Enhancing information security awareness programs through collaborative learning (Conference)
16th European Conference on Games Based Learning, 2022.
Thomas Lagkas Dimitrios Pliatsios, Vasilis Argyriou
A Hybrid RF-FSO Offloading Scheme for Autonomous Industrial Internet of Things (Conference)
INFOCOM 2022 - 1st International Workshop on AI/ML for Edge/Fog Networks (A4E 2022) , 2022.
(Tags: )| |
The ever increasing demand for bandwidth triggered by data-intensive applications is imposing a considerable burden on the radio-frequency (RF) spectrum. A promising solution to address the spectrum congestion problem is the adoption of free-space optical (FSO) communications. In this work, we consider a hybrid RF-FSO system that enables the task offloading process from Industrial Internet-of-Things devices to a multi-access edge computing (MEC)-enabled base station (BS). We propose a solution that minimizes the total energy consumption of the system by deciding whether the RF or FSO link will be used for the task offloading and optimally allocating the device transmission power while taking into account the task requirements in terms of delay. The proposed solution is based on the integer linear programming (ILP) and Lagrange dual decomposition methods. Finally, we carry out system-level Monte Carlo simulations to evaluate the performance of the solution.
Panagiotis Radoglou-Grammatikis Vasiliki Kelli, Achilleas Sesis; Sarigiannidis, Panagiotis
Attacking DNP3 ICS/SCADA Systems and detection (Conference)
4th International Workshop on IoT Applications and Industry 4.0, 2022.
Athanasios Liatifis Elisavet Grigoriou, Panagiotis Radoglou-Grammatikis; Sarigiannidis, Panagiotis
Protecting IEC 60870-5-104 ICS/SCADA systems with honeypots (Conference)
CSR workshop on EPES-SPR 2022, 2022.
Towards the RESPOND-A initiative: Next-generation equipment tools and mission-critical strategies for FRs (Conference)
EEE COINS: IEEE International Conference on Omni-layer Intelligent systems 2022, 2022.
Panagiotis Radoglou Grammatikis Athanasios Liatifis, Panagiotis Sarigiannidis
Dynamic Risk Assessment and Certification in the Power Grid: A Collaborative Approach (Conference)
SecSoft Cyber-Security Workshop 2022, 2022.
Anastasios Lytos Christos Chaschatzis, Stamatia Bibi; Sarigiannidis, Panagiotis
International Conference on Modern Circuits and Systems Technologies (MOCAST) 2022, 2022.
(Tags: )| |
Grammatikis, Panagiotis Radoglou; Sarigiannidis, Panagiotis; Diamantoulakis, Panagiotis; Lagkas, Thomas; Saoulidis, Theocharis; Fountoukidis, Eleftherios; Karagiannidis, George
In: IEEE Transactions on Emerging Topics in Computing, 2022.
(Tags: )| | |
The progression of Software Defined Networking (SDN) and the virtualisation technologies lead to the beyond 5G era, providing multiple benefits in the smart economies. However, despite the advantages, security issues still remain. In particular, SDN/NFV and cloud/edge computing are related to various security issues. Moreover, due to the wireless nature of the entities, they are prone to a wide range of cyberthreats. Therefore, the presence of appropriate intrusion detection mechanisms is critical. Although both Machine Learning (ML) and Deep Learning (DL) have optimised the typical rule-based detection systems, the use of ML and DL requires labelled pre-existing datasets. However, this kind of data varies based on the nature of the respective environment. Another smart solution for detecting intrusions is to use honeypots. A honeypot acts as a decoy with the goal to mislead the cyberatatcker and protect the real assets. In this paper, we focus on Wireless Honeypots (WHs) in ultradense networks. In particular, we introduce a strategic honeypot deployment method, using two Reinforcement Learning (RL) techniques: (a) e−Greedy and (b) Q−Learning. Both methods aim to identify the optimal number of honeypots that can be deployed for protecting the actual entities. The experimental results demonstrate the efficacy of both methods.
Porcu, Daniele; Castro, Sonia; Otura, Borja; Encinar, Paula; Chochliouros, Ioannis; Ciornei, Irina; Hadjidemetriou, Lenos; Ellinas, Georgios; Santiago, Rita; Grigoriou, Elisavet; others,
In: Energies, vol. 15, no. 3, pp. 839, 2022.
As the complexity of electric systems increases, so does the required effort for the monitoring and management of grid operations. To solve grid performance issues, smart grids require the exchange of higher volumes of data, high availability of the telecommunication infrastructure, and very low latency. The fifth generation (5G) mobile network seems to be the most promising technology to support such requirements, allowing utilities to have dedicated virtual slices of network resources to maximize the service availability in case of network congestions. Regarding this evolving scenario, this work presents the Smart5Grid project vision on how 5G can support the energy vertical industry for the fast deployment of innovative digital services. Specifically, this work introduces the concept of network applications (NetApps), a new paradigm of virtualization that are envisioned to facilitate the creation of a new market for information technology (IT), small and medium enterprises (SMEs), and startups. This concept, and the open architecture that facilitates its implementation, is showcased by four real-life 5G-enabled demonstrators: (1) automatic fault detection in a medium voltage (MV) grid in Italy, (2) real-time safety monitoring for operators in high voltage (HV) substations in Spain, (3) remote distributed energy resources (DER) monitoring in Bulgaria, and (4) wide area monitoring in a cross-border scenario between Greece and Bulgaria. View Full-Text
Chochliouros, Ioannis P; Porcu, Daniele; Castro, Sonia; Otura, Borja; Encinar, Paula; Corsi, Antonello; Ciornei, Irina; Santiago, Rita; Antonopoulos, Angelos; Cadenelli, Nicola; others,
In: IFIP International Conference on Artificial Intelligence Applications and Innovations, pp. 134–147, Springer 2022.
