Greenberg News

    Green Futures: Innovate, Sustain, Thrive

    Electronics, Vol. 14, Pages 2725: Domain Knowledge-Driven Method for Threat Source Detection and Localization in the Power Internet of Things

    Greenberg     July 7, 2025 in News - 2 Minutes


    Electronics, Vol. 14, Pages 2725: Domain Knowledge-Driven Method for Threat Source Detection and Localization in the Power Internet of Things

    Electronics doi: 10.3390/electronics14132725

    Authors:
    Zhimin Gu
    Jing Guo
    Jiangtao Xu
    Yunxiao Sun
    Wei Liang

    Although the Power Internet of Things (PIoT) significantly improves operational efficiency by enabling real-time monitoring, intelligent control, and predictive maintenance across the grid, its inherently open and deeply interconnected cyber-physical architecture concurrently introduces increasingly complex and severe security threats. Existing IoT security solutions are not fully adapted to the specific requirements of power systems, such as safety-critical reliability, protocol heterogeneity, physical/electrical context awareness, and the incorporation of domain-specific operational knowledge unique to the power sector. These limitations often lead to high false positives (flagging normal operations as malicious) and false negatives (failing to detect actual intrusions), ultimately compromising system stability and security response. To address these challenges, we propose a domain knowledge-driven threat source detection and localization method for the PIoT. The proposed method combines multi-source features—including electrical-layer measurements, network-layer metrics, and behavioral-layer logs—into a unified representation through a multi-level PIoT feature engineering framework. Building on advances in multimodal data integration and feature fusion, our framework employs a hybrid neural architecture combining the TabTransformer to model structured physical and network-layer features with BiLSTM to capture temporal dependencies in behavioral log sequences. This design enables comprehensive threat detection while supporting interpretable and fine-grained source localization. Experiments on a real-world Power Internet of Things (PIoT) dataset demonstrate that the proposed method achieves high detection accuracy and enables the actionable attribution of attack stages aligned with the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework. The proposed approach offers a scalable and domain-adaptable foundation for security analytics in cyber-physical power systems.



    Source link

    Zhimin Gu www.mdpi.com

    Related Posts

    Greenpeace: Governments are not powerless in the face of deep sea miners colluding with Trump
    July 7, 2025
    Dietetics, Vol. 4, Pages 28: Rating One’s Diet Quality: Qualitative Study Results
    July 7, 2025
    How climate change is worsening extreme heat
    July 7, 2025

    Greenberg

    Learn More →
    This website uses cookies to improve user experience. By continuing to use the site, you consent to the use of cookies.