Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

DDoS cyber-incident detection in smart grids

Merlino, Jorge C., Asiri, Mohammed and Saxena, Neetesh ORCID: 2022. DDoS cyber-incident detection in smart grids. Sustainability 14 (5) , 2730. 10.3390/su14052730

[thumbnail of sustainability-14-02730-v3.pdf]
PDF - Published Version
Available under License Creative Commons Attribution.

Download (1MB) | Preview


The smart grid (SG) offers potential benefits for utilities, electric generators, and customers alike. However, the prevalence of cyber-attacks targeting the SG emphasizes its dark side. In particular, distributed denial-of-service (DDoS) attacks can affect the communication of different devices, interrupting the SG’s operation. This could have profound implications for the power system, including area blackouts. The problem is that few operational technology tools provide reflective DDoS protection. Furthermore, such tools often fail to classify the types of attacks that have occurred. Defensive capabilities are necessary to identify the footprints of attacks in a timely manner, as they occur, and to make these systems sustainable for delivery of the services as expected. To meet this need for defensive capabilities, we developed a situational awareness tool to detect system compromise by monitoring the indicators of compromise (IOCs) of amplification DDoS attacks. We achieved this aim by finding IOCs and exploring attack footprints to understand the nature of such attacks and their cyber behavior. Finally, an evaluation of our approach against a real dataset of DDoS attack instances indicated that our tool can distinguish and detect different types of amplification DDoS attacks.

Item Type: Article
Date Type: Publication
Status: Published
Schools: Computer Science & Informatics
Additional Information: This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// 4.0/)
Publisher: MDPI
ISSN: 2071-1050
Date of First Compliant Deposit: 28 February 2022
Date of Acceptance: 23 February 2022
Last Modified: 10 Nov 2022 10:40

Citation Data

Cited 1 time in Scopus. View in Scopus. Powered By Scopus® Data

Actions (repository staff only)

Edit Item Edit Item


Downloads per month over past year

View more statistics