A Tri-Modular Framework to Minimize Smart Grid Cyber-Attack Cognitive Gap in Utility Control Centers

Aditya Sundararajan; Longfei Wei; Tanwir Khan; Arif I. Sarwat; Deepal Rodrigo

doi:10.1109/RWEEK.2018.8473503

A Tri-Modular Framework to Minimize Smart Grid Cyber-Attack Cognitive Gap in Utility Control Centers

Aditya Sundararajan, Longfei Wei, Tanwir Khan, Arif I. Sarwat, Deepal Rodrigo

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

8 Scopus citations

Abstract

The Operation and Information Technology support personnel at utility command and control centers constantly detect suspicious events and/or extreme conditions across the smart grid. Already overwhelmed by routine mandatory tasks like guidelines compliance and patching that if ignored could incur penalties, they have little time to understand the large volumes of event logs generated by intrusion detection systems, firewalls, and other security tools. The cognitive gap between these powerful automated tools and the human mind reduces the situation awareness, thereby increasing the likelihood of sub-optimal decisions that could be advantageous to well-evolved attackers. This paper proposes a tri-modular framework which shifts low-performance processing speed and data contextualization to intelligent learning algorithms that provide humans only with actionable information, thereby bridging the cognitive gap. The framework has three modules including Data Module (DM): Kafka, Spark, and R to ingest streams of heterogeneous data; Classification Module (CM): a Long Short-Term Memory (LSTM) model to classify processed data; and Action Module (AM): naturalistic and rational models for time-critical and non-time-critical decision-making, respectively. This paper focuses on the design and development of the modules, and demonstrates proof-of-concept of DM using partially synthesized streams of real smart grid network security data.

Original language	English
Title of host publication	Proceedings - Resilience Week 2018, RWS 2018
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	117-123
Number of pages	7
ISBN (Electronic)	9781538669136
DOIs	https://doi.org/10.1109/RWEEK.2018.8473503
State	Published - Sep 26 2018
Externally published	Yes
Event	2018 Resilience Week, RWS 2018 - Denver, United States Duration: Aug 21 2018 → Aug 23 2018

Publication series

Name	Proceedings - Resilience Week 2018, RWS 2018

Conference

Conference	2018 Resilience Week, RWS 2018
Country/Territory	United States
City	Denver
Period	08/21/18 → 08/23/18

Funding

The material published is a result of the research supported jointly by the U.S. Department of Energy under the Award number DE-OE0000779 and the National Science Foundation under the Award numbers CNS-1553494 and CMMI-1745829.

Keywords

LSTM
cognitive gap
decision-making
human-on-the-loop
situation awareness

Access to Document

10.1109/RWEEK.2018.8473503

Cite this

Sundararajan, A., Wei, L., Khan, T., Sarwat, A. I., & Rodrigo, D. (2018). A Tri-Modular Framework to Minimize Smart Grid Cyber-Attack Cognitive Gap in Utility Control Centers. In Proceedings - Resilience Week 2018, RWS 2018 (pp. 117-123). Article 8473503 (Proceedings - Resilience Week 2018, RWS 2018). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/RWEEK.2018.8473503

@inproceedings{464a89e2848c4cfe8f34d4e96b37d6d5,

title = "A Tri-Modular Framework to Minimize Smart Grid Cyber-Attack Cognitive Gap in Utility Control Centers",

abstract = "The Operation and Information Technology support personnel at utility command and control centers constantly detect suspicious events and/or extreme conditions across the smart grid. Already overwhelmed by routine mandatory tasks like guidelines compliance and patching that if ignored could incur penalties, they have little time to understand the large volumes of event logs generated by intrusion detection systems, firewalls, and other security tools. The cognitive gap between these powerful automated tools and the human mind reduces the situation awareness, thereby increasing the likelihood of sub-optimal decisions that could be advantageous to well-evolved attackers. This paper proposes a tri-modular framework which shifts low-performance processing speed and data contextualization to intelligent learning algorithms that provide humans only with actionable information, thereby bridging the cognitive gap. The framework has three modules including Data Module (DM): Kafka, Spark, and R to ingest streams of heterogeneous data; Classification Module (CM): a Long Short-Term Memory (LSTM) model to classify processed data; and Action Module (AM): naturalistic and rational models for time-critical and non-time-critical decision-making, respectively. This paper focuses on the design and development of the modules, and demonstrates proof-of-concept of DM using partially synthesized streams of real smart grid network security data.",

keywords = "LSTM, cognitive gap, decision-making, human-on-the-loop, situation awareness",

author = "Aditya Sundararajan and Longfei Wei and Tanwir Khan and Sarwat, \{Arif I.\} and Deepal Rodrigo",

