33
Seid, Elias, Oliver Popov, and Fredrik Blix. "Security Attack Behavioural Pattern Analysis for Critical Service Providers." Journal of Cybersecurity and Privacy 4, no. 1 (2024): 55–75. http://dx.doi.org/10.3390/jcp4010004.
Full textAbstract:
Identifying potential system attacks that define security requirements is crucial to building secure cyber systems. Moreover, the attack frequency makes their subsequent analysis challenging and arduous in cyber–physical systems (CPS). Since CPS include people, organisations, software, and infrastructure, a thorough security attack analysis must consider both strategic (social and organisational) aspects and technical (software and physical infrastructure) aspects. Studying cyberattacks and their potential impact on internal and external assets in cyberspace is essential for maintaining cyber security. The importance is reflected in the work of the Swedish Civil Contingencies Agency (MSB), which receives IT incident reports from essential service providers mandated by the NIS directive of the European Union and Swedish government agencies. To tackle this problem, a multi-realm security attack event monitoring framework was proposed to monitor, model, and analyse security events in social(business process), cyber, and physical infrastructure components of cyber–physical systems. This paper scrutinises security attack patterns and the corresponding security solutions for Swedish government agencies and organisations within the EU’s NIS directive. A pattern analysis was conducted on 254 security incident reports submitted by critical service providers. A total of five critical security attacks, seven vulnerabilities (commonly known as threats), ten attack patterns, and ten parallel attack patterns were identified. Moreover, we employed standard mitigation techniques obtained from recognised repositories of cyberattack knowledge, namely, CAPEC and Mitre, in order to conduct an analysis of the behavioural patterns
34
Shankaramma and G. S. Nagaraj. "Methods for Storage Intrusion Mitigation with Data Transport Security Tunnels." International Journal of Microsystems and IoT 1, no. 5 (2023): 335–41. https://doi.org/10.5281/zenodo.10254103.
Full textAbstract:
Securing the data is very important nowadays because a lot of data breaches are happening, every now and then. Many large and branded corporations are the huge victims of cyber security breaches. Encryption and authentication offer a good amount of security; however, these cannot be included as an integrated solution and it does not seem to be the end goal over the data life cycle when the data is in motion. Many security tunnels are available such as Virtual Private Network (VPN), Software Defined Wide Area Network (SD-WAN), which can transfer the data from however they do not consider mitigating various types of cyber-attacks, wiretapping. Therefore, it is an extension to fill the research gap to build the global wide area tunnelling for cyber security in motion product. The present work relates to cyber-attack mitigation, information-theoretic security in motion, at rest. Methods are included for storage intrusion mitigation with content routing across an overlay network. Overlay network is built upon Data Transport Security Controllers (DTSC), System modules are operating at the control of Universal Controller (UC). Securing data at motion is provided through erasure coding and encryption. Securing data at rest is provided by storing it in safe vault, were constantly data sync from proxy system and incorporating data distributed across multiple vaults.
35
Quader, Faisal, and Vandana P. Janeja. "Insights into Organizational Security Readiness: Lessons Learned from Cyber-Attack Case Studies." Journal of Cybersecurity and Privacy 1, no. 4 (2021): 638–59. http://dx.doi.org/10.3390/jcp1040032.
Full textAbstract:
This paper focuses on understanding the characteristics of multiple types of cyber-attacks through a comprehensive evaluation of case studies of real-world cyber-attacks. For each type of attack, we identify and link the attack type to the characteristics of that attack and the factors leading up to the attack, as observed from the review of case studies for that type of attack. We explored both the quantitative and qualitative characteristics for the types of attacks, including the type of industry, the financial intensity of the attack, non-financial intensity impacts, the number of impacted customers, and the impact on users’ trust and loyalty. In addition, we investigated the key factors leading up to an attack, including the human behavioral aspects; the organizational–cultural factors at play; the security policies adapted; the technology adoption and investment by the business; the training and awareness of all stakeholders, including users, customers and employees; and the investments in cybersecurity. In our study, we also analyzed how these factors are related to each other by evaluating the co-occurrence and linkage of factors to form graphs of connected frequent rules seen across the case studies. This study aims to help organizations take a proactive approach to the study of relevant cyber threats and aims to educate organizations to become more knowledgeable through lessons learned from other organizations experiencing cyber-attacks. Our findings indicate that the human behavioral aspects leading up to attacks are the weakest link in the successful prevention of cyber threats. We focus on human factors and discuss mitigation strategies.
