Security Aspects of Internet of Things aided Smart

Grids: a Bibliometric Survey

Jacob Sakhninia,b , Hadis Karimipoura , Ali Dehghantanhab , Reza M. Parizic ,

Gautam Srivastavad
a School of Engineering, University of Guelph, Guelph, ON, Canada
arXiv:2005.00915v1 [cs.CR] 2 May 2020

b Cyber Science Lab, School of Computer Science, University of Guelph, Guelph, ON,
Canada
c College of Computing and Software Engineering, Kennesaw State University, GA, USA
d Department of Mathematics and Computer Science, Brandon University, MB, Canada

Abstract

The integration of sensors and communication technology in power systems,

known as the smart grid, is an emerging topic in science and technology. One
of the critical issues in the smart grid is its increased vulnerability to cyber
threats. As such, various types of threats and defense mechanisms are proposed
in literature. This paper offers a bibliometric survey of research papers focused
on the security aspects of Internet of Things (IoT) aided smart grids. To the
best of the authors’ knowledge, this is the very first bibliometric survey paper in
this specific field. A bibliometric analysis of all journal articles is performed and
the findings are sorted by dates, authorship, and key concepts. Furthermore,
this paper also summarizes the types of cyber threats facing the smart grid, the
various security mechanisms proposed in literature, as well as the research gaps
in the field of smart grid security.
Keywords: Smart Grid, Power Systems, Internet of Things, Cyber Security,
Cyber attack, Breach detection, Intrusion detection

Email addresses: [email protected] (Jacob Sakhnini), [email protected]

(Hadis Karimipour), [email protected] (Ali Dehghantanha),
[email protected] (Reza M. Parizi), [email protected] (Gautam Srivastava)

Preprint submitted to Internet of Things May 5, 2020

1. Introduction

The smart grid is becoming the power systems of the next generation [1]. The
development of todays power systems is aimed towards integrating smart meters,
sensors, and advanced computing technologies [2]. This smart grid technology
greatly enhances the power generation efficiency and prompts the incorporation
of various sources of energy generation into one system [3]. The association
of smart meters and sensors along power grid networks allows the generation
centers access to real-time power demand information. This information can be
used to implement an efficient generation and distribution plan [4, 5]. As such,
integration of these technologies into power system infrastructure has greatly
increased the energy efficiency as well as reduced the price of electricity.
Several countries are investing in smart grid technologies due to its poten-
tial for great economic and social benefits [6]. However, utilizing communication
networks induces security risks and vulnerability to cyber attacks. Therefore,
cybersecurity and detection of cyber attacks is an essential part of smart grid
movement. The National Institute of Standards and Technology (NIST), the
Energy Expert Cyber Security Platform (EESCP), and the European Commis-
sion’s Smart Grids Task Force have all highlighted the importance of cybersecu-
rity in the emerging smart grid technologies [7, 8, 9]. As a result, many studies
have been published that propose cybersecurity methods and cyber attack iden-
tification.
Smart grid systems consist of various resources and technologies [10]. Smart
meters are incorporated to collect consumption data for more efficient power
distribution. Additionally, interconnection of supervisory control and data ac-
quisition (SCADA) allows for more expanded centralized distribution along large
geographical areas [11]. The smart grid also allows for interaction among trans-
mission and distribution grids, building controllers, as well as various sources
of energy generation [12, 13]. However, the integration of digital and informa-
tion technology into the smart grid and the increased complexity of the system
increases the possibility of cyber attacks and failures propagating from one sys-

2
tem to another [14]. As such, there are many challenges accompanying cyber-
security in the smart grid. Some examples include the difficulty modelling the
non-linearities and stochasticity of the system, as well as modeling the various
types of cyber attacks that can potentially inflict the system.
Many Advanced Persistent Threat (APT) actors and hacking teams are tar-
geting critical infrastructure and services [15] ranging from healthcare [16] and
safety critical systems [17] to the smart grid. Furthermore, the rise of Internet of
Things (IoT) technology which can be defined as a network of physical devices
connected to the internet. The use of such devices can help the smart grid by
supporting various network functions in power generation and storage as well
as provide connectivity between supplier and consumers [18]. The integration
of IoT devices in the smart grid also poses additional vulnerabilities to cyber
threats [19].
Various methods for cyber attack detection have been proposed in litera-
ture. Model based solutions, such as variants of state estimation techniques and
statistical-based models, have been suggested [20, 21]. Furthermore, the use of
Kalman filters for measurement estimation has been proposed to detect cyber
attacks [22, 23]. Alternatively, intelligent systems have also been proposed in
literature. The use of supervised learning was proposed for detection of false
data injection (FDI) attacks [24, 25]. While supervised machine learning tech-
niques offer higher accuracy [26], semi-supervised machine learning techniques
may rely on lesser studied features such as spatial and temporal correlation of
smart meter measurements [27].
Other machine learning based solutions have been proposed including rein-
forcement learning and deep learning algorithms. The use of Artificial Immune
Systems (AIS) coupled with an SVM to detect malicious data was proposed in
[28]. Alternatively, the use of deep learning to extract the nonlinear features
in electric load data to improve on an interval state estimation-based defense
system is also proposed in [29]. Deep learning is also implemented in real-time
detection of false data injection attacks in [30]. Additionally, deep learning is
used to analyze real time measurements from PMUs for cyber attack mitigation

3
in [31]. Recurrent Neural Networks (RNNs) are also proposed for detection of
cyber attacks by observing temporal variations in successive historical data in
[32]. Furthermore, unsupervised deep learning is also used to propose a scalable
intelligent attack detection solution in [33].
Many Advanced Persistent Threat (APT) actors and hacking teams are tar-
geting critical infrastructure and services [15] ranging from healthcare [16]and
safety critical systems [17] to the smart grid.
The variety in and complexity of cyber threats in the smart grid provoked
a large amount of solutions. Therefore, a bibliometric analysis and summary
of the up to date solutions to smart grid cybersecurity is important. Such
analysis is also lacking in literature. Several summaries and literature reviews
have already been published on the topic. For example, literature review and
a survey on smart grid cybersecurity was given in [34] and[35]. Similarly, a
systematic mapping study of cyber-physical systems has also been published
in [36]. However, these reviews have all been published before 2016 and, as
such, are outdated and do not include many of the new solutions proposed.
More recent literature reviews have been published which analyze the various
types of cyber threats in the smart grid through a survey of literature [37,
38]. Both articles, however, lack a bibliometric analysis of literature as well
as an inquiry of the attack detection methods used. There are also surveys
of smart grid cybersecurity articles [39, 40]; both of which have emphasized
cybersecurity standards and lack details regarding types of cyber attacks and
defense mechanisms.
The purpose of this paper is to identify, classify, and review existing publi-
cations on cybersecurity of the smart grid to better understand current security
mechanisms in literature. A bibliometric analysis is performed on related ar-
ticles to date, to categorize the publications by its bibliometric characteristics
such as authors and dates. This bibliometric analysis can allow researchers to
better understand the state of the art of the cybersecurity systems implemented
in the smart grid as well as the structure and characteristics of studies in this
field. Understanding patterns in research activities can improve future work

4
and research in the field of smart grid cybersecurity. To perform a successful
bibliometric evaluation, this paper aims to investigate journal articles published
between January 2010 and May 2019 in the domain of cybersecurity in the smart
grid. The paper will consider the following research questions:

a) What is the trend of publications in smart grid cybersecurity?

b) What is the future direction of cybersecurity in the smart grid?
c) What are the types of cyber threats currently studied?
d) What are the defence mechanisms used in IoT integrated the smart grid?

The remainder of this paper is organized as follows: Section 2 outlines the

research methods used for the bibliometric analysis. Section 3 demonstrates the
resultant findings. Next, Section 4 discusses the attacks on power systems that
have been reported. Section 5 provides classification of cyber attack detection
in the smart grid. Finally, Section 6 is the conclusion of this study and describes
the challenges and future trends of smart grid cybersecurity.

2. Methodology

The methods used in this paper follow a similar process to [41], which di-
vides the bibliometric methods into two parts. First, general instructions, which
discusses the search methods and search engines used to find papers and elim-
inate possible sources of error. Next, publication analysis, which discusses the
evaluation of the publications. This method of bibliometric analysis is used in
various subjects, such as the rise of malware in the cybersecurity domain [41],
the expansion of scientific literature on women in science and higher education
[42], and literature trends in the domain of biomass energy [43]. Since this bib-
liometric method is widely used in various subjects of literature, this paper will
follow the same methodology and apply it to the domain of cybersecurity in the
smart grid.
Online research databases are used to retrieve all the relevant journal arti-
cles from January 2010 to May 2019. There are various online databases that

5
include papers in this domain. IEEE Explore and ScienceDirect are two of the
largest databases for smart grid related publications [36]. The Web of Science
(WoS) database is also commonly used since it includes publications from vari-
ous international databases [41]. The three aforementioned databases are used
with the following search query, which was chosen based on survey papers in
this field [37, 38, 39, 40]:
(”Smart Grid” AND ”Cyber Security” OR ”Cyber Attack” OR ”Cyber
Threat” OR ”False Data Injection” OR ”Attack Detection”)
Results from all databases are cross-referenced for repeated results. The
results are filtered based on their relevance to cybersecurity of the smart grid,
which is evaluated based on the abstracts of the papers. The papers excluded
from the bibliometric analysis include papers written in any language other than
English, and papers that contain the specified keywords but are not relevant to
smart grid cybersecurity. The included papers are categorized according to
timeline, journals, and authors. The papers are also categorized based on the
research output, which will be mainly measured by the frequency of key words
and phrases. Software such as Zotero and VOSviewer tool are used to sort and
visualize the bibliometric data.