note = "Publisher Copyright: {\textcopyright} 2018 IEEE.; 2018 Resilience Week, RWS 2018 ; Conference date: 21-08-2018 Through 23-08-2018",

year = "2018",

month = sep,

day = "26",

doi = "10.1109/RWEEK.2018.8473503",

language = "English",

series = "Proceedings - Resilience Week 2018, RWS 2018",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "117--123",

booktitle = "Proceedings - Resilience Week 2018, RWS 2018",

}

Sundararajan, A, Wei, L, Khan, T, Sarwat, AI & Rodrigo, D 2018, A Tri-Modular Framework to Minimize Smart Grid Cyber-Attack Cognitive Gap in Utility Control Centers. in Proceedings - Resilience Week 2018, RWS 2018., 8473503, Proceedings - Resilience Week 2018, RWS 2018, Institute of Electrical and Electronics Engineers Inc., pp. 117-123, 2018 Resilience Week, RWS 2018, Denver, United States, 08/21/18. https://doi.org/10.1109/RWEEK.2018.8473503

A Tri-Modular Framework to Minimize Smart Grid Cyber-Attack Cognitive Gap in Utility Control Centers. / Sundararajan, Aditya; Wei, Longfei; Khan, Tanwir et al.
Proceedings - Resilience Week 2018, RWS 2018. Institute of Electrical and Electronics Engineers Inc., 2018. p. 117-123 8473503 (Proceedings - Resilience Week 2018, RWS 2018).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A Tri-Modular Framework to Minimize Smart Grid Cyber-Attack Cognitive Gap in Utility Control Centers

AU - Sundararajan, Aditya

AU - Wei, Longfei

AU - Khan, Tanwir

AU - Sarwat, Arif I.

AU - Rodrigo, Deepal

PY - 2018/9/26

Y1 - 2018/9/26

N2 - The Operation and Information Technology support personnel at utility command and control centers constantly detect suspicious events and/or extreme conditions across the smart grid. Already overwhelmed by routine mandatory tasks like guidelines compliance and patching that if ignored could incur penalties, they have little time to understand the large volumes of event logs generated by intrusion detection systems, firewalls, and other security tools. The cognitive gap between these powerful automated tools and the human mind reduces the situation awareness, thereby increasing the likelihood of sub-optimal decisions that could be advantageous to well-evolved attackers. This paper proposes a tri-modular framework which shifts low-performance processing speed and data contextualization to intelligent learning algorithms that provide humans only with actionable information, thereby bridging the cognitive gap. The framework has three modules including Data Module (DM): Kafka, Spark, and R to ingest streams of heterogeneous data; Classification Module (CM): a Long Short-Term Memory (LSTM) model to classify processed data; and Action Module (AM): naturalistic and rational models for time-critical and non-time-critical decision-making, respectively. This paper focuses on the design and development of the modules, and demonstrates proof-of-concept of DM using partially synthesized streams of real smart grid network security data.

AB - The Operation and Information Technology support personnel at utility command and control centers constantly detect suspicious events and/or extreme conditions across the smart grid. Already overwhelmed by routine mandatory tasks like guidelines compliance and patching that if ignored could incur penalties, they have little time to understand the large volumes of event logs generated by intrusion detection systems, firewalls, and other security tools. The cognitive gap between these powerful automated tools and the human mind reduces the situation awareness, thereby increasing the likelihood of sub-optimal decisions that could be advantageous to well-evolved attackers. This paper proposes a tri-modular framework which shifts low-performance processing speed and data contextualization to intelligent learning algorithms that provide humans only with actionable information, thereby bridging the cognitive gap. The framework has three modules including Data Module (DM): Kafka, Spark, and R to ingest streams of heterogeneous data; Classification Module (CM): a Long Short-Term Memory (LSTM) model to classify processed data; and Action Module (AM): naturalistic and rational models for time-critical and non-time-critical decision-making, respectively. This paper focuses on the design and development of the modules, and demonstrates proof-of-concept of DM using partially synthesized streams of real smart grid network security data.

KW - LSTM

KW - cognitive gap

KW - decision-making

KW - human-on-the-loop

KW - situation awareness

UR - https://www.scopus.com/pages/publications/85055790919

U2 - 10.1109/RWEEK.2018.8473503

DO - 10.1109/RWEEK.2018.8473503

M3 - Conference contribution

AN - SCOPUS:85055790919

T3 - Proceedings - Resilience Week 2018, RWS 2018

SP - 117

EP - 123

BT - Proceedings - Resilience Week 2018, RWS 2018

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2018 Resilience Week, RWS 2018

Y2 - 21 August 2018 through 23 August 2018

ER -

A Tri-Modular Framework to Minimize Smart Grid Cyber-Attack Cognitive Gap in Utility Control Centers

Abstract

Publication series

Conference

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this