36
Riggs, Hugo, Shahid Tufail, Imtiaz Parvez, et al. "Impact, Vulnerabilities, and Mitigation Strategies for Cyber-Secure Critical Infrastructure." Sensors 23, no. 8 (2023): 4060. http://dx.doi.org/10.3390/s23084060.
Full textAbstract:
Several critical infrastructures are integrating information technology into their operations, and as a result, the cyber attack surface extends over a broad range of these infrastructures. Cyber attacks have been a serious problem for industries since the early 2000s, causing significant interruptions to their ability to produce goods or offer services to their clients. The thriving cybercrime economy encompasses money laundering, black markets, and attacks on cyber-physical systems that result in service disruptions. Furthermore, extensive data breaches have compromised the personally identifiable information of millions of people. This paper aims to summarize some of the major cyber attacks that have occurred in the past 20 years against critical infrastructures. These data are gathered in order to analyze the types of cyber attacks, their consequences, vulnerabilities, as well as the victims and attackers. Cybersecurity standards and tools are tabulated in this paper in order to address this issue. This paper also provides an estimate of the number of major cyber attacks that will occur on critical infrastructure in the future. This estimate predicts a significant increase in such incidents worldwide over the next five years. Based on the study’s findings, it is estimated that over the next 5 years, 1100 major cyber attacks will occur on critical infrastructures worldwide, each causing more than USD 1 million in damages.
37
Ali, Mohd Hasan, and Sultana Razia Akhter. "Nonlinear Controller-Based Mitigation of Adverse Effects of Cyber-Attacks on the DC Microgrid System." Electronics 13, no. 6 (2024): 1057. http://dx.doi.org/10.3390/electronics13061057.
Full textAbstract:
Cyber-attacks have adverse impacts on DC microgrid systems. Existing literature shows plenty of attack detection methods but lacks appropriate mitigation and prevention approaches for cyber-attacks in DC microgrids. To overcome this limitation, this paper proposes a novel solution based on a nonlinear controller to mitigate the adverse effects of various cyber-attacks, such as distributed denial of service attacks and false data injection attacks, on various components of a DC microgrid system consisting of a photovoltaic power source, a permanent magnet synchronous generator-based variable speed wind generator, a fuel cell, battery energy storage, and loads. To demonstrate the effectiveness of the proposed solution, single and repetitive cyber-attacks on specific components of the microgrid have been considered. An index-based quantitative improvement analysis for the proposed control method has been made. Extensive simulations have been performed by the MATLAB/Simulink V9 software. Simulation results demonstrate the effectiveness of the proposed nonlinear controller-based method in mitigating the adverse effects of cyber-attacks. Moreover, the performance of the proposed method is better than that of the proportional-integral controller. Due to the simplicity of the proposed solution, it can easily be implemented in real practice.
38
Farrar, Nathan, and Mohd Hasan Ali. "Cyber-Resilient Converter Control System for Doubly Fed Induction Generator-Based Wind Turbine Generators." Electronics 13, no. 3 (2024): 492. http://dx.doi.org/10.3390/electronics13030492.