Based on the original framework of the Smart5Grid EU-funded project, the present paper examines some fundamental features of the related platform that can be able to affect 5G implementation as well as the intended NetApps. Thus we examine: (i) the specific context of smart energy grids, enhanced by the inclusion of ICT and also supported by 5G connectivity; (ii) the cloud native context, together with the example of the cloud native VNF modelling, and; (iii) the MEC context as a 5G enabler for integrating management, control and orchestration processes. Each one is assessed compared to the state of the design and the implementation of the Smart5Grid platform. As a step further, we propose a preliminary framework for the definition of the NetApps, following to the way how the previous essential features are specifically incorporated within the project processes.
Grammatikis, Panagiotis Radoglou; Sarigiannidis, Panagiotis; Dalamagkas, Christos; Spyridis, Yannis; Lagkas, Thomas; Efstathopoulos, Georgios; Sesis, Achilleas; Pavon, Ignacio Labrador; Burgos, Ruben Trapero; Diaz, Rodrigo; others,
SDN-based resilient smart grid: the SDN-microSENSE architecture (Journal Article)
In: Digital, vol. 1, no. 4, pp. 173–187, 2021.
(Tags: )| | |
The technological leap of smart technologies and the Internet of Things has advanced the conventional model of the electrical power and energy systems into a new digital era, widely known as the Smart Grid. The advent of Smart Grids provides multiple benefits, such as self-monitoring, self-healing and pervasive control. However, it also raises crucial cybersecurity and privacy concerns that can lead to devastating consequences, including cascading effects with other critical infrastructures or even fatal accidents. This paper introduces a novel architecture, which will increase the Smart Grid resiliency, taking full advantage of the Software-Defined Networking (SDN) technology. The proposed architecture called SDN-microSENSE architecture consists of three main tiers: (a) Risk assessment, (b) intrusion detection and correlation and (c) self-healing. The first tier is responsible for evaluating dynamically the risk level of each Smart Grid asset. The second tier undertakes to detect and correlate security events and, finally, the last tier mitigates the potential threats, ensuring in parallel the normal operation of the Smart Grid. It is noteworthy that all tiers of the SDN-microSENSE architecture interact with the SDN controller either for detecting or mitigating intrusions.
Radoglou-Grammatikis, Panagiotis; Liatifis, Athanasios; Grigoriou, Elisavet; Saoulidis, Theocharis; Sarigiannidis, Antonios; Lagkas, Thomas; Sarigiannidis, Panagiotis
IEEE International Conference on Cyber Security and Resilience (CSR), IEEE, 2021.
The rise of the Industrial Internet of Things (IIoT) plays a crucial role in the era of hyper-connected digital economies. Despite the valuable benefits, such as increased resiliency, self-monitoring and pervasive control, IIoT raises severe cybersecurity and privacy risks, allowing cyberattackers to exploit a plethora of vulnerabilities and weaknesses that can lead to disastrous consequences. Although the Intrusion Detection and Prevention Systems (IDPS) constitute valuable solutions, they suffer from several gaps, such as zero-day attacks, unknown anomalies and false positives. Therefore, the presence of supporting mechanisms is necessary. To this end, honeypots can protect the real assets and trap the cyberattackers. In this paper, we provide a web-based platform called TRUSTY , which is capable of aggregating, storing and analysing the detection results of multiple industrial honeypots related to Modbus/Transmission Control Protocol (TCP), IEC 60870-5-104, BACnet, Message Queuing Telemetry Transport (MQTT) and EtherNet/IP. Based on this analysis, we provide a dataset related to honeypot security events. Moreover, this paper provides a Reinforcement Learning (RL) method, which decides about the number of honeypots that can be deployed in an industrial environment in a strategic way. In particular, this decision is converted into a Multi-Armed Bandit (MAB), which is solved with the Thompson Sampling (TS) method. The evaluation analysis demonstrates the efficiency of the proposed method.
Pliatsios, Dimitrios; Sarigiannidis, Panagiotis; Fragulis, George; Tsiakalos, Apostolos; Margounakis, Dimitrios
A Dynamic Recommendation-based Trust Scheme for the Smart Grid (Inproceedings)
In: 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), pp. 464–469, IEEE 2021.