3. Findings

This section discusses the findings of the bibliometric analysis on the topic
of security systems in the smart grid. Using the search query specified in the
Section 2, the three databases found a total of 2314 search results for journal
articles. After filtering duplicates, 1722 journal articles remained. Figure 1
shows that the largest number of journal articles on this topic are in the WoS
database which account for 61.2% of the findings. ScienceDirect and IEEE
Xplore databases have fewer results accounting for 30.1% and 8.67% respec-
tively. Furthermore, duplicates among the three databases accounted for 25.6%
which indicates that while some papers are mentioned in multiple databases, the
use of only one database is not a sufficient tool to represent the state-of-the-art

6
in this topic.

Figure 1: Percentage of journal articles published in each database on the topic of security
systems in the smart grid

After filtering duplicates, the 1722 journal articles are sorted by year of
publication as seen in Figure 2. The figure demonstrates the novelty of the
subject of security systems in the smart grid. Moreover, the majority of the
articles were published in the last 5 years; 30.2% of the journal articles were
published in 2018, 20.1% were published in 2017, 12.1% in 2016, and 8.2%
and 11.6% were published in 2014 and 2015 respectively. Furthermore, the
upward trend in publications over time demonstrates substantial growth in this
research topic. Additionally, the small number of publications prior to 2010 show
that security systems in the smart grid is a field of study that only recently
commenced; meaning that there are likely several uncertainties and much to
explore in this research field.
To study the contributions of different journals to the topic of security sys-
tems in the smart grid, the articles are sorted by journal of publication. Table
1 shows the 40 most prominent journals in this research field, sorted by number
of publications. These results demonstrate that while some journals hold more
publications in this field than others, the research papers are spread out among

7
Figure 2: Number of journal articles on security systems of the smart grid published every
year

a large number of journals. The wide distribution of articles among journals

proves that this research area is of general importance to science and society
and many journals seek publications in this topic.

Table 1: Number of articles published in each journal

Journal Name Articles Percentage

Future Generation Computer Systems 68 3.95%
Computers & Security 66 3.83%
IEEE Access 52 3.02%
IEEE Transactions on Smart Grid 43 2.50%
IFAC-PapersOnLine 40 2.32%
The Electricity Journal 36 2.09%
Security and Communication Networks 35 2.03%
Computer Networks 34 1.97%
International Journal of Electrical Power & Energy Systems 34 1.97%
Procedia Computer Science 30 1.74%
International Journal of Critical Infrastructure Protection 29 1.68%

8
IEEE Transactions on Information Forensics and Security 25 1.45%
Ad Hoc Networks 21 1.22%
Energy Procedia 20 1.16%
Sensors 20 1.16%
Journal of Network and Computer Applications 19 1.10%
Neurocomputing 19 1.10%
Electric Power Systems Research 18 1.05%
IFAC Proceedings Volumes 17 0.99%
Computer Communications 16 0.93%
Computers & Electrical Engineering 16 0.93%
Energy Policy 15 0.87%
Expert Systems with Applications 15 0.87%
IEICE Transactions on Information and Systems 15 0.87%
Wireless Personal Communications 15 0.87%
Journal of the Franklin Institute 14 0.81%
Information Sciences 13 0.75%
International Journal of Distributed Sensor Networks 13 0.75%
Procedia Technology 13 0.75%
Automatica 12 0.70%
IEEE Communications Surveys & Tutorials 11 0.64%
IEEE Transactions on Industrial Informatics 11 0.64%
Multimedia Tools and Applications 11 0.64%
IEEE Transactions on Power Systems 10 0.58%
Journal of Information Security and Applications 10 0.58%
Sustainable Energy, Grids and Networks 10 0.58%
Energy 9 0.52%
International Journal of Security and Its Applications 9 0.52%
Technological Forecasting and Social Change 9 0.52%
Energies 8 0.46%

Aside from journals, articles are also sorted and analyzed based on author.

9
Table 2 shows the 40 authors with the most publications in security systems of
the smart grid. The author with the most publications in this research field,
Kim-Kwang Raymond Choo, has authored 1.16% of the publications found.
The authors with the second and third most publications, Xuan Liu and Zuyi
Li, have authored 0.58% and 0.52% of the journal articles respectively. The low
percentage of publications for the most prominent authors in the field shows that
security systems in the smart grid is a vastly growing field that is gaining interest
from various authors around the world. Furthermore, there are 4952 authors
who contributed to the 1722 journal articles analyzed. This demonstrates the
high demand for research advancement in the topic of security systems in the
smart grid.

Table 2: Number of articles published by each author

Author Publications Percentage

Choo, Kim-Kwang Raymond 20 1.16%
Liu, Xuan 10 0.58%
Li, Zuyi 9 0.52%
Abbas, Haider 8 0.46%
Shon, Taeshik 8 0.46%
Genge, Bla 7 0.41%
Kumar, Neeraj 7 0.41%
Lopez, Javier 7 0.41%
Lu, Rongxing 7 0.41%
Xiao, Yang 7 0.41%
Xu, Shouhuai 7 0.41%
Das, Ashok Kumar 6 0.35%
Debbabi, Mourad 6 0.35%
Govindarasu, Manimaran 6 0.35%
Haller, Piroska 6 0.35%
Shi, Ling 6 0.35%

10
 Alcaraz, Cristina 5 0.29%
Elovici, Yuval 5 0.29%
Guizani, Mohsen 5 0.29%
Han, Zhu 5 0.29%
Janicke, Helge 5 0.29%
Kundur, Deepa 5 0.29%
Liu, Anfeng 5 0.29%
Qian, Yi 5 0.29%
Qiu, Meikang 5 0.29%
Vasilakos, Athanasios V. 5 0.29%
Wang, Jianhui 5 0.29%
Wang, Wei 5 0.29%
Wazid, Mohammad 5 0.29%
Xiang, Yang 5 0.29%
Yu, Wei 5 0.29%
Amjad, Muhammad Faisal 4 0.23%
Anwar, Zahid 4 0.23%
Bou-Harb, Elias 4 0.23%
Bretas, Arturo S. 4 0.23%
Cai, Zhongmin 4 0.23%
Chen, Jiming 4 0.23%
Chilamkurti, Naveen 4 0.23%
Czajka, Adam 4 0.23%
Du, Xiaojiang 4 0.23%

To explore the specific aspects of smart grid cybersecurity, a keyword analysis

was performed. The heat-map in Figure 3 shows the most prominent keywords
observed in the articles analyzed. This heat-map represents the keywords in
colored clusters as well as their connections. Figure 3 exhibits the most signif-
icant topics in this subject based on their occurrence in journal papers. This
heatmap shows the most important terms surrounding smart grid security which

11
demonstrates the main concepts associated with this research field.

Figure 3: A heat-map of keywords mentioned in all journal articles in the subject of smart
grid cybersecurity

The findings of this bibliometric analysis demonstrate the significance of

security in the smart grid. The number of contributing authors and journals
show an active community of researchers focused on this topic. Additionally,
the increasing number of publications in recent years shows a great increase in
the interest of this topic. To further demonstrate the significance of security in
the smart grid, the next section discusses reported attacks on power systems in
recent history as well as their impact.

12
4. Reported Attacks on the Smart Grid

There have been several documented attacks on the electric grid attributed
to cyber attacks. In January 2003, the computer network at the Davis-Besse
nuclear plant in Oak Harbor, Ohio was compromised by a malware disabling its
processing computer and safety monitoring system for several hours [44]. Simi-
larly, circulation pumps at the Brown Ferry nuclear plant in Alabama failed due
to excessive traffic, believed to be attributed to a DoS attack [44]. Furthermore,
an investigation in 2009 revealed that hackers are able to steal power through
compromising the smart meters and changing the consumption readings [45].
Phishing incidents have also been reported at electric bulk providers and mal-
ware samples were found indicating a targeted and sophisticated intrusion [44].
Additionally, in April of 2012, the FBI was asked to investigate widespread in-
cidents of power thefts through smart meter attacks [45]. The report indicates
that hackers changed the power consumption of smart meters using software
available easily on the internet.
Such incidents in recent history induce various security concerns regarding
critical infrastructure. As such, it is crucial that security of the smart grid is
explored at every level including adequate situational awareness at all times. In
fact, lack of situational awareness can have devastating impacts beyond cyber
threats. For example, in August of 2003, a blackout occurred in the north east
of the United States due to a cascading failure of the power system due to
the lack of awareness of the Ohio-based electric utility company. This lack of
awareness resulted in a cascading failure of 508 generators and 265 power plants
across eight states and southern Ontario [45]. This clearly shows how adequate
security systems can have benefits beyond mitigating cyber threats, including
minimizing damage from faults or incidents.

5. Security Systems in the Smart Grid

This section examines the security threats facing the smart grid, as well as
the state of the art of the current countermeasures of these threats. Subsection

13
 Figure 4: The number of journal articles studying each attack type

5.1 discusses the specific types of cyber threats in power systems, and subsection
5.2 discusses the defense mechanisms proposed in literature.

5.1. Types of Cyber Threats

Cyber threats or cyber attacks are among the most discussed and studied
threats for the smart grid [37]. The wide interest in studying cyber threats in
the smart grid is due to the number of significant vulnerabilities identified [46].
Furthermore, cyber attacks have the potential of leading power systems into
total collapse [47]. These cyber attacks can occur for various purposes and are
generally divided into two main types: Passive Attacks and Active Attacks [48].
Passive attacks include eavesdropping, spying, and traffic analysis; while active
attacks include denial of service (DoS) and malware attacks.
The various types of attacks are not equally studied in literature. Figure 4
shows the number of articles studying each type of attack. While there are more

14
types of cyber threats that can compromise a network, the following sections
discuss the attacks studied in the smart grid, which are mentioned in Figure 4.

