Deception Technologies for Smart Grid Protection

---

6/8/2020

---

One of the focus of SPEAR project work is placed on deception technologies which are part of the overall cyber defence strategy of an organization. These technologies aim at fulfilling multiple purposes at the same time; they are set up to act as a decoy to lure cyber-attackers, and to support the detection and learning about zero-day cyber threats and other types of attacks. Therefore, they lead to improved decision making about cyber security strategies.

The greatest impact of deception technologies is at detection phase of organisational cyber risk management programs. Nowadays it is difficult to detect zero-day advanced attacks against production systems; for instance, we remember well-known attacks as the Cyber Attack on the Ukrainian Power Grid [1]. Deception techniques such as the use of honeynets can support and complement the intrusion detection systems deployed in the Smart grid as a new source of incoming data that needs to be considered as malicious.

Within SPEAR, we have published a complete survey about these technologies and how they are being applied on the Smart grid domain. This article can be found here: https://zenodo.org/record/3834751 (Survey on honeypots, honeynets and their applications on smart grid)

References

[1] R. Lee, M. Assante, T. Conway, Analysis of the Cyber Attack on the Ukrainian Power Grid, A Defense Use Case, E-ISAC Electricity Sector Information Sharing & Analysis Center (Mar. 2016). https://ics.sans.org/media/E-ISAC_SANS_Ukraine_DUC_5.pdf