Learning new attack vectors from misuse cases with deep reinforcement learning-Reference-Cited by-同舟云学术

Learning new attack vectors from misuse cases with deep reinforcement learning

Published:2023-03-16 Issue: Volume:11 Page:
ISSN:2296-598X
Container-title:Frontiers in Energy Research
language:
Short-container-title:Front. Energy Res.

Author:

Veith Eric M. S. P.,Wellßow Arlena,Uslar Mathias

Abstract

Modern smart grids already consist of various components that interleave classical Operational Technology (OT) with Information and Communication Technology (ICT), which, in turn, have opened the power grid to advanced approaches using distributed software systems and even Artificial Intelligence (AI) applications. This IT/OT integration increases complexity, however, without argument, this advance is necessary to accommodate the rising numbers of prosumers, Distributed Energy Resources (DERs), to enable new market concepts, and to tackle world-wide CO2 emission goals. But the increasing complexity of the Critical National Infrastructure (CNI) power grid gives way to numerous new attack vectors such that a priori robustness cannot be guaranteed anymore and run-time resilience, especially against the “unknown unknowns”, is the focus of current research. In this article, we present a novel combination of so called misuse-case modelling and an approach based on Deep Reinforcement Learning (DRL) to analyze a power grid for new attack vectors. Our approach enables learning from domain knowledge (offline learning), while expanding on that knowledge through learning agents that eventually uncover new attack vectors.

Funder

Bundesministerium für Wirtschaft und Technologie

Bundesministerium für Bildung und Forschung

Publisher

Frontiers Media SA

Subject

Economics and Econometrics,Energy Engineering and Power Technology,Fuel Technology,Renewable Energy, Sustainability and the Environment

Reference77 articles.

1. Cyber-security and reinforcement learning — a brief survey;Adawadkar;Cyber-security Reinf. Learn. — a brief Surv.,2022

2. A latest comprehensive study on structured threat information expression (STIX) and trusted automated exchange of indicator information (TAXII);Apoorva,2017

3. Emergent tool use from multi-agent autocurricula;Baker,2020

4. Standardizing cyber threat intelligence information with the structured threat information expression (STIX);Barnum;Mitre Corp.,2012

5. Machine learning for cybersecurity in smart grids: A comprehensive review-based study on methods, solutions, and prospects;Berghout;prospects,2022

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Imitation Game: A Model-Based and Imitation Learning Deep Reinforcement Learning Hybrid;2024 12th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES);2024-05-13

2. Threat Modeling for AI Analysis: Towards the Usage of Misuse Case Templates and UML Diagrams for AI Experiment Description and Trajectory Generation;2024 The 13th International Conference on Informatics, Environment, Energy and Applications (IEEA);2024-02-21

3. ANALYSE — Learning to attack cyber–physical energy systems with intelligent agents;SoftwareX;2023-07