Full textAbstract:
As wind turbine generator systems become more common in the modern power grid, the question of how to adequately protect them from cyber criminals has become a major theme in the development of new control systems. As such, artificial intelligence (AI) and machine learning (ML) algorithms have become major contributors to preventing, detecting, and mitigating cyber-attacks in the power system. In their current state, wind turbine generator systems are woefully unprepared for a coordinated and sophisticated cyber attack. With the implementation of the internet-of-things (IoT) devices in the power control network, cyber risks have increased exponentially. The literature shows the impact analysis and exploring detection techniques for cyber attacks on the wind turbine generator systems; however, almost no work on the mitigation of the adverse effects of cyber attacks on the wind turbine control systems has been reported. To overcome these limitations, this paper proposes implementing an AI-based converter controller, i.e., a multi-agent deep deterministic policy gradient (DDPG) method that can mitigate any adverse effects that communication delays or bad data could have on a grid-connected doubly fed induction generator (DFIG)-based wind turbine generator or wind farm. The performance of the proposed DDPG controller has been compared with that of a variable proportional–integral (VPI) control-based mitigation method. The proposed technique has been simulated and validated utilizing the MATLAB/Simulink software, version R2023A, to demonstrate the effectiveness of the proposed method. Also, the performance of the proposed DDPG method is better than that of the VPI method in mitigating the adverse impacts of cyber attacks on wind generator systems, which is validated by the plots and the root mean square error table found in the results section.
39
Rahim, Md Jawadur, Muhammad Ihsan Ibn Rahim, Ahlina Afroz, and Omolola Akinola. "Cybersecurity Threats in Healthcare IT: Challenges, Risks, and Mitigation Strategies." Journal of Artificial Intelligence General science (JAIGS) ISSN:3006-4023 6, no. 1 (2024): 438–62. https://doi.org/10.60087/jaigs.v6i1.268.
Full textAbstract:
The healthcare industry's reliance on digital technology to improve patient care, operations, and performance has exposed it to cybersecurity threats. The extensive capture, storage, and transmission of confidential data by healthcare institutions has led to a significant prevalence of cyber-attacks. The intersection of healthcare and information technology presents considerable challenges, with patient privacy, the security of medical devices, and the continuity of essential healthcare services all at risk. This study offers a contemporary contextual analysis of IT cybersecurity concerns within the healthcare sector. It employs a systematic methodology to delineate critical risk factors and threats, the strategies they might utilize to attain their compromise aims, and the repercussions they may impose on healthcare delivery. It also explores the measures and guidelines to address this risk. The study highlights the existence of many threats experienced by healthcare organizations, such as data theft and leakage, ransomware, cyber-attacks in different forms, and contaminated medical equipment. One prominent example is the WannaCry attack on the United Kingdom's National Health Service in 2017. According to the survey, there is a severe scarcity of qualified personnel in healthcare organizations who can defend against cyber threats effectively and efficiently, underscoring the urgent need for skilled professionals in cybersecurity. This analysis also discusses various considerations concerning achieving high availability and protecting data in healthcare businesses. It examines how emerging applications like IoMT enhance the quality of medical services for patients and the security challenges these devices pose. The report evaluates the sufficiency of existing regulatory guidelines in addressing emerging dangers, including HIPAA vulnerabilities. The current definitive framework underscores the critical importance of enhancing cybersecurity within healthcare IT. It elucidates optimal strategies for mitigating cyber hazards by promoting technological prevention, staff training, and adherence to organizational policies. The work emphasizes the necessity for ongoing research, the establishment of collaboration between medical professionals and IT security experts, and the formulation of effective strategies to protect patient information and ensure the continuity of healthcare delivery in the face of increasing cyber-attack threats in digitalization.
40
Wosah, Peace Nmachi, and Win Thomas. "PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY." International Journal of Network Security & Its Applications (IJNSA) 13, no. 2 (2021): 63–72. https://doi.org/10.5281/zenodo.4708611.
Full textAbstract:
<em>Email is a channel of communication which is considered to be a confidential medium of communication for exchange of information among individuals and organisations. The confidentiality consideration about e-mail is no longer the case as attackers send malicious emails to users to deceive them into disclosing their private personal information such as username, password, and bank card details, etc. In search of a solution to combat phishing cybercrime attacks, different approaches have been developed. However, the traditional exiting solutions have been limited in assisting email users to identify phishing emails from legitimate ones. This paper reveals the different email and website phishing solutions in phishing attack detection. It first provides a literature analysis of different existing phishing mitigation approaches. It then provides a discussion on the limitations of the techniques, before concluding with an explorationin to how phishing detection can be improved.</em>
41
Choi, In-Sun, Junho Hong, and Tae-Wan Kim. "Multi-Agent Based Cyber Attack Detection and Mitigation for Distribution Automation System." IEEE Access 8 (2020): 183495–504. http://dx.doi.org/10.1109/access.2020.3029765.