5.1.1. Spoofing Attacks

The main types of spoofing are GPS spoofing, ARP spoofing, and IP spoof-
ing [49]. IP spoofing uses a modified IP to pass through security systems and
is typically the first stage of a complex intrusion. GPS spoofing, however, is
based on broadcasting incorrect signals of higher strength than received from
satellites to deceive victims. ARP spoofing is where falsified ARP (Address
Resolution Protocol) messages are used to link the attackers MAC address with
the IP address of the victim. Through this all data in the compromised system
will pass through the intruder. The most common type of spoofing attacks in
the smart grid is GPS spoofing due to the use of GPS receivers in the meter-
ing infrastructure. Vulnerability analysis in literature demonstrates how phasor
measurement units (PMUs) are susceptible to GPS spoofing attacks [50]. GPS
spoofing attacks can mislead the network operator, and drastically impact sub-
sequent corrective control actions [51].

5.1.2. Replay Attacks

Replay attacks aim to intercept authentication information. In the smart
grid, replay attacks intercept the usage pattern along the varying smart meters
and replay this data to carry out an undetected intrusion [52]. The integration
of IoT devices in smart grid networks induces increased threat to these attacks.
Furthermore, attacker can inject incorrect data to the system, which may lead
to incorrect energy price or inaccurate prediction [53].

5.1.3. Man-in-the-Middle Attack

This attack makes use of ARP, which maps a protocol address to a hardware
address (MAC address) [54]. The purpose of this attack is to combine the
attackers MAC address with the hosts IP address triggering any traffic meant
for that particular IP to be sent to the attacker instead, this is referred to as

15
ARP spoofing [55]. This allows the attacker to capture the communication
information within the SCADA system [56].

5.1.4. Smart Meter DoS Attacks

DoS attacks are typically achieved by flooding specific nodes of the system
with data that prompts generating and sending large volume of reply and request
packets [57]. There are various methods for generating such attacks which can
cause a system blackout [58]. These attacks can also be implemented through
IoT devices integrated into the smart grid. The increased integration of these
IoT devices has led to increased interest in DoS attacks [59].

5.1.5. Malware
The propagation of malicious software, known as malware, is another poten-
tial cyber threat to the smart grid [60]. One paper tests security methods for
three different types of malware, pandemic malware, endemic malware, and con-
tagion malware [61]. Pandemic malware is an aggressive malware that infects
all devices in the shortest time possible through a topological scan strategy. En-
demic malware, however, is the more intelligent type which sacrifices speed for
stealth by operating with less conspicuous hit list. Finally, contagion malware
is highly stealth and does not initiate connections with the network but rather
appends on legitimate communication flows.
The dangers of malware are accentuated in the communication layer of the
smart grid. It has been noted that thousands of smart meters may feature
identical hardware and firmware [62]. While this reduces cost and automates
maintenance, the closeness in device types and software induces susceptibility
to malware propagation.

5.1.6. False Data Injection Attacks

False Data Injection (FDI) attacks consist of malicious data injected into
measurement meters [63]. FDI attacks can be performed by manipulating the
measurements along the network by a linear factor of the Jacobian matrix of
the power system [25, 64]. This change in measurement is undetected by the

16
current state estimation techniques [65]. Furthermore, these attacks can be
created in various strategies with limited knowledge of power system topology
[66, 67, 68]. As such, these types of attacks are widely studied in the smart grid
cybersecurity field [63, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75].

5.1.7. Micro-Grid-Based Jamming Attack

This type of attack consists of jamming specific signal channels to intervene
and disrupt data transmission [76]. This results in unreliable communications
and decreased performance in the power system [77, 10].

5.2. Defence Mechanisms

Security and defense against the aforementioned attacks and threats is achieved
through various mechanisms. The security measures proposed in literature are
divided into the “7D model” or the 7 phases of cybersecurity as given in [78]:

• discovery

• detection

• denial

• disruption

• degradation

• destruction

The following subsections of Subsection 5.2 will discuss each of the compo-
nents and their proposed methods in literature.

5.2.1. Discovery
The discovery process in cybersecurity involves identifying and locating sen-
sitive data for adequate protection. In general applications of cybersecurity,
data discovery consists of auditing regulated information to ensure its protec-
tion. This is helpful because it enables context aware security, in which infor-
mation within the system is protected based on its sensitivity. In smart grid

17
security, the discovery phase mainly consists of identification of vulnerabilities
within the system.
Various methods are proposed in literature for vulnerability analysis in power
grids. One paper proposes an automated binary-based vulnerability discovery
method that extracts security-related features from the system [79]. This au-
tomatic discovery algorithm is tested on real smart meter data from Korean
infrastructure. Vulnerability analysis specific to certain types of environments
or threats are also proposed. In another paper, the survivability of smart grid
under is modeled under random and targeted attacks considering a networking
islanding scheme [80]. Another paper uses automatic static analysis (ASA) to
detect buffer-overflow vulnerabilities of terminal devices [81]. Such automated
techniques for vulnerability analysis can be useful due to their robustness and
scalability to larger systems. As such, a comprehensive assessment of vulner-
abilities in the smart grid from past to future has been published highlighting
the various vulnerabilities and discovery techniques [82].
More specific vulnerability modeling is also proposed in literature. One such
work models the vulnerabilities of the smart grid with incomplete topology in-
formation [83]. The results of this paper demonstrate the high level of threat in
the smart grid by exhibiting vulnerabilities that can be exploited with limited
knowledge of the system. Another paper reveals the cascading failure vulnera-
bility in the smart grid using a novel metric, called risk graph, which shows the
importance of nodes within the system as well as the relationship among them
[84]. Using this method, Zhu et al. develop a new node attack strategy and
introduce new vulnerabilities not considered before in literature.
Vulnerability analyses are also performed on specific attacks. One paper
performs a vulnerability analysis of the smart grid to GPS spoofing, a type
of attack capable of altering measurements to mislead network operators [50].
Another paper analyzes the vulnerability for simultaneous attacks in the smart
grid [85]. Paul and Ni consider various combinations of attacks and proposes a
new damage measurement matrix to quantify the loss of generation power and
time to reach steady-state. Web-based threats are also considered in another

18
paper which tackles the penetration of digital devices in the smart grid and the
associated consequences [86].
Most articles assess the vulnerability of the smart grid by analyzing either
substations or transmission lines. One article, however, performs a vulnera-
bility assessment on a joint substation and transmission line system in which
attacks can happen in either the substation, the transmission line, or both [87].
Another article takes into account scenarios of severe emergencies in the smart
grid and SCADA network and performs a vulnerability analysis of the system
under emergencies such as attacks from weapons of mass destruction (WMD)
[88]. Chopade and Bikdash analyze structural vulnerabilities, which consider in-
frastructures topology, and functional vulnerabilities, which consider operating
regimes of different infrastructures.
As demonstrated by the aforementioned articles, there is sufficient analysis
on vulnerabilities in the smart grid. Various attack strategies are identified
and implemented in literature that demonstrate the potential of cyber threats.
Detection and mitigation of some of these threats remains as a gap in this
research field. Next, we discuss the detection mechanisms proposed as well as
the future trend in these methods.

5.2.2. Detection of Attacks

Detection of cyber threats is typically achieved through classification using
data or measurements across the power system. Measurements along various
infrastructure and communication layers of the system are used to detect the
presence of threats or attacks. Model-based techniques are used to detect cyber
attacks through meter measurements through enhanced state-estimation tech-
niques [20, 89, 90]. Furthermore, distributed algorithms are used to find sta-
tistical variations in cyber attack vectors [22]. Kalman filters are also used to
estimate measurements along the power system along with statistical methods
of finding anomalies in measurements [22, 23, 91].
For defense methods to be scalable to larger systems, purely model-based at-
tack detection techniques are insufficient to guarantee the security of the smart

19
grid [92, 25]. As such, the use of intelligent systems and machine learning for
detecting cyber attacks is proposed. Supervised and unsupervised learning have
been tested and compared to conclude that supervised learning approaches gen-
erally result in more accurate classification of attacks [93]. Various supervised
learning algorithms have been successfully implemented [94, 95]. The results of
comparing these learning algorithms demonstrate that a Gaussian-based Sup-
port Vector Machine (SVM) is more robust with more accurate classification
among larger test systems [95]. Furthermore, another paper implemented the
margin setting algorithm (MSA) demonstrating better results than SVM and
artificial neural networks (ANN) [96, 25]. Other intelligent techniques include
adaboost, random forests, and common path mining method [97, 98, 99].
A critical concern in the use of intelligent systems in smart grid is computa-
tional efficiency [100, 101]. Many researchers try to tackle this issue by reducing
the dimensions of the data through principal component analysis [93, 94]. One
paper proposes the use of a genetic algorithm to select an ideal subset of fea-
tures that can increase the computation speed while maintaining the detection
accuracy of the machine learning algorithms [102]. Exploring various feature
selection techniques can be effective at increasing the computational efficiency
of machine learning algorithms. However, there have not been many papers
exploring this subject in the area of smart grid cybersecurity. As such, deep
learning techniques with automated or unsupervised feature selection methods
are likely to be proposed to tackle the computational burden of larger power
systems.