(Tags: )| | |
The integration of the internet of things (IoT) concept into the traditional electricity grid introduces several critical vulnerabilities. Intrusion detection systems (IDSs) can be effective countermeasures against cyberattacks, however, they require considerable computational and storage resources. As IoT-enabled metering devices have limited resources, IDSs cannot efficiently ensure security. To this end, trust evaluation schemes have emerged as promising solutions toward protecting resource-constrained metering devices. In this work, we proposed a trust evaluation scheme for the smart grid, that is based on direct trust evaluation and recommendation. The proposed hierarchical scheme is able to evaluate the trustiness of each metering device without requiring any significant modifications to the already deployed infrastructure. Additionally, the proposed scheme features is dynamic, meaning that it is robust against non-adversarial events that negatively impact the device’s trustiness. To validate the performance of the proposed scheme, we carry out network-level simulations and investigate how the various network parameters impact the trust evaluation performance.
Spyridis, Yannis; Lagkas, Thomas; Sarigiannidis, Panagiotis; Argyriou, Vasileios; Sarigiannidis, Antonios; Eleftherakis, George; Zhang, Jie
In: Sensors, vol. 21, no. 11, pp. 3936, 2021.
Unmanned aerial vehicles (UAVs) in the role of flying anchor nodes have been proposed to assist the localisation of terrestrial Internet of Things (IoT) sensors and provide relay services in the context of the upcoming 6G networks. This paper considered the objective of tracing a mobile IoT device of unknown location, using a group of UAVs that were equipped with received signal strength indicator (RSSI) sensors. The UAVs employed measurements of the target’s radio frequency (RF) signal power to approach the target as quickly as possible. A deep learning model performed clustering in the UAV network at regular intervals, based on a graph convolutional network (GCN) architecture, which utilised information about the RSSI and the UAV positions. The number of clusters was determined dynamically at each instant using a heuristic method, and the partitions were determined by optimising an RSSI loss function. The proposed algorithm retained the clusters that approached the RF source more effectively, removing the rest of the UAVs, which returned to the base. Simulation experiments demonstrated the improvement of this method compared to a previous deterministic approach, in terms of the time required to reach the target and the total distance covered by the UAVs.
Triantafyllou, Anna; Sarigiannidis, Panagiotis; Lagkas, Thomas; Moscholios, Ioannis; Sarigiannidis, Antonios
In: Computer Networks, vol. 186, 2021.
(Tags: )| | |
The employment of Low-Power Wide Area Networks (LPWANs) has proven quite beneficial to the advancement of the Internet of Things (IoT) paradigm. The utilization of low power but long range communication links of the LoRaWAN technology promises low energy consumption, while ensuring sufficient throughput. However, due to LoRa’s original scheduling process there is a high chance of packet collisions, compromising the technology’s reliability. In this paper, we propose a new Medium Access Control (MAC) protocol, entitled the FCA-LoRa leveraging fairness and improving collision avoidance in LoRa wide-area networks. The novel scheduling process that is introduced is based on the broadcasting of beacon frames by the network’s gateway in order to synchronize communication with end devices. Our results demonstrate the benefits of FCA-LoRa over an enhanced version of the legacy LoRaWAN employing the ALOHA protocol and an advanced adaptive rate mechanism, in terms of throughput and collision avoidance. Indicatively, in a single gateway scenario with 600 nodes, FCA-LoRa can increase throughput by nearly 50% while in a multiple gateway scenario, throughput reaches an increase of 49% for 500 nodes.
Grammatikis, Panagiotis Radoglou; Sarigiannidis, Panagiotis; Iturbe, Eider; Rios, Erkuden; Martinez, Saturnino; Sarigiannidis, Antonios; Efstathopoulos, Georgios; Spyridis, Yannis; Sesis, Achilleas; Vakakis, Nikolaos; Tzovaras, Dimitrios; Kafetzakis, Emmanouil; Giannoulakis, Ioannis; Tzifas, Michalis; Giannakoulias, Alkiviadis; Angelopoulos, Michail; Ramos, Francisco
In: Computer Networks, 2021.
The technological leap of smart technologies has brought the conventional electrical grid in a new digital era called Smart Grid (SG), providing multiple benefits, such as two-way communication, pervasive control and self-healing. However, this new reality generates significant cybersecurity risks due to the heterogeneous and insecure nature of SG. In particular, SG relies on legacy communication protocols that have not been implemented having cybersecurity in mind. Moreover, the advent of the Internet of Things (IoT) creates severe cybersecurity challenges. The Security Information and Event Management (SIEM) systems constitute an emerging technology in the cybersecurity area, having the capability to detect, normalise and correlate a vast amount of security events. They can orchestrate the entire security of a smart ecosystem, such as SG. Nevertheless, the current SIEM systems do not take into account the unique SG peculiarities and characteristics like the legacy communication protocols. In this paper, we present the Secure and PrivatE smArt gRid (SPEAR) SIEM, which focuses on SG. The main contribution of our work is the design and implementation of a SIEM system capable of detecting, normalising and correlating cyberattacks and anomalies against a plethora of SG application-layer protocols. It is noteworthy that the detection performance of the SPEAR SIEM is demonstrated with real data originating from four real SG use case (a) hydropower plant, (b) substation, (c) power plant and (d) smart home.
Grammatikis, Panagiotis Radoglou; Sarigiannidis, Panagiotis; Efstathopoulos, George; Lagkas, Thomas; Fragulis, George; Sarigiannidis, Antonios
In: IEEE International Conference on Communications, 2021.