Full text
42
Lakshminarayana, Subhash, Jabir Shabbir Karachiwala, Teo Zhan Teng, Rui Tan, and David K. Y. Yau. "Performance and Resilience of Cyber-Physical Control Systems With Reactive Attack Mitigation." IEEE Transactions on Smart Grid 10, no. 6 (2019): 6640–54. http://dx.doi.org/10.1109/tsg.2019.2909357.
Full text
43
Rahman, M. A., M. S. Rana, and H. R. Pota. "Mitigation of Frequency and Voltage Disruptions in Smart Grid During Cyber-Attack." Journal of Control, Automation and Electrical Systems 31, no. 2 (2020): 412–21. http://dx.doi.org/10.1007/s40313-020-00574-z.
Full text
44
Gonzalez-Granadillo, Gustavo, Rodrigo Diaz, Juan Caubet, and Ignasi Garcia-Milà. "CLAP: A Cross-Layer Analytic Platform for the Correlation of Cyber and Physical Security Events Affecting Water Critical Infrastructures." Journal of Cybersecurity and Privacy 1, no. 2 (2021): 365–86. http://dx.doi.org/10.3390/jcp1020020.
Full textAbstract:
Water CIs are exposed to a wide number of IT challenges that go from the cooperation and alignment between physical and cyber security teams to the proliferation of new vulnerabilities and complex cyber-attacks with potential disastrous consequences. Although novel and powerful solutions are proposed in the literature, most of them lack appropriate mechanisms to detect cyber and physical attacks in real time. We propose a Cross-Layer Analytic Platform (denoted as CLAP) developed for the correlation of Cyber and Physical security events affecting water CIs. CLAP aims to improve the detection of complex attack scenarios in real time based on the correlation of cyber and physical security events. The platform assigns appropriate severity values to each correlated alarm that will guide security analysts in the decision-making process of prioritizing mitigation actions. A series of passive and active attack scenarios against the target infrastructure are presented at the end of the paper to show the mechanisms used for the detection and correlation of cyber–physical security events. Results show promising benefits in the improvement of response accuracy, false rates reduction and real-time detection of complex attacks based on cross-correlation rules.
45
Behera, Bibhuti Bhusana, Rajani Kanta Mohanty, and Binod Kumar Pattanayak. "A Deep Fusion Model For Automated Industrial Iot Cyber Attack Detection And Mitigation." International Journal of Electrical and Electronics Research 10, no. 3 (2022): 604–13. http://dx.doi.org/10.37391/ijeer.100332.
Full textAbstract:
Industrial Internet of Things (IIoT) is a new field of study that connects digital devices and services to physical systems. The IIoT has been utilized to create massive amounts of data from various sensors, and it has run into several problems. The IIoT has been subjected to a variety of hacks, putting its ability to provide enterprises with flawless operations in jeopardy. Businesses suffer financial and reputational losses as a result of such threats, as well as the theft of critical data. As a result, numerous Network Intrusion Detection Systems (NIDSs) have been created to combat and safeguard IIoT systems, but gathering data that can be utilized in the construction of an intelligent NIDS is a tough operation; consequently, identifying current and new assaults poses major issues. In this research work, a novel IIOT attack detection framework and mitigation model is designed by following four major phases “(a) pre-processing, (b) feature extraction, (c) feature selection and (d) attack detection”. Initially, the collected raw data (input) is subjected to pre-processing phase, wherein the data cleaning and data standardization operations take place. Subsequently, the features like “higher-order statistical features (Skewness, Kurtosis, Variance and Moments), technical indicator based features, mutual information, Improved Principal Component Analysis (IPCA)” based features are extracted from the pre-processed data. Further, from the extracted features, the most optimal features are selected using a new hybrid optimization model referred as Hunger Customized Individual Activity Model (HCIA) that hybrids the concepts of standard (Teamwork Optimization Algorithm (TOA) and Hunger Games Search (HGS)). The attack detection is carried out using the projected deep fusion model framework that encapsulates the Bi-GRU and Quantum Deep Neural Network (QDNN), respectively. The Bi-GRU and QDNN in the deep fusion model framework is trained with the optimal features selected using a new hybrid optimization model. The outcome acquired from Bi-GRU and QDNN is combined, and it will be the final detected outcome that portrays the presence/ absence of attacks in IIoT network. When an attack is being identified, the mitigation of such attack takes place via the Improved BIAT Framework. Further, the projected model is evaluated over the existing models to show its supremacy in the attack detection and mitigation process.