5.2.3. Denial of Attacks

One of the security methods in the smart grid revolves around the denial
or prevention of cyber threats. Denial techniques pertaining the security of the
smart grid typically take the shape of encryption methods for secure commu-
nications within the system [77, 103]. The most common encryption methods
are the use of symmetric or asymmetric keys. Symmetric keys use the same key
to encrypt and decrypt the messages while asymmetric keys use different keys

20
for encryption and decryption [10, 104]. Asymmetric key encryption requires
a larger computational capacity and is therefore not suitable for time-sensitive
information. Symmetric key encryption does not induce significant computa-
tional delay. However, it requires a public infrastructure for key management.
Therefore, it is suitable for encryption of distribution and transmission systems
[105, 106, 107].
Various encryption and key management methods have been proposed. One
scheme is based on Needham-Shroeder authentication protocol and elliptic curve
cryptographic algorithms for generating public keys [108]. Another scheme uses
digital certificates to establish symmetric communication sessions [105]. Ad-
ditionally, another authentication method is proposed that is based on S/key
one-time password scheme aimed to provide mutual authentication between the
meters and servers of the smart grid [109]. Mutual authentication between
smart grid utility network and Home Area Network (HAN) smart meters is
also explored through a novel key management protocol [110]. The proposed
mechanism aims at preventing various attacks including Brute-force, Replay,
Man-in-The-Middle, and Denial-of-Service attacks. Furthermore, encryption of
specific variables and measurements is also studied, specifically pertaining to
FDI attacks [111, 112, 112].
Choosing appropriate key management schemes is done by considering the
trade-off between security and computational efficiency. However, other issues
pertaining denial of attacks arise from the distributed nature of smart grid sys-
tems. One paper proposes an efficient framework to read isolated smart grid de-
vices that satisfies the hardware constraints while maintaining integrity against
most typical attacks [113]. Another protocol is proposed for preserving privacy
through aggregation of metering data in distributed scenarios and encryption
of measurements using a secret sharing scheme [114].
Other denial techniques are proposed in literature include increasing situa-
tional awareness to prevent attacks. One paper proposes specific measures to
tackle issues that lead to lack of awareness among smart grid operators. Such
measures include separate networks for actuators and sensors and restricting the

21
use of real time clocks to write-only data storage [115]. Another paper proposes
a different proactive defense approach which consists of randomizing meter in-
frastructure configurations to lower the predictability of the system to potential
adversaries [116]. While there are many approaches to deny or prevent cyber
threats, further research is likely necessary due to the continuous improvement
and modifications of adversarial techniques.

5.2.4. Disruption of Attacks

A critical part of the security of any system is the disruption of cyber threats
once the system is infected. Disruption of attacks in the smart grid is typically
tackled by game theory approaches. One paper demonstrates disruptive coun-
termeasures to reduce the impact of attacks based on the knowledge of non-
compromised components [117]. Similarly, another paper demonstrates how
informed decisions can be made in real-world scenario of attacks to mitigate or
disrupt them [118]. This is done by using a sequential two-player game model
that includes attacker/defender behavior. Similarly, another article attempts
to achieve the same goal by making use of the Stackelberg competition, which
quantitatively analyzes the game process between attacker and operator [119].
A linear game framework is also proposed with the emphasis on application to
large power systems with large number of components under attack [120].
Disruption of attacks through game theory is also studied under varying
circumstances. One article considers coalitional attacks that can be launched
by multiple adversaries [121]. A game-theoretic model is proposed to capture
the interaction among the adversaries and quantify the capacity of the defender
based on Iterated Public Goods Game (IPGG) model. Similarly, stochastic
games for protection against coordinated attacks is also proposed in [122]. This
method uses an optimal load shedding technique to quantify physical impacts
of coordinated attacks which are used as input parameters to model interac-
tions between attacker and defender. Another paper looks into specific types
of attacks that exploit cyber vulnerabilities of specific meters and spread into
the physical components of the system [123]. This paper also proposes game

22
theory to analyze such attacks. Similarly, a game-theoretic perspective of data
injection attacks with multiple adversaries is also studied [124].
There is also focus on the disruption of specific common attacks in the smart
grid. Game theory based defense strategies against DoS attacks are proposed
which use Nash Equilibrium to maintain dynamic stability in an attacked system
[125, 126]. Minimizing the effects of jamming attacks is also studied through a
modified version of contract network protocol (CNP) as a negotiation protocol
among agents [127]. Results of this paper indicate that applying the proposed
protocol can reduce the jammers illegal profit and decrease their motive. The
problem with most of the proposed game theory techniques, however, is their
tendency to view network interdictions as one-time events. Further research in
this topic is likely to take shape as more comprehensive modeling of network
interdictions occurs. There are few papers in literature that take this into
consideration. One paper, however, uses zero-sum Markov games and a more
comprehensive model of attacker behavior [128]. This paper also demonstrates
a defender can use deception as a defense mechanism. Next, we discuss the
deception techniques proposed in literature, which when combined with the
aforementioned disruption techniques, can act as a comprehensive strategy for
mitigating attacks.

5.2.5. Deception of Attackers

While disruption of attacks involves minimizing the damage of cyber attacks,
deception focuses on altering the direction of the attack to mitigate its impact.
This is done by deceiving the attacker into targeting a trap. This deception
technology is an emerging field in cyber security due to its potential to detect
and defend against zero-day and advanced attacks. In the security of the smart
grid, however, deception technology is seldom used in literature.
A strategic honeypot game model was proposed for DoS attacks in the smart
grid [129]. This paper introduces honeypots into the metering infrastructure net-
work as a decoy system to detect and gather information. Interactions between
attackers and defenders are analyzed and the existence of several Bayesian-Nash

23
equilibriums is proved. However, this method was designed and tested for one
specific type of attack. A more general honeypot system is proposed to emulate
an entire smart grid field communication infrastructure in [130]. This paper
claims that their honeynet system can emulate high-fidelity and realistic power
grid behavior to deceive the attackers. However, evaluation of its realism and
scalability are only preliminary and testing was done on a single simulated sys-
tem. Another paper identifies the various types of honeypots and built a test
system to emulate a device on a utility network [131]. However, similarly to
the aforementioned papers, analysis regarding realism and scalability are insuf-
ficient. This is identified as a research gap in the deception strategies for smart
grid security. Future research is expected to involve more comprehensive system
modeling and the proposal of more versatile honeynet systems.

5.2.6. Degradation or Destruction of Attacks

Degrading or destroying the attack is the final part of the defense strat-
egy in the smart grid and it involves minimizing or destroying the effects of
the attack. An example of such mitigation techniques include defining security
metrics that quantify the importance of individual substations [132]. Another
proposed method uses a distinctive modeling technique with the capability to
modify network topology [133]. Such a technique can be used to degrade the
attack through optimizing the operation of the power system to minimize its
effects. This is done through a mixed-integer nonlinear bi-level program; in the
upper-level a terrorist agent maximizes the damage caused in the power sys-
tem, and in the lower level the system operator minimizes the damage through
optimal operation of the power system. Furthermore, the paper proposes a
Benders decomposition approach to transform the problem into a standard one-
level optimization problem. Another paper, however, tackles the same problem
through a genetic algorithm [134]. Alternatively, another paper proposes a dif-
ferent tri-level model for power network defense with the same goal of minimizing
economic cost that the attacks may cause [135].
Degradation techniques are often coupled with disruption techniques in game

24
theory approaches, as mentioned in Subsection 5.2.4. As such, defense solutions
that only focus on degradation of attacks are limited. Furthermore, due to the
legal implications, there are no solutions proposed that focus on destroying the
attack through hostile actions towards the adversary. Therefore, most solutions
in literature focus on denying, detecting, and minimizing the effect of attacks.

6. Conclusion

This paper analyzes publications within the field of security of IoT-aided

smart grids. Bibliometric results are reported highlighting the significance and
growth of this field. The findings demonstrate exponential growth in the field of
security systems in the smart grid over the last decade. Furthermore, the journal
papers analyzed discuss a variety of issues and various types of solutions. The
findings are summarized and types of threats, security measures, and evaluation
methods of the security systems are discussed. This bibliometric analysis con-
cludes that the variety of threats and the complexity of smart grid systems calls
for comprehensive and intelligent security methods. Furthermore, the primary
concerns in detection of cyber threats are computational efficiency and mini-
mizing the rate of false positives. Therefore, future publications are expected
to take aim at increasing the computational speed of security algorithms while
maintaining a high detection accuracy and a low rate of false alarms. Another
research gap in this field is the mitigation of cyber threats that have already
infected a smart grid. Most papers focus on detection and prevention of cyber
threats and only a few papers focus on mitigating those threats. Therefore,
future trends in this field of study are projected towards the mitigation of cyber
threats as well as robust deep learning algorithms for efficient detection of cyber
threats.

References

[1] X. Fang, S. Misra, G. Xue, D. Yang, Smart grid the new and improved
power grid: A survey, IEEE Communications Surveys Tutorials 14 (4)

25
 (2012) 944–980. doi:10.1109/SURV.2011.101911.00087.

[2] I. Colak, G. Fulli, S. Sagiroglu, M. Yesilbudak, C.-F. Covrig, Smart grid

projects in Europe: Current status, maturity and future scenarios, Ap-
plied Energy 152 (2015) 58–70. doi:10.1016/j.apenergy.2015.04.098.
URL https://linkinghub.elsevier.com/retrieve/pii/
S0306261915005619

[3] M. C. Such, C. Hill, Battery energy storage and wind energy integrated
into the smart grid, in: 2012 IEEE PES Innovative Smart Grid Technolo-
gies (ISGT), 2012, pp. 1–4. doi:10.1109/ISGT.2012.6175772.

[4] H. Yang, J. Zhang, J. Qiu, S. Zhang, M. Lai, Z. Y. Dong, A Practi-

cal Pricing Approach to Smart Grid Demand Response Based on Load
Classification, IEEE Transactions on Smart Grid 9 (1) (2018) 179–190.
doi:10.1109/TSG.2016.2547883.
URL http://ieeexplore.ieee.org/document/7442908/

[5] H. M. Rouzbahani, A. Rahimnezhad, H. Karimipour, Smart Households

Demand Response Management with Micro Grid, arXiv:1907.03641 [cs,
eess]ArXiv: 1907.03641.
URL http://arxiv.org/abs/1907.03641

[6] P. Bansal, A. Singh, Smart metering in smart grid framework: A review,

in: 2016 Fourth International Conference on Parallel, Distributed and
Grid Computing (PDGC), IEEE, Waknaghat, India, 2016, pp. 174–176.
doi:10.1109/PDGC.2016.7913139.
URL http://ieeexplore.ieee.org/document/7913139/

[7] The Smart Grid Interoperability PanelSmart Grid Cybersecurity Com-

mittee, Guidelines for smart grid cybersecurity, Tech. Rep. NIST IR
7628r1, National Institute of Standards and Technology (Sep. 2014).
doi:10.6028/NIST.IR.7628r1.
URL https://nvlpubs.nist.gov/nistpubs/ir/2014/NIST.IR.
7628r1.pdf

26
 [8] E. E. C. S. Platform, Recommendations for the european commission on
a european strategic framework and potential future legislative acts for
the energy sector, Tech. rep., EECSP (2017).