The rapid evolution of the Internet of Medical Things (IoMT) introduces the healthcare ecosystem into a new reality consisting of smart medical devices and applications that provide multiple benefits, such as remote medical assistance, timely administration of medication, real-time monitoring, preventive care and health education. However, despite the valuable advantages, this new reality increases the cybersecurity and privacy concerns since vulnerable IoMT devices can access and handle autonomously patients’ data. Furthermore, the continuous evolution of cyberattacks, malware and zero-day vulnerabilities require the development of the appropriate countermeasures. In the light of the aforementioned remarks, in this paper, we present an Intrusion Detection and Prevention System (IDPS), which can protect the healthcare communications that rely on the Hypertext Transfer Protocol (HTTP) and the Modbus/Transmission Control Protocol (TCP). HTTP is commonly adopted by conventional ICT healthcare-related services, such as web-based Electronic Health Record (EHR) applications, while Modbus/TCP is an industrial protocol adopted by IoMT. Although the Machine Learning (ML) and Deep Learning (DL) methods have already demonstrated their efficacy in detecting intrusions, the rarely available intrusion detection datasets (especially in the healthcare sector) complicate their global application. The main contribution of this work lies in the fact that an active learning approach is modelled and adopted in order to re-train dynamically the supervised classifiers behind the proposed IDPS. The evaluation analysis demonstrates the efficiency of this work against HTTP and Modbus/TCP cyberattacks, showing also how the entire accuracy is increased in the various re-training phases.
Khadka, A; Karipidis, Paris; Lytos, Anastasios; Efstathopoulos, G
A benchmarking framework for cyber-attacks on autonomous vehicles (Journal Article)
In: Transportation Research Procedia, vol. 52, pp. 323-330, 2021.
In this paper, a novel framework for a benchmark system for autonomous vehicles focusing on their security and reliability is proposed. Computer vision and networking technologies are improving offering solutions towards automation in connected autonomous vehicles. These systems are using sensor technologies, including vision and communication, providing information and measurements for the environment and other connected vehicles. As a result, unlike conventional vehicles, autonomous vehicles have to communicate with other vehicles as well as other external network infrastructure. However, such requirements make autonomous vulnerable to the attack. This may also motivate diverse types of cyber threats and attacks like traffic signs modification, GPS spoofing, and Vehicular Adhoc network distributed denial of service. Hence, this paper explores various aspects of security issues, vulnerabilities, exploitation methods and the adverse effect of them on connected autonomous vehicles and propose a novel benchmark framework focusing on physical and communication-based attack to evaluate and assets the state-of-the-art technologies that are currently use during cyber-attack.
Argyropoulos, Nikolaos; Khodashenas, Pouria Sayyad; Mavropoulos, Orestis; Karapistoli, Eirini; Lytos, Anastasios; Karypidis, Paris Alexandros; Hofmann, Klaus-Peter
In: Transportation Research Procedia, vol. 52, pp. 307-314, 2021, ISSN: 2352-1465, (23rd EURO Working Group on Transportation Meeting, EWGT 2020, 16-18 September 2020, Paphos, Cyprus).
The proliferation of next generation mobility, promotes the use of autonomous cars, connected vehicles and electromobility. It creates novel attack surfaces for high impact cyberattacks affecting the society. Addressing the cybersecurity challenges introduced by modern vehicles requires a proactive and multi-faceted approach combining techniques originating from various domains of ICT. Emerging technologies such as 5G, LiDAR, novel in-vehicle and roadside sensors and smart charging, used in modern cars, introduce new challenges and potential security gaps in the next generation mobility ecosystem. Thus, it is critical that the domain’s cybersecurity must be approached in a structured manner from a multi-domain and multi-technology perspective. The CARAMEL H2020 project aims to address the cybersecurity challenges on the pillars upon which the next generation mobility is constructed (i.e., autonomous mobility, connected mobility, electromobility). To achieve that, advanced Artificial Intelligence (AI) and Machine Learning (ML) techniques will be utilized for the identification of anomalies and the classification of incoming signals indicating a cyber-attack or a cybersecurity risk. Apart from risk detection, methods for the mitigation of the identified risks will also be continuously incorporated to the CARAMEL solution. The final goal of CARAMEL is to create an anti-hacking platform for the European automotive cybersecurity and to demonstrate its value through extensive attack and penetration scenarios. In this paper we will expand on the unique cybersecurity-relevant characteristics of the pillars upon which the CARAMEL solution is built. Next, a number of use cases emerging from such analysis will be extracted in order to form the basis upon which the CARAMEL platform will be evaluated. Finally, we will conclude with an overview of the platform’s architectural composition.
Radoglou-Grammatikis, Panagiotis; Rompolos, Konstantinos; Sarigiannidis, Panagiotis; Argyriou, Vasileios; Lagkas, Thomas; Sarigiannidis, Antonios; Goudos, Sotirios; Wan, Shaohua
In: IEEE Transactions on Industrial Informatics, vol. 18, no. 3, pp. 2041–2052, 2021.