46
Savitri, Fania Mutiara, Savira Maghfiratul Fadhilah, Nilta Fidya Silva, Saniya Ovin Neha, Hifni Syauqi Albana, and M. Aufa Taqiyyudin. "Risk Analysis of Information Technology Using Si Semar Layak in Online Umrah Passport Registration." Munazzama: Journal of Islamic Management and Pilgrimage 4, no. 1 (2024): 27–37. http://dx.doi.org/10.21580/mz.v4i1.21118.
Full textAbstract:
This study aims to identify potential risks and provide a foundation for developing effective mitigation strategies. The research employed a qualitative approach to analyze information technology risks in online Umrah passport registration. Data collection was conducted through interviews, observations, and documentation. The analysis revealed that risks in online passport registration for Umrah pilgrims include data security risks, system vulnerability risks to cyber-attacks, network infrastructure failure risks that could disrupt online access, data processing errors risks, and application vulnerability risks to hacking. Mitigation measures include enhancing data security through encryption and strong access control, implementing appropriate security measures to reduce cyber-attack risks, conducting regular data backups to anticipate system failures, improving staff training and awareness on data processing, and performing regular security updates.
47
Li, Bo, Xin Jin, Tingjie Ba, Tingzhe Pan, En Wang, and Zhiming Gu. "Deceptive Cyber-Resilience in PV Grids: Digital Twin-Assisted Optimization Against Cyber-Physical Attacks." Energies 18, no. 12 (2025): 3145. https://doi.org/10.3390/en18123145.
Full textAbstract:
The increasing integration of photovoltaic (PV) systems into smart grids introduces new cybersecurity vulnerabilities, particularly against cyber-physical attacks that can manipulate grid operations and disrupt renewable energy generation. This paper proposes a multi-layered cyber-resilient PV optimization framework, leveraging digital twin-based deception, reinforcement learning-driven cyber defense, and blockchain authentication to enhance grid security and operational efficiency. A deceptive cyber-defense mechanism is developed using digital twin technology to mislead adversaries, dynamically generating synthetic PV operational data to divert attack focus away from real assets. A deep reinforcement learning (DRL)-based defense model optimizes adaptive attack mitigation strategies, ensuring real-time response to evolving cyber threats. Blockchain authentication is incorporated to prevent unauthorized data manipulation and secure system integrity. The proposed framework is modeled as a multi-objective optimization problem, balancing attack diversion efficiency, system resilience, computational overhead, and energy dispatch efficiency. A non-dominated sorting genetic algorithm (NSGA-III) is employed to achieve Pareto-optimal solutions, ensuring high system resilience while minimizing computational burdens. Extensive case studies on a realistic PV-integrated smart grid test system demonstrate that the framework achieves an attack diversion efficiency of up to 94.2%, improves cyberattack detection rates to 98.5%, and maintains an energy dispatch efficiency above 96.2%, even under coordinated cyber threats. Furthermore, computational overhead is analyzed to ensure that security interventions do not impose excessive delays on grid operation. The results validate that digital twin-based deception, reinforcement learning, and blockchain authentication can significantly enhance cyber-resilience in PV-integrated smart grids. This research provides a scalable and adaptive cybersecurity framework that can be applied to future renewable energy systems, ensuring grid security, operational stability, and sustainable energy management under adversarial conditions.