[9] ENISA the EU cybersecurity agency, Recommendations for the european

commission on implementation of a network code on cybersecurity, Tech.
rep., Smart Grid Task Force Expert Group (2018).

[10] G. N. Ericsson, Cyber Security and Power System CommunicationEssen-

tial Parts of a Smart Grid Infrastructure, IEEE Transactions on Power
Delivery 25 (3) (2010) 1501–1507. doi:10.1109/TPWRD.2010.2046654.
URL http://ieeexplore.ieee.org/document/5452993/

[11] F. Ghalavand, B. A. M. Alizade, H. Gaber, H. Karimipour, Microgrid

Islanding Detection Based on Mathematical Morphology, Energies 11 (10)
(2018) 2696. doi:10.3390/en11102696.
URL https://www.mdpi.com/1996-1073/11/10/2696

[12] H. Karimipour, V. Dinavahi, Robust massively parallel dynamic state

estimation of power systems against cyber-attack, IEEE Access 6 (2018)
2984–2995. doi:10.1109/ACCESS.2017.2786584.

[13] H. Karimipour, V. Dinavahi, Accelerated parallel WLS state estimation

for large-scale power systems on GPU, in: 2013 North American Power
Symposium (NAPS), 2013, pp. 1–6. doi:10.1109/NAPS.2013.6666827.

[14] H. Khurana, M. Hadley, Ning Lu, D. Frincke, Smart-grid security issues,

IEEE Security & Privacy Magazine 8 (1) (2010) 81–85. doi:10.1109/
MSP.2010.49.
URL http://ieeexplore.ieee.org/document/5403159/

[15] H. Mwiki, T. Dargahi, A. Dehghantanha, K.-K. R. Choo, Analysis and

Triage of Advanced Hacking Groups Targeting Western Countries Crit-
ical National Infrastructure: APT28, RED October, and Regin: Theo-

27
 ries, Methods, Tools and Technologies, 2019, pp. 221–244. doi:10.1007/
978-3-030-00024-0_12.

[16] S. Walker-Roberts, M. Hammoudeh, A. Dehghantanha, A systematic re-

view of the availability and efficacy of countermeasures to internal threats
in healthcare critical infrastructure, IEEE Access 6 (2018) 25167–25177.
doi:10.1109/ACCESS.2018.2817560.

[17] A. Jahromi, S. Hashemi, A. Dehghantanha, R. Parizi, K. Choo, An en-

hanced stacked lstm method with no random initialization for malware
threat hunting in safety and time-critical systems, IEEE Transactions on
Emerging Topics in Computational Intelligence.

[18] W. Meng, R. Ma, H. Chen, Smart grid neighborhood area networks: a

survey, IEEE Network 28 (1) (2014) 24–32. doi:10.1109/MNET.2014.
6724103.

[19] Y. Saleem, N. Crespi, M. H. Rehmani, R. Copeland, Internet of things-

aided smart grid: Technologies, architectures, applications, prototypes,
and future research directions, IEEE Access 7 (2019) 62962–63003. doi:
10.1109/ACCESS.2019.2913984.

[20] A. Tajer, S. Kar, H. V. Poor, S. Cui, Distributed joint cyber attack detec-
tion and state recovery in smart grids, in: 2011 IEEE International Con-
ference on Smart Grid Communications (SmartGridComm), IEEE, Brus-
sels, Belgium, 2011, pp. 202–207. doi:10.1109/SmartGridComm.2011.
6102319.
URL http://ieeexplore.ieee.org/document/6102319/

[21] Shuguang Cui, Zhu Han, S. Kar, T. T. Kim, H. V. Poor, A. Tajer, Coordi-
nated Data-Injection Attack and Detection in the Smart Grid: A Detailed
Look at Enriching Detection Solutions, IEEE Signal Processing Magazine
29 (5) (2012) 106–115. doi:10.1109/MSP.2012.2185911.
URL http://ieeexplore.ieee.org/document/6279584/

28
[22] D. B. Rawat, C. Bajracharya, Detection of False Data Injection Attacks
in Smart Grid Communication Systems, IEEE Signal Processing Letters
22 (10) (2015) 1652–1656. doi:10.1109/LSP.2015.2421935.
URL http://ieeexplore.ieee.org/document/7084114/

[23] M. N. Kurt, Y. Yilmaz, X. Wang, Distributed Quickest Detection of

Cyber-Attacks in Smart Grid, IEEE Transactions on Information Foren-
sics and Security 13 (8) (2018) 2015–2030. doi:10.1109/TIFS.2018.
2800908.
URL https://ieeexplore.ieee.org/document/8278264/

[24] M. Ozay, I. Esnaola, F. T. Y. Vural, S. R. Kulkarni, H. V. Poor, Machine

Learning Methods for Attack Detection in the Smart Grid, IEEE Transac-
tions on Neural Networks and Learning Systems 27 (8) (2016) 1773–1786.
doi:10.1109/TNNLS.2015.2404803.

[25] J. Sakhnini, H. Karimipour, A. Dehghantanha, Smart Grid Cyber Attacks

Detection using Supervised Learning and Heuristic Feature Selection, in:
IEEE Int. Conf. on Smart Energy Grid Engineering (SEGE), 2019, pp.
1–5.

[26] M. Esmalifalak, L. Liu, N. Nguyen, R. Zheng, Z. Han, Detecting Stealthy

False Data Injection Using Machine Learning in Smart Grid, IEEE
Systems Journal 11 (3) (2017) 1644–1652. doi:10.1109/JSYST.2014.
2341597.

[27] P.-Y. Chen, S. Yang, J. A. McCann, J. Lin, X. Yang, Detection of false

data injection attacks in smart-grid systems, IEEE Communications Mag-
azine 53 (2) (2015) 206–213. doi:10.1109/MCOM.2015.7045410.
URL http://ieeexplore.ieee.org/document/7045410/

[28] Y. Zhang, L. Wang, W. Sun, R. C. Green II, M. Alam, Distributed

Intrusion Detection System in a Multi-Layer Network Architecture of
Smart Grids, IEEE Transactions on Smart Grid 2 (4) (2011) 796–808.

29
 doi:10.1109/TSG.2011.2159818.
URL http://ieeexplore.ieee.org/document/5963752/

[29] H. Wang, J. Ruan, G. Wang, B. Zhou, Y. Liu, X. Fu, J. Peng, Deep

Learning-Based Interval State Estimation of AC Smart Grids Against
Sparse Cyber Attacks, IEEE Transactions on Industrial Informatics
14 (11) (2018) 4766–4778. doi:10.1109/TII.2018.2804669.
URL https://ieeexplore.ieee.org/document/8288611/

[30] Y. He, G. J. Mendis, J. Wei, Real-Time Detection of False Data Injection

Attacks in Smart Grid: A Deep Learning-Based Intelligent Mechanism,
IEEE Transactions on Smart Grid 8 (5) (2017) 2505–2516. doi:10.1109/
TSG.2017.2703842.
URL http://ieeexplore.ieee.org/document/7926429/

[31] J. Wei, G. J. Mendis, A deep learning-based cyber-physical strategy to

mitigate false data injection attack in smart grids, in: 2016 Joint Work-
shop on Cyber- Physical Security and Resilience in Smart Grids (CPSR-
SG), IEEE, Vienna, Austria, 2016, pp. 1–6. doi:10.1109/CPSRSG.2016.
7684102.
URL http://ieeexplore.ieee.org/document/7684102/

[32] A. Ayad, H. E. Z. Farag, A. Youssef, E. F. El-Saadany, Detection of false

data injection attacks in smart grids using Recurrent Neural Networks, in:
2018 IEEE Power & Energy Society Innovative Smart Grid Technologies
Conference (ISGT), IEEE, Washington DC, 2018, pp. 1–5. doi:10.1109/
ISGT.2018.8403355.
URL https://ieeexplore.ieee.org/document/8403355/

[33] H. Karimipour, A. Dehghantanha, R. M. Parizi, K. R. Choo, H. Le-

ung, A Deep and Scalable Unsupervised Machine Learning System for
Cyber-Attack Detection in Large-Scale Smart Grids, IEEE Access 7 (2019)
80778–80788. doi:10.1109/ACCESS.2019.2920326.

30
[34] T. Baumeister, Literature review on smart grid cyber security, Depart-
ment of Information and Computer Sciences, University of Hawaii.

[35] W. Wang, Z. Lu, Cyber security in the Smart Grid: Survey

and challenges, Computer Networks 57 (5) (2013) 1344–1371.
doi:10.1016/j.comnet.2012.12.017.
URL https://linkinghub.elsevier.com/retrieve/pii/
S1389128613000042

[36] Y. Zacchia Lun, A. D’Innocenzo, I. Malavolta, M. Benedetto, Cyber-

Physical Systems Security: a Systematic Mapping Study.