The rise of the Internet of Medical Things introduces the healthcare ecosystem in a new digital era with multiple benefits, such as remote medical assistance, real-time monitoring, and pervasive control. However, despite the valuable healthcare services, this progression raises significant cybersecurity and privacy concerns. In this article, we focus our attention on the IEC 60 870-5-104 protocol, which is widely adopted in industrial healthcare systems. First, we investigate and assess the severity of the IEC 60 870-5-104 cyberattacks by providing a quantitative threat model, which relies on Attack Defence Trees and Common Vulnerability Scoring System v3.1. Next, we introduce an intrusion detection and prevention system (IDPS), which is capable of discriminating and mitigating automatically the IEC 60 870-5-104 cyberattacks. The proposed IDPS takes full advantage of the machine learning (ML) and software defined networking (SDN) technologies. ML is used to detect the IEC 60 870-5-104 cyberattacks, utilizing 1) Transmission Control Protocol/Internet Protocol network flow statistics and 2) IEC 60 870-5-104 payload flow statistics. On the other side, the automated mitigation is transformed into a multiarmed bandit problem, which is solved through a reinforcement learning method called Thomson sampling and SDN. The evaluation analysis demonstrates the efficiency of the proposed IDPS in terms of intrusion detection accuracy and automated mitigation performance. The detection accuracy and the F1 score of the proposed IDPS reach 0.831 and 0.8258, respectively, while the mitigation accuracy is calculated at 0.923.
Sun, Zhonglin; Spyridis, Yannis; Sessis, Achilleas; Efstathopoulos, Georgios; Grigoriou, Elisavet; Lagkas, Thomas; Sarigiannidis, Panagiotis
In: 2021 IEEE Globecom Workshops (GC Wkshps), pp. 1–6, IEEE 2021.
Intentional islanding is a procedure to divide the electrical grid into several parts to guarantee the stability of a system in the case of failure. This study provides an unsupervised deep neural network to deal with the issue of intentional islanding. We propose to use a self-learning neural network to improve the generalisation performance of the islanding task. In addition, we use a merging technology to assign isolated buses to their neighbour's label. Experiments are carried out on several grid cases to illustrate the effect of our solution.
Kelli, Vasiliki; Argyriou, Vasileios; Lagkas, Thomas; Fragulis, George; Grigoriou, Elisavet; Sarigiannidis, Panagiotis
In: Sensors, vol. 21, no. 20, pp. 6743, 2021.
Internet of Things (IoT) is a concept adopted in nearly every aspect of human life, leading to an explosive utilization of intelligent devices. Notably, such solutions are especially integrated in the industrial sector, to allow the remote monitoring and control of critical infrastructure. Such global integration of IoT solutions has led to an expanded attack surface against IoT-enabled infrastructures. Artificial intelligence and machine learning have demonstrated their ability to resolve issues that would have been impossible or difficult to address otherwise; thus, such solutions are closely associated with securing IoT. Classical collaborative and distributed machine learning approaches are known to compromise sensitive information. In our paper, we demonstrate the creation of a network flow-based Intrusion Detection System (IDS) aiming to protecting critical infrastructures, stemming from the pairing of two machine learning techniques, namely, federated learning and active learning. The former is utilized for privately training models in federation, while the latter is a semi-supervised approach applied for global model adaptation to each of the participant’s traffic. Experimental results indicate that global models perform significantly better for each participant, when locally personalized with just a few active learning queries. Specifically, we demonstrate how the accuracy increase can reach 7.07% in only 10 queries. View Full-Text
Siniosoglou, Ilias; Argyriou, Vasileios; Lagkas, Thomas; Tsiakalos, Apostolos; Sarigiannidis, Antonios; Sarigiannidis, Panagiotis
In: 2021 IEEE Globecom Workshops (GC Wkshps), pp. 1–6, IEEE 2021.
Since the introduction of automation technologies in the Industrial field and its subsequent scaling to horizontal and vertical extents, the need for interconnected industrial systems, supporting smart interoperability is ever higher. Due to this scaling, new and critical vulnerabilities have been created, notably in legacy systems, leaving Industrial infrastructures prone to cyber attacks, that can some times have catastrophic results. To tackle the need for extended security measures, this paper presents a Federated Industrial Honeypot that takes advantage of decentralized private Deep Training to produce models that accumulate and simulate real industrial devices. To enhance their camouflage, SCENT, a new custom and covert protocol is proposed, to fully immerse the Federated Honeypot to its industrial role, that handles the communication between the server and honeypot during the training, to hide any clues of operation of the honeypot other that its supposed objective to the eye of the attacker.
Porcu, Daniele; Chochliouros, Ioannis P; Castro, Sonia; Fiorentino, Giampaolo; Costa, Rui; Nodaros, Dimitrios; Koumaras, Vaios; Brasca, Fabrizio; di Pietro, Nicola; Papaioannou, George; others,
In: IFIP International Conference on Artificial Intelligence Applications and Innovations, pp. 7–20, Springer 2021.