48
Han-Mei Liu. "AI-Enabled Adaptive Cybersecurity Response Using Reinforcement Learning." Frontiers in Artificial Intelligence Research 2, no. 1 (2025): 1–12. https://doi.org/10.71465/gwa30h81.
Full textAbstract:
Cyber threats are evolving in complexity and frequency, rendering traditional cybersecurity response mechanisms insufficient. Conventional rule-based and supervised machine learning (ML) models struggle to adapt to novel attack patterns, leaving security systems vulnerable to emerging threats. Reinforcement learning (RL) offers a promising approach to adaptive cybersecurity by enabling systems to learn optimal defense strategies through continuous interaction with adversarial environments. This study explores an RL-based cybersecurity response framework that dynamically adjusts mitigation strategies based on real-time threat intelligence. The proposed model leverages deep Q-networks (DQN) and proximal policy optimization (PPO) to enhance automated threat detection, response efficiency, and adaptability to evolving attack vectors. The research evaluates the performance of RL-driven security automation through simulated attack scenarios, including distributed denial-of-service (DDoS) attacks, ransomware propagation, and zero-day exploits. The findings demonstrate that the RL model significantly improves incident response time, reduces false positives, and enhances overall threat mitigation success rates compared to traditional security frameworks. Additionally, the study identifies key challenges associated with RL-based cybersecurity, including computational overhead, adversarial vulnerabilities, and model interpretability. The results suggest that RL-driven security frameworks can serve as a viable alternative to static security models, offering organizations a scalable, self-learning defense mechanism against advanced cyber threats.
49
Nejabatkhah, Farzam, Yun Wei Li, Hao Liang, and Rouzbeh Reza Ahrabi. "Cyber-Security of Smart Microgrids: A Survey." Energies 14, no. 1 (2020): 27. http://dx.doi.org/10.3390/en14010027.
Full textAbstract:
In this paper, the cyber-security of smart microgrids is thoroughly discussed. In smart grids, the cyber system and physical process are tightly coupled. Due to the cyber system’s vulnerabilities, any cyber incidents can have economic and physical impacts on their operations. In power electronics-intensive smart microgrids, cyber-attacks can have much more harmful and devastating effects on their operation and stability due to low inertia, especially in islanded operation. In this paper, the cyber–physical systems in smart microgrids are briefly studied. Then, the cyber-attacks on data availability, integrity, and confidentiality are discussed. Since a false data injection (FDI) attack that compromises the data integrity in the cyber/communication network is one of the most challenging threats for smart microgrids, it is investigated in detail in this paper. Such FDI attacks can target state estimation, voltage and frequency control, and smart microgrids’ protection systems. The economic and physical/technical impacts of the FDI attacks on smart microgrids are also reviewed in this paper. The defensive strategies against FDI attacks are classified into protection strategies, in which selected meter measurements are protected, and detection/mitigation strategies, based on either static or dynamic detection. In this paper, implementation examples of FDI attacks’ construction and detection/mitigation in smart microgrids are provided. Samples of recent cyber-security projects in the world, and critical cyber-security standards of smart grids, are presented. Finally, future trends of cyber-security in smart microgrids are discussed.
50
Mehedy, Hasan MD. "Combating Evolving Threats: A Signature-Anomaly Based Hybrid Intrusion Detection System for Smart Homes with False Positive Mitigation." International Journal for Research in Applied Science and Engineering Technology 12, no. 5 (2024): 403–11. http://dx.doi.org/10.22214/ijraset.2024.61393.
Full textAbstract:
Abstract: As people are looking for a more comfortable life, IoT applications are coming to play. Smart home system is one of the most popular IoT applications in the last decade. A smart home network is crucial to function smart home system properly. Cyber attacks on a smart home network can damage a lot. Network intrusion detection and prevention system (NIDPS) is a good solution to protect against Cyber threat in smart home network. This research will implement hybrid NIDPS in smart home network by combining signature based and anomaly-detection based NIDPS. This hybrid NIDPS will prevent known known attack from public internet, local internet and zero-day attack. Also, this system will be able to reduce false positive result and improve signature based NIDPS rules accurately by manual inspection.