[37] A. O. Otuoze, M. W. Mustafa, R. M. Larik, Smart grids security

challenges: Classification by sources of threats, Journal of Elec-
trical Systems and Information Technology 5 (3) (2018) 468–483.
doi:10.1016/j.jesit.2018.01.001.
URL https://linkinghub.elsevier.com/retrieve/pii/
S2314717218300163

[38] Z. E. Mrabet, N. Kaabouch, H. E. Ghazi, H. E. Ghazi, Cyber-security in

smart grid: Survey and challenges, Computers & Electrical Engineering
67 (2018) 469–482. doi:10.1016/j.compeleceng.2018.01.015.
URL https://linkinghub.elsevier.com/retrieve/pii/
S0045790617313423

[39] R. Leszczyna, Cybersecurity and privacy in standards for smart grids

A comprehensive survey, Computer Standards & Interfaces 56 (2018)
62–73. doi:10.1016/j.csi.2017.09.005.
URL https://linkinghub.elsevier.com/retrieve/pii/
S0920548917301277

[40] R. Leszczyna, A review of standards with cybersecurity require-

ments for smart grid, Computers & Security 77 (2018) 262–276.
doi:10.1016/j.cose.2018.03.011.

31
 URL https://linkinghub.elsevier.com/retrieve/pii/
S0167404818302803

[41] M. F. A. Razak, N. B. Anuar, R. Salleh, A. Firdaus, The rise of malware:

Bibliometric analysis of malware study, Journal of Network and Com-
puter Applications 75 (2016) 58–76. doi:10.1016/j.jnca.2016.08.022.
URL https://linkinghub.elsevier.com/retrieve/pii/
S1084804516301904

[42] T. Dehdarirad, A. Villarroya, M. Barrios, Research on women in sci-

ence and higher education: a bibliometric analysis, Scientometrics 103 (3)
(2015) 795–812. doi:10.1007/s11192-015-1574-x.
URL http://link.springer.com/10.1007/s11192-015-1574-x

[43] G. Mao, H. Zou, G. Chen, H. Du, J. Zuo, Past, current and

future of biomass energy research: A bibliometric analysis, Re-
newable and Sustainable Energy Reviews 52 (2015) 1823–1833.
doi:10.1016/j.rser.2015.07.141.
URL https://linkinghub.elsevier.com/retrieve/pii/
S1364032115007881

[44] U. S. G. A. Office, Cybersecurity: Challenges in Securing the Electricity

Grid, CreateSpace Independent Publishing Platform, 2012.

[45] S. Goel, Y. Hong, Chapter 1 Security Challenges in Smart Grid Imple-

mentation, 2015.

[46] P. McDaniel, S. McLaughlin, Security and Privacy Challenges in the

Smart Grid, IEEE Security Privacy 7 (3) (2009) 75–77. doi:10.1109/
MSP.2009.76.

[47] S. Goel, Y. Hong, Security Challenges in Smart Grid Implementation,

in: S. Goel, Y. Hong, V. Papakonstantinou, D. Kloza (Eds.), Smart Grid
Security, SpringerBriefs in Cybersecurity, Springer London, London, 2015,

32
 pp. 1–39. doi:10.1007/978-1-4471-6663-4_1.
URL https://doi.org/10.1007/978-1-4471-6663-4_1

[48] V. Delgado-Gomes, J. F. Martins, C. Lima, P. N. Borza, Smart grid se-

curity issues, in: 2015 9th International Conference on Compatibility and
Power Electronics (CPE), 2015, pp. 534–538. doi:10.1109/CPE.2015.
7231132.

[49] P. Jokar, N. Arianpoo, V. C. M. Leung, Spoofing Detection in IEEE

802.15.4 Networks Based on Received Signal Strength, Ad Hoc Netw.
11 (8) (2013) 2648–2660. doi:10.1016/j.adhoc.2013.04.015.
URL http://dx.doi.org/10.1016/j.adhoc.2013.04.015

[50] P. Risbud, N. Gatsis, A. Taha, Vulnerability Analysis of Smart Grids to

GPS Spoofing, in: 2018 IEEE Power Energy Society General Meeting
(PESGM), 2018, pp. 1–1. doi:10.1109/PESGM.2018.8586646.

[51] P. Pradhan, K. Nagananda, P. Venkitasubramaniam, S. Kishore, R. S.

Blum, Gps spoofing attack characterization and detection in smart grids,
in: 2016 IEEE Conference on Communications and Network Security
(CNS), 2016, pp. 391–395. doi:10.1109/CNS.2016.7860525.

[52] J. Zhao, J. Wang, L. Yin, Detection and control against replay attacks
in smart grid, in: 2016 12th International Conference on Computational
Intelligence and Security (CIS), 2016, pp. 624–627. doi:10.1109/CIS.
2016.0151.

[53] T. Tran, O. Shin, J. Lee, Detection of replay attacks in smart grid sys-
tems, in: 2013 International Conference on Computing, Management and
Telecommunications (ComManTel), 2013, pp. 298–302. doi:10.1109/
ComManTel.2013.6482409.

[54] G. Jinhua, X. Kejian, ARP spoofing detection algorithm using ICMP

protocol, in: 2013 International Conference on Computer Communication
and Informatics, 2013, pp. 1–6. doi:10.1109/ICCCI.2013.6466290.

33
[55] D. Sharma, O. Khan, N. Manchanda, Detection of ARP Spoofing: A
command line execution method, in: 2014 International Conference on
Computing for Sustainable Global Development (INDIACom), 2014, pp.
861–864. doi:10.1109/IndiaCom.2014.6828085.

[56] Y. Yang, K. McLaughlin, T. Littler, S. Sezer, E. G. Im, Z. Q. Yao,

B. Pranggono, H. F. Wang, Man-in-the-middle attack test-bed investi-
gating cyber-security vulnerabilities in Smart Grid SCADA systems, in:
International Conference on Sustainable Power Generation and Supply
(SUPERGEN 2012), 2012, pp. 1–8. doi:10.1049/cp.2012.1831.

[57] P. Yi, T. Zhu, Q. Zhang, Y. Wu, J. Li, A denial of service attack in

advanced metering infrastructure network, in: 2014 IEEE International
Conference on Communications (ICC), 2014, pp. 1029–1034. doi:10.
1109/ICC.2014.6883456.

[58] Y. Guo, C.-W. Ten, S. Hu, W. Weaver, Modeling Distributed Denial of

Service Attack in Advanced Metering Infrastructure, 2015. doi:10.1109/
ISGT.2015.7131828.

[59] C. Bekara, Security issues and challenges for the iot-based smart
grid, Procedia Computer Science 34 (2014) 532 – 537, the 9th
International Conference on Future Networks and Communica-
tions (FNC’14)/The 11th International Conference on Mobile Sys-
tems and Pervasive Computing (MobiSPC’14)/Affiliated Workshops.
doi:https://doi.org/10.1016/j.procs.2014.07.064.
URL http://www.sciencedirect.com/science/article/pii/
S1877050914009193

[60] E. Modiri Dovom, A. Azmoodeh, A. Dehghantanha, D. Ellis Newton,

R. Parizi, H. Karimipour, Fuzzy pattern tree for edge malware detection
and categorization in iot, Journal of Systems Architecture 97. doi:10.
1016/j.sysarc.2019.01.017.

34
[61] P. Eder-Neuhauser, T. Zseby, J. Fabini, Malware propagation in smart
grid networks: metrics, simulation and comparison of three malware
types, Journal of Computer Virology and Hacking Techniquesdoi:10.
1007/s11416-018-0325-y.

[62] P. Eder-Neuhauser, T. Zseby, J. Fabini, Malware propagation in smart

grid monocultures, e & i Elektrotechnik und Informationstechnik 135 (3)
(2018) 264–269. doi:10.1007/s00502-018-0616-5.
URL https://doi.org/10.1007/s00502-018-0616-5

[63] J. Tian, B. Wang, X. Li, Data-Driven and Low-Sparsity False Data Injec-
tion Attacks in Smart Grid, Security and Communication Networks 2018
(2018) 1–11. doi:10.1155/2018/8045909.
URL https://www.hindawi.com/journals/scn/2018/8045909/

[64] H. Karimipour, V. Dinavahi, On false data injection attack against dy-

namic state estimation on smart power grids, in: 2017 IEEE International
Conference on Smart Energy Grid Engineering (SEGE), 2017, pp. 388–
393. doi:10.1109/SEGE.2017.8052831.

[65] X. Liu, Z. Li, False data attack models, impact analyses and defense
strategies in the electricity grid, The Electricity Journal 30 (4) (2017)
35–42. doi:10.1016/j.tej.2017.04.001.
URL http://www.sciencedirect.com/science/article/pii/
S1040619017300684

[66] X. Liu, Z. Li, False Data Attacks Against AC State Estimation With
Incomplete Network Information, IEEE Trans. Smart Grid 8 (5). doi:
10.1109/TSG.2016.2521178.
URL http://ieeexplore.ieee.org/document/7401110/

[67] Y. Wang, M. M. Amin, J. Fu, H. B. Moussa, A Novel Data Analytical

Approach for False Data Injection Cyber-Physical Attack Mitigation in
Smart Grids, IEEE Access 5 (2017) 26022–26033. doi:10.1109/ACCESS.
2017.2769099.

35
[68] H. Zhong, D. Du, C. Li, X. Li, A Novel Sparse False Data Injection At-
tack Method in Smart Grids with Incomplete Power Network Information,
Complexity 2018 (2018) 8503825–8503825. doi:10.1155/2018/8503825.