The fast 5G deployment at global level influences a variety of vertical sectors and offers many opportunities for growth and innovation, drastically affecting modern economies. Among the major sectors where significant benefits are expected is the case of smart grid, where the management of energy demand is expected to become more efficient, leading to less investments. 5G inclusion and adaptation in smart grid will allow easier balance of energy load and reduction of electricity peaks, together with savings of energy cost. In the present work we introduce the innovative scope proposed by the Smart5Grid research project, aiming to complement contemporary energy distribution grids with access to 5G network resources through an open experimentation 5G platform and innovative Network Applications (NetApps). Smart5Grid administers four meaningful use cases for the energy vertical ecosystem, in order to demonstrate efficiency, resilience and elasticity provided by the 5G networks. In particular, each one among these use cases is presented and assessed as of its expected benefits and proposed novelties, based on the corresponding demonstration actions.
Moysiadis, Vasileios; Lagkas, Thomas; Argyriou, Vasileios; Sarigiannidis, Antonios; Moscholios, Ioannis D; Sarigiannidis, Panagiotis
Extending ADR mechanism for LoRa enabled mobile end-devices (Journal Article)
In: Simulation Modelling Practice and Theory, vol. 113, pp. 102388, 2021.
Siniosoglou, Ilias; Efstathopoulos, Georgios; Pliatsios, Dimitrios; Moscholios, Ioannis; Sarigiannidis, Antonios; Sakellari, Georgia; Loukas, Georgios; Sarigiannidis, Panagiotis
In: 2020 IEEE Symposium on Computers and Communications (ISCC), pp. 1-7, 2020.
(Tags: )| | |
Honeypots are powerful security tools, developed to shield commercial and industrial networks from malicious activity. Honeypots act as passive and interactive decoys in a network attracting malicious activity and securing the rest of the network entities. Since an increase in intrusions has been observed lately, more advanced security systems are necessary. In this paper a new method of adapting a honeypot system in a modern industrial network, employing the Modbus protocol, is introduced. In the presented NeuralPot honeypot, two distinct deep neural network implementations are utilized to adapt to network Modbus entities and clone them, actively confusing the intruders. The proposed deep neural networks and their generated data are then compared.
Triantafyllou, Anna; Sarigiannidis, Panagiotis; Lagkas, Thomas; Sarigiannidis, Antonios
In: 2020 9th International Conference on Modern Circuits and Systems Technologies (MOCAST), pp. 1-4, 2020.
(Tags: )| | |
The employment of Low-Power Wide Area Networks (LPWANs) has proven quite beneficial to the advancement of the Internet of Things (IoT) paradigm. The utilization of low power but long range communication links of the LoRaWAN technology promises low energy consumption, while ensuring sufficient throughput. However, due to LoRa's original scheduling process there is a high chance of packet collisions, compromising the technology's reliability. In this paper, we propose a new Medium Access Control (MAC) protocol, entitled the RCA-LoRa towards improving reliability and collision avoidance in LoRa wide-area networks. The novel scheduling process that is introduced is based on the broadcasting of beacon frames by the network's gateway in order to synchronize communication with end devices. Our results demonstrate the benefits of RCA-LoRa over an enhanced version of the legacy LoRaWAN employing the ALOHA protocol and an advanced adaptive rate mechanism, in terms of throughput and collision avoidance. Indicatively, in a single cell scenario with 600 nodes, RCA-LoRa can increase throughput by nearly 50.
Protopsaltis, Antonis; Sarigiannidis, Panagiotis; Margounakis, Dimitrios; Lytos, Anastasios
In: ARES 2020: The 15th International Conference on Availability, Reliability and Security, 2020.
As the Internet of Things (IoT) grows rapidly, huge amounts of wireless sensor networks emerged monitoring a wide range of infrastructure, in various domains such as healthcare, energy, transportation, smart city, building automation, agriculture, and industry producing continuously streamlines of data. Big Data technologies play a significant role within IoT processes, as visual analytics tools, generating valuable knowledge in real-time in order to support critical decision making. This paper provides a comprehensive survey of visualization methods, tools, and techniques for the IoT. We position data visualization inside the visual analytics process by reviewing the visual analytics pipeline. We provide a study of various chart types available for data visualization and analyze rules for employing each one of them, taking into account the special conditions of the particular use case. We further examine some of the most promising visualization tools. Since each IoT domain is isolated in terms of Big Data approaches, we investigate visualization issues in each domain. Additionally, we review visualization methods oriented to anomaly detection. Finally, we provide an overview of the major challenges in IoT visualizations.
Radoglou-Grammatikis, Panagiotis; Sarigiannidis, Panagiotis; Efstathopoulos, George; Karypidis, Paris-Alexandros; Sarigiannidis, Antonios
In: Proceedings of the 15th International Conference on Availability, Reliability and Security, Association for Computing Machinery, Virtual Event, Ireland, 2020, ISBN: 9781450388337.
