Ontology-Based Security Context Reasoning for Power IoT-Cloud Security Service

Abstract

For a variety of cyber-attacks occurring in a power IoT-Cloud environment, conventional security intrusion incident detection and response technologies typically use pattern- and behavior-based statistical methods. However, they cannot provide fundamental solutions for a security intrusion or attacks, which are becoming more intelligent and diverse as time passes. Therefore, an effective response method that can respond to security intrusions intelligently while using an access control technique based on ontology reasoning is required. This can be achieved by adopting a variety of intelligent reasoning technologies for security intrusion incidents of power systems, such as various reasoning technologies based on the ontology and semantic-web technologies being actively studied in the field of intelligent systems, and malicious code detection technologies based on an intelligent access control model, text mining, and natural language processing technologies. Accordingly, a security context ontology was modeled by analyzing the security vulnerabilities of a power system in a power IoT-Cloud environment, and security context inference rules were defined. Furthermore, this paper presents an appropriate power IoT-Cloud security service framework that can be used in a power IoT-Cloud environment. In addition, a security mechanism that can be efficiently operated in such an