[69] B. Wang, P. Zhu, Y. Chen, P. Xun, Z. Zhang, False Data Injection

Attack Based on Hyperplane Migration of Support Vector Machine in
Transmission Network of the Smart Grid, Symmetry 10 (5) (2018) 165.
doi:10.3390/sym10050165.
URL http://www.mdpi.com/2073-8994/10/5/165

[70] L. Lei, W. Yang, C. Yang, H. B. Shi, False data injection attack on

consensus-based distributed estimation: A TYPICAL ATTACK ON
CONSENSUS-BASED DISTRIBUTED ESTIMATION, Int. J. Robust.
Nonlinear Controldoi:10.1002/rnc.3645.
URL http://doi.wiley.com/10.1002/rnc.3645

[71] L. Che, X. Liu, Z. Li, Y. Wen, False Data Injection Attacks Induced
Sequential Outages in Power Systems, IEEE Trans. Power Syst. 34 (2)
(2019) 1513–1523. doi:10.1109/TPWRS.2018.2871345.
URL https://ieeexplore.ieee.org/document/8468098/

[72] J.-W. Kang, I.-Y. Joo, D.-H. Choi, False Data Injection Attacks on Con-
tingency Analysis: Attack Strategies and Impact Assessment, IEEE Ac-
cess 6 (2018) 8841–8851. doi:10.1109/ACCESS.2018.2801861.
URL http://ieeexplore.ieee.org/document/8281015/

[73] Y. Li, D. Shi, T. Chen, False Data Injection Attacks on Networked Control
Systems: A Stackelberg Game Analysis, IEEE Trans. Automat. Contr.
63 (10) (2018) 3503–3509. doi:10.1109/TAC.2018.2798817.
URL https://ieeexplore.ieee.org/document/8270717/

[74] B. Chai, Z. Yang, Impacts of unreliable communication and modified

regret matching based anti-jamming approach in smart microgrid, Ad
Hoc Networks 22 (2014) 69–82. doi:10.1016/j.adhoc.2014.05.011.

36
 URL http://www.sciencedirect.com/science/article/pii/
S1570870514001061

[75] Y. Liu, J. Ma, L. Song, Z. Han, Jamming Attack in Smart Grid with
Dynamic Gaming Theory, 2014.

[76] K. Gai, M. Qiu, Z. Ming, H. Zhao, L. Qiu, Spoofing-Jamming Attack

Strategy Using Optimal Power Distributions in Wireless Smart Grid
Networks, IEEE Transactions on Smart Grid 8 (5) (2017) 2431–2439.
doi:10.1109/TSG.2017.2664043.

[77] K. Tazi, F. Abdi, M. F. Abbou, Review on cyber-physical security of the

smart grid: Attacks and defense mechanisms, in: 2015 3rd International
Renewable and Sustainable Energy Conference (IRSEC), 2015, pp. 1–6.
doi:10.1109/IRSEC.2015.7455127.

[78] H. Mwiki, T. Dargahi, A. Dehghantanha, K.-K. R. Choo, Analysis

and Triage of Advanced Hacking Groups Targeting Western Countries
Critical National Infrastructure: APT28, RED October, and Regin,
in: D. Gritzalis, M. Theocharidou, G. Stergiopoulos (Eds.), Critical
Infrastructure Security and Resilience: Theories, Methods, Tools and
Technologies, Advanced Sciences and Technologies for Security Appli-
cations, Springer International Publishing, Cham, 2019, pp. 221–244.
doi:10.1007/978-3-030-00024-0_12.
URL https://doi.org/10.1007/978-3-030-00024-0_12

[79] Y. Kwon, H. K. Kim, K. M. Koumadi, Y. H. Lim, J. I. Lim, Automated

vulnerability analysis technique for smart grid infrastructure, in: 2017
IEEE Power Energy Society Innovative Smart Grid Technologies Confer-
ence (ISGT), 2017, pp. 1–5. doi:10.1109/ISGT.2017.8085965.

[80] P. Chopade, M. Bikdash, Modeling for survivability of Smart Power Grid

when subject to severe emergencies and vulnerability, in: 2012 Proceed-
ings of IEEE Southeastcon, 2012, pp. 1–6. doi:10.1109/SECon.2012.
6196924.

37
[81] H. Ying, Y. Zhang, L. Han, Y. Cheng, J. Li, X. Ji, W. Xu, Detect-
ing Buffer-Overflow Vulnerabilities in Smart Grid Devices via Automatic
Static Analysis, in: 2019 IEEE 3rd Information Technology, Networking,
Electronic and Automation Control Conference (ITNEC), 2019, pp. 813–
817. doi:10.1109/ITNEC.2019.8729362.

[82] G. Chen, J. Zhao, Z. Y. Dong, S. R. Weller, Complex network the-

ory based power grid vulnerability assessment from past to future, in:
9th IET International Conference on Advances in Power System Con-
trol, Operation and Management (APSCOM 2012), 2012, pp. 1–6. doi:
10.1049/cp.2012.2165.

[83] A. Srivastava, T. Morris, T. Ernster, C. Vellaithurai, S. Pan, U. Ad-

hikari, Modeling Cyber-Physical Vulnerability of the Smart Grid With
Incomplete Information, IEEE Transactions on Smart Grid 4 (1) (2013)
235–244. doi:10.1109/TSG.2012.2232318.

[84] Y. Zhu, J. Yan, Y. Sun, H. He, Revealing cascading failure vulnerability

in power grids using risk-graph, IEEE Transactions on Parallel and Dis-
tributed Systems 25 (12) (2014) 3274–3284. doi:10.1109/TPDS.2013.
2295814.

[85] S. Paul, Z. Ni, Vulnerability analysis for simultaneous attack in smart

grid security, in: 2017 IEEE Power Energy Society Innovative Smart
Grid Technologies Conference (ISGT), 2017, pp. 1–5. doi:10.1109/ISGT.
2017.8086078.

[86] V. Dehalwar, A. Kalam, M. L. Kolhe, A. Zayegh, Review of web-

based information security threats in smart grid, in: 2017 7th Interna-
tional Conference on Power Systems (ICPS), 2017, pp. 849–853. doi:
10.1109/ICPES.2017.8387407.

[87] Y. Zhu, J. Yan, Y. Tang, Y. L. Sun, H. He, Joint Substation-Transmission

Line Vulnerability Assessment Against the Smart Grid, IEEE Transac-

38
 tions on Information Forensics and Security 10 (5) (2015) 1010–1024.
doi:10.1109/TIFS.2015.2394240.

[88] P. Chopade, M. Bikdash, Structural and functional vulnerability anal-

ysis for survivability of Smart Grid and SCADA network under severe
emergencies and WMD attacks, in: 2013 IEEE International Confer-
ence on Technologies for Homeland Security (HST), 2013, pp. 99–105.
doi:10.1109/THS.2013.6698983.

[89] H. Karimipour, V. Dinavahi, Robust Massively Parallel Dynamic State

Estimation of Power Systems Against Cyber-Attack, IEEE Access 6. doi:
10.1109/ACCESS.2017.2786584.

[90] H. Karimipour, V. Dinavahi, Parallel domain decomposition based

distributed state estimation for large-scale power systems, in: 2015
IEEE/IAS 51st Industrial Commercial Power Systems Technical Confer-
ence (I CPS), 2015, pp. 1–5. doi:10.1109/ICPS.2015.7266420.

[91] H. Karimipour, V. Dinavahi, Extended Kalman Filter-Based Parallel Dy-

namic State Estimation, IEEE Transactions on Smart Grid 6 (3) (2015)
1539–1549. doi:10.1109/TSG.2014.2387169.

[92] Yilin Mo, T. H.-J. Kim, K. Brancik, D. Dickinson, Heejo Lee, A. Perrig,
B. Sinopoli, CyberPhysical Security of a Smart Grid Infrastructure, Proc.
IEEE 100 (1) (2012) 195–209. doi:10.1109/JPROC.2011.2161428.
URL http://ieeexplore.ieee.org/document/6016202/

[93] M. Esmalifalak, , R. Zheng, Z. Han, Detecting stealthy false data in-

jection using machine learning in smart grid, in: 2013 IEEE Global
Communications Conference (GLOBECOM), 2013, pp. 808–813. doi:
10.1109/GLOCOM.2013.6831172.

[94] M. Ozay, I. Esnaola, F. T. Yarman Vural, S. R. Kulkarni, H. V. Poor,

Machine learning methods for attack detection in the smart grid, IEEE

39
 Transactions on Neural Networks and Learning Systems 27 (8) (2016)
1773–1786. doi:10.1109/TNNLS.2015.2404803.

[95] J. Yan, B. Tang, H. He, Detection of false data attacks in smart grid
with supervised learning, in: 2016 International Joint Conference on Neu-
ral Networks (IJCNN), 2016, pp. 1395–1402. doi:10.1109/IJCNN.2016.
7727361.

[96] Y. Wang, M. M. Amin, J. Fu, H. B. Moussa, A novel data analytical

approach for false data injection cyber-physical attack mitigation in smart
grids, IEEE Access 5 (2017) 26022–26033. doi:10.1109/ACCESS.2017.
2769099.

[97] O. Kosut, L. Jia, R. J. Thomas, L. Tong, Malicious data attacks on the

smart grid, IEEE Transactions on Smart Grid 2 (4) (2011) 645–658. doi:
10.1109/TSG.2011.2163807.

[98] S. Li, Y. Ylmaz, X. Wang, Quickest detection of false data injection attack
in wide-area smart grids, IEEE Transactions on Smart Grid 6 (6) (2015)
2725–2735. doi:10.1109/TSG.2014.2374577.

[99] S. Pan, T. Morris, U. Adhikari, Developing a hybrid intrusion detection

system using data mining for power systems, IEEE Transactions on Smart
Grid 6 (6) (2015) 3104–3113. doi:10.1109/TSG.2015.2409775.

[100] E. Hossain, I. Khan, F. Un-Noor, S. Shazali Sikander, M. S. Sunny, Ap-

plication of big data and machine learning in smart grid, and associ-
ated security concerns: A review, IEEE Access PP (2019) 1–1. doi:
10.1109/ACCESS.2019.2894819.

[101] S. Mohammadi, H. Mirvaziri, M. Ghazizadeh-Ahsaee, H. Karimipour,

Cyber intrusion detection by combined feature selection algorithm,
Journal of Information Security and Applications 44 (2019) 80–88.
doi:10.1016/j.jisa.2018.11.007.