In this paper, an Intrusion Detection and Prevention System (IDPS) for the Distributed Network Protocol 3 (DNP3) Supervisory Control and Data Acquisition (SCADA) systems is presented. The proposed IDPS is called DIDEROT (Dnp3 Intrusion DetEction pReventiOn sysTem) and relies on both supervised Machine Learning (ML) and unsupervised/outlier ML detection models capable of discriminating whether a DNP3 network flow is related to a particular DNP3 cyberattack or anomaly. First, the supervised ML detection model is applied, trying to identify whether a DNP3 network flow is related to a specific DNP3 cyberattack. If the corresponding network flow is detected as normal, then the unsupervised/outlier ML anomaly detection model is activated, seeking to recognise the presence of a possible anomaly. Based on the DIDEROT detection results, the Software Defined Networking (SDN) technology is adopted in order to mitigate timely the corresponding DNP3 cyberattacks and anomalies. The performance of DIDEROT is demonstrated using real data originating from a substation environment.
Grammatikis, Panagiotis Radoglou; Sarigiannidis, Panagiotis; Sarigiannidis, Antonios; Margounakis, Dimitrios; Tsiakalos, Apostolos; Efstathopoulos, Georgios
An Anomaly Detection Mechanism for IEC 60870-5-104 (Inproceedings)
In: 2020 9th International Conference on Modern Circuits and Systems Technologies (MOCAST), 2020.
The transformation of the conventional electricity grid into a new paradigm called smart grid demands the appropriate cybersecurity solutions. In this paper, we focus on the security of the IEC 60870-5-104 (IEC-104) protocol which is commonly used by Supervisory Control and Data Acquisition (SCADA) systems in the energy domain. In particular, after investigating its security issues, we provide a multivariate Intrusion Detection System (IDS) which adopts both access control and outlier detection mechanisms in order to detect timely possible anomalies against IEC-104. The efficiency of the proposed IDS is reflected by the Accuracy and F1 metrics that reach 98% and 87%, respectively.
Pliatsios, Dimitrios; Sarigiannidis, Panagiotis; Efstathopoulos, Georgios; Sarigiannidis, Antonios; Tsiakalos, Apostolos
Trust Management in Smart Grid: A Markov Trust Model (Inproceedings)
In: 2020 9th International Conference on Modern Circuits and Systems Technologies (MOCAST), pp. 1-4, 2020.
(Tags: )| | |
By leveraging the advancements in Information and Communication Technologies (ICT), Smart Grid (SG) aims to modernize the traditional electric power grid towards efficient distribution and reliable management of energy in the electrical domain. The SG Advanced Metering Infrastructure (AMI) contains numerous smart meters, which are deployed throughout the distribution grid. However, these smart meters are susceptible to cyberthreats that aim to disrupt the normal operation of the SG. Cyberattacks can have various consequences in the smart grid, such as incorrect customer billing or equipment destruction. Therefore, these devices should operate on a trusted basis in order to ensure the availability, confidentiality, and integrity of the metering data. In this paper, we propose a Markov chain trust model that determines the Trust Value (TV) for each AMI device based on its behavior. Finally, numerical computations were carried out in order to investigate the reaction of the proposed model to the behavior changes of a device.
Grammatikis, Panagiotis Radoglou; Sarigiannidis, Panagiotis; Iturbe, Eider; Rios, Erkuden; Sarigiannidis, Antonios; Nikolis, Odysseas; Ioannidis, Dimosthenis; Machamint, Vasileios; Tzifas, Michalis; Giannakoulias, Alkiviadis; Angelopoulos, Michail; Papadopoulos, Anastasios; Ramos, Francisco
Secure and Private Smart Grid: The SPEAR Architecture (Inproceedings)
In: 2020 6th IEEE International Conference on Network Softwarization (NetSoft), pp. 450-456, 2020.
Information and Communication Technology (ICT) is an integral part of Critical Infrastructures (CIs), bringing both significant pros and cons. Focusing our attention on the energy sector, ICT converts the conventional electrical grid into a new paradigm called Smart Grid (SG), providing crucial benefits such as pervasive control, better utilisation of the existing resources, self-healing, etc. However, in parallel, ICT increases the attack surface of this domain, generating new potential cyberthreats. In this paper, we present the Secure and PrivatE smArt gRid (SPEAR) architecture which constitutes an overall solution aiming at protecting SG, by enhancing situational awareness, detecting timely cyberattacks, collecting appropriate forensic evidence and providing an anonymous cybersecurity information-sharing mechanism. Operational characteristics and technical specifications details are analysed for each component, while also the communication interfaces among them are described in detail.
Lytos, Anastasios; Lagkas, Thomas; Sarigiannidis, Panagiotis; Zervakis, Michalis; Livanos, George
In: Computer Networks, vol. 172, pp. 107147, 2020, ISSN: 1389-1286.
Agriculture is by its nature a complicated scientific field, related to a wide range of expertise, skills, methods and processes which can be effectively supported by computerized systems. There have been many efforts towards the establishment of an automated agriculture framework, capable to control both the incoming data and the corresponding processes. The recent advances in the Information and Communication Technologies (ICT) domain have the capability to collect, process and analyze data from different sources while materializing the concept of agriculture intelligence. The thriving environment for the implementation of different agriculture systems is justified by a series of technologies that offer the prospect of improving agricultural productivity through the intensive use of data. The concept of big data in agriculture is not exclusively related to big volume, but also on the variety and velocity of the collected data. Big data is a key concept for the future development of agriculture as it offers unprecedented capabilities and it enables various tools and services capable to change its current status. This survey paper covers the state-of-the-art agriculture systems and big data architectures both in research and commercial status in an effort to bridge the knowledge gap between agriculture systems and exploitation of big data. The first part of the paper is devoted to the exploration of the existing agriculture systems, providing the necessary background information for their evolution until they have reached the current status, able to support different platforms and handle multiple sources of information. The second part of the survey is focused on the exploitation of multiple sources of information, providing information for both the nature of the data and the combination of different sources of data in order to explore the full potential of ICT systems in agriculture.
Pliatsios, Dimitrios; Sarigiannidis, Panagiotis; Lagkas, Thomas; Sarigiannidis, Antonios G
In: IEEE Communications Surveys Tutorials, vol. 22, no. 3, pp. 1942-1976, 2020.
Supervisory Control and Data Acquisition (SCADA) systems are the underlying monitoring and control components of critical infrastructures, such as power, telecommunication, transportation, pipelines, chemicals and manufacturing plants. Legacy SCADA systems operated on isolated networks, that made them less exposed to Internet threats. However, the increasing connection of SCADA systems to the Internet, as well as corporate networks, introduces severe security issues. Security considerations for SCADA systems are gaining higher attention, as the number of security incidents against these critical infrastructures is increasing. In this survey, we provide an overview of the general SCADA architecture, along with a detailed description of the SCADA communication protocols. Additionally, we discuss certain high-impact security incidents, objectives, and threats. Furthermore, we carry out an extensive review of the security proposals and tactics that aim to secure SCADA systems. We also discuss the state of SCADA system security. Finally, we present the current research trends and future advancements of SCADA security.
Dalamagkas, Christos; Sarigiannidis, Panagiotis; Ioannidis, Dimosthenis; Iturbe, Eider; Nikolis, Odysseas; Ramos, Francisco; Rios, Erkuden; Sarigiannidis, Antonios; Tzovaras, Dimitrios
In: 2019 IEEE Conference on Network Softwarization (NetSoft), pp. 93-100, 2019.
(Tags: )| | |
Power grid is a major part of modern Critical Infrastructure (CIN). The rapid evolution of Information and Communication Technologies (ICT) enables traditional power grids to encompass advanced technologies that allow them to monitor their state, increase their reliability, save costs and provide ICT services to end customers, thus converting them into smart grids. However, smart grid is exposed to several security threats, as hackers might try to exploit vulnerabilities of the industrial infrastructure and cause disruption to national electricity system with severe consequences to citizens and commerce. This paper investigates and compares honey-x technologies that could be applied to smart grid in order to distract intruders, obtain attack strategies, protect the real infrastructure and form forensic evidence to be used in court.
Efstathopoulos, Georgios; Grammatikis, Panagiotis Radoglou; Sarigiannidis, Panagiotis; Argyriou, Vasilis; Sarigiannidis, Antonios; Stamatakis, Konstantinos; Angelopoulos, Michail K; Athanasopoulos, Solon K
Operational Data Based Intrusion Detection System for Smart Grid (Inproceedings)
In: 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD), pp. 1-6, 2019.
With the rapid progression of Information and Communication Technology (ICT) and especially of Internet of Things (IoT), the conventional electrical grid is transformed into a new intelligent paradigm, known as Smart Grid (SG). SG provides significant benefits both for utility companies and energy consumers such as the two-way communication (both electricity and information), distributed generation, remote monitoring, self-healing and pervasive control. However, at the same time, this dependence introduces new security challenges, since SG inherits the vulnerabilities of multiple heterogeneous, co-existing legacy and smart technologies, such as IoT and Industrial Control Systems (ICS). An effective countermeasure against the various cyberthreats in SG is the Intrusion Detection System (IDS), informing the operator timely about the possible cyberattacks and anomalies. In this paper, we provide an anomaly-based IDS especially designed for SG utilising operational data from a real power plant. In particular, many machine learning and deep learning models were deployed, introducing novel parameters and feature representations in a comparative study. The evaluation analysis demonstrated the efficacy of the proposed IDS and the improvement due to the suggested complex data representation.
Triantafyllou, Anna; Sarigiannidis, Panagiotis; Sarigiannidis, Antonios; Rios, Erkuden; Iturbe, Eider
In: Proceedings of the 22nd Pan-Hellenic Conference on Informatics, pp. 34–39, PCI '18: Proceedings of the 22nd Pan-Hellenic Conference on Informatics, 2018.
(Tags: )| | |
The Electric Smart Grid (ESG) is an intelligent critical infrastructure aiming to create an automated and distributed advanced energy delivery network, while preserving information privacy. This study proposes the implementation of an Anonymous Incident Communication Channel (AICC) amongst smart grids across Europe to improve situational awareness and enhance security of the new electric intelligent infrastructures. All participating organizations will have the ability to broadcast sensitive information, stored anonymously in a repository, without exposing the reputation of the organisation. This work focuses on the requirements of establishment, the possible obstacles and proposed data protection techniques to be applied in the AICC. Furthermore, a discussion is conducted regarding the documentation of cyber-incidents. Last but not least, the benefits and the potential risks of this AICC concept are also provided.