40
 URL http://www.sciencedirect.com/science/article/pii/
S2214212618304617

[102] S. Ahmed, Y. Lee, S. Hyun, I. Koo, Feature selection based detection of

covert cyber deception assaults in smart grid communications networks
using machine learning, IEEE Access 6 (2018) 27518–27529. doi:10.
1109/ACCESS.2018.2835527.

[103] L. Malina, G. Srivastava, P. Dzurenda, J. Hajny, R. Fujdiak, A secure

publish/subscribe protocol for internet of things, in: Proceedings of the
2019 14th International Conference on Availability, Reliability and Secu-
rity (ARES 2019), Canterbury, UK, 2019, pp. 26–29.

[104] A. D. Dwivedi, G. Srivastava, S. Dhar, R. Singh, A decentralized privacy-

preserving healthcare blockchain for iot, Sensors 19 (2) (2019) 326.

[105] A. R. Metke, R. L. Ekl, Security Technology for Smart Grid Networks,

IEEE Transactions on Smart Grid 1 (1) (2010) 99–107. doi:10.1109/
TSG.2010.2046347.

[106] A. D. Dwivedi, P. Morawiecki, G. Srivastava, Differential cryptanalysis of

round-reduced speck suitable for internet of things devices, IEEE Access
7 (2019) 16476–16486.

[107] A. D. Dwivedi, G. Srivastava, Differential cryptanalysis of round-reduced

lea, IEEE Access 6 (2018) 79105–79113.

[108] D. Wu, C. Zhou, Fault-Tolerant and Scalable Key Management for Smart
Grid, IEEE Transactions on Smart Grid 2 (2) (2011) 375–381. doi:10.
1109/TSG.2011.2120634.

[109] W. Leea, T. Chen, W. Sun, K. I. Ho, An S/Key-like One-Time Password

Authentication Scheme Using Smart Cards for Smart Meter, in: 2014
28th International Conference on Advanced Information Networking and
Applications Workshops, 2014, pp. 281–286. doi:10.1109/WAINA.2014.
78.

41
[110] H. Nicanfar, P. Jokar, V. C. M. Leung, Smart grid authentication and key
management for unicast and multicast communications, in: 2011 IEEE
PES Innovative Smart Grid Technologies, 2011, pp. 1–8. doi:10.1109/
ISGT-Asia.2011.6167151.

[111] K. Khanna, B. K. Panigrahi, A. Joshi, Feasibility and mitigation of

false data injection attacks in smart grid, in: 2016 IEEE 6th Inter-
national Conference on Power Systems (ICPS), 2016, pp. 1–6. doi:
10.1109/ICPES.2016.7584204.

[112] B. Li, R. Lu, G. Xiao, Z. Su, A. Ghorbani, PAMA: A Proactive Approach

to Mitigate False Data Injection Attacks in Smart Grids, in: 2018 IEEE
Global Communications Conference (GLOBECOM), 2018, pp. 1–6. doi:
10.1109/GLOCOM.2018.8647324.

[113] K. Sha, N. Alatrash, Z. Wang, A Secure and Efficient Framework to Read

Isolated Smart Grid Devices, IEEE Transactions on Smart Grid 8 (6)
(2017) 2519–2531. doi:10.1109/TSG.2016.2526045.

[114] C. Rottondi, M. Savi, D. Polenghi, G. Verticale, C. Krau, Implementation

of a protocol for secure distributed aggregation of smart metering data, in:
2012 International Conference on Smart Grid Technology, Economics and
Policies (SG-TEP), 2012, pp. 1–4. doi:10.1109/SG-TEP.2012.6642383.

[115] Y. Shovgenya, F. Skopik, K. Theuerkauf, On demand for situational

awareness for preventing attacks on the smart grid, in: 2015 International
Conference on Cyber Situational Awareness, Data Analytics and Assess-
ment (CyberSA), 2015, pp. 1–4. doi:10.1109/CyberSA.2015.7166133.

[116] M. Q. Ali, E. Al-Shaer, Q. Duan, Randomizing AMI configuration for

proactive defense in smart grid, in: 2013 IEEE International Conference
on Smart Grid Communications (SmartGridComm), 2013, pp. 618–623.
doi:10.1109/SmartGridComm.2013.6688027.

42
[117] P. Srikantha, D. Kundur, A DER Attack-Mitigation Differential Game
for Smart Grid Security Analysis, IEEE Transactions on Smart Grid 7 (3)
(2016) 1476–1485. doi:10.1109/TSG.2015.2466611.

[118] R. Hewett, S. Rudrapattana, P. Kijsanayothin, Smart Grid security: De-

riving informed decisions from cyber attack game analysis, in: 2014
IEEE International Conference on Smart Grid Communications (Smart-
GridComm), 2014, pp. 946–951. doi:10.1109/SmartGridComm.2014.
7007770.

[119] M. Ni, A. K. Srivastava, R. Bo, J. Yan, Design of A Game Theory Based

Defense System for Power System Cyber Security, in: 2017 IEEE 7th
Annual International Conference on CYBER Technology in Automation,
Control, and Intelligent Systems (CYBER), 2017, pp. 1049–1054. doi:
10.1109/CYBER.2017.8446449.

[120] M. H. Ranjbar, M. Kheradmandi, A. Pirayesh, A Linear Game Framework

for Defending Power Systems against Intelligent Physical Attacks, IEEE
Transactions on Smart Grid (2019) 1–1doi:10.1109/TSG.2019.2908083.

[121] X. Yang, X. He, J. Lin, W. Yu, Q. Yang, A Game-Theoretic

Model on Coalitional Attacks in Smart Grid, in: 2016 IEEE Trust-
com/BigDataSE/ISPA, 2016, pp. 435–442. doi:10.1109/TrustCom.
2016.0094.

[122] L. Wei, A. I. Sarwat, W. Saad, S. Biswas, Stochastic Games for Power Grid
Protection Against Coordinated Cyber-Physical Attacks, IEEE Trans-
actions on Smart Grid 9 (2) (2018) 684–694. doi:10.1109/TSG.2016.
2561266.

[123] M. Shange, J. Lin, X. Zhang, C. Xu, A game-theory analysis of the rat-

group attack in smart grids, in: 2014 IEEE Ninth International Confer-
ence on Intelligent Sensors, Sensor Networks and Information Processing
(ISSNIP), 2014, pp. 1–6. doi:10.1109/ISSNIP.2014.6827636.

43
[124] A. Sanjab, W. Saad, Data Injection Attacks on Smart Grids With Multiple
Adversaries: A Game-Theoretic Perspective, IEEE Transactions on Smart
Grid 7 (4) (2016) 2038–2049. doi:10.1109/TSG.2016.2550218.

[125] S. Rani, J. Vedika, V. M. Reddy, B. S. Rani, C. V. Reddy, Game Theory

based Defense Strategy against Denial of Service Attack using Puzzles,
2013.

[126] P. Srikantha, D. Kundur, Denial of service attacks and mitigation for

stability in cyber-enabled power grid, in: 2015 IEEE Power Energy Society
Innovative Smart Grid Technologies Conference (ISGT), 2015, pp. 1–5.
doi:10.1109/ISGT.2015.7131827.

[127] J. Ma, Y. Liu, L. Song, Z. Han, Multiact Dynamic Game Strategy for
Jamming Attack in Electricity Market, IEEE Transactions on Smart Grid
6 (5) (2015) 2273–2282. doi:10.1109/TSG.2015.2400215.

[128] C. Y. T. Ma, D. K. Y. Yau, X. Lou, N. S. V. Rao, Markov Game Analysis

for Attack-Defense of Power Networks Under Possible Misinformation,
IEEE Transactions on Power Systems 28 (2) (2013) 1676–1686. doi:
10.1109/TPWRS.2012.2226480.

[129] K. Wang, M. Du, S. Maharjan, Y. Sun, Strategic Honeypot Game Model

for Distributed Denial of Service Attacks in the Smart Grid, IEEE Trans-
actions on Smart Grid 8 (5) (2017) 2474–2482. doi:10.1109/TSG.2017.
2670144.

[130] D. Mashima, B. Chen, P. Gunathilaka, E. L. Tjiong, Towards a grid-wide,

high-fidelity electrical substation honeynet, in: 2017 IEEE International
Conference on Smart Grid Communications (SmartGridComm), 2017, pp.
89–95. doi:10.1109/SmartGridComm.2017.8340689.

[131] J. Hastings, D. M. Laverty, D. J. Morrow, Tracking smart grid hackers,

in: 2014 49th International Universities Power Engineering Conference
(UPEC), 2014, pp. 1–5. doi:10.1109/UPEC.2014.6934754.

44
[132] O. Vukovic, K. C. Sou, G. Dan, H. Sandberg, Network-Aware Mitiga-
tion of Data Integrity Attacks on Power System State Estimation, IEEE
Journal on Selected Areas in Communications 30 (6) (2012) 1108–1118.
doi:10.1109/JSAC.2012.120709.

[133] A. Delgadillo, J. M. Arroyo, N. Alguacil, Analysis of Electric Grid Inter-

diction With Line Switching, IEEE Transactions on Power Systems 25 (2)
(2010) 633–641. doi:10.1109/TPWRS.2009.2032232.

[134] J. M. Arroyo, F. J. Fernandez, A Genetic Algorithm Approach for the

Analysis of Electric Grid Interdiction with Line Switching, in: 2009 15th
International Conference on Intelligent System Applications to Power Sys-
tems, 2009, pp. 1–6. doi:10.1109/ISAP.2009.5352849.

[135] Y. Yao, T. Edmunds, D. Papageorgiou, R. Alvarez, Trilevel Optimization

in Power Network Defense, IEEE Transactions on Systems, Man, and
Cybernetics, Part C (Applications and Reviews) 37 (4) (2007) 712–718.
doi:10.1109/TSMCC.2007.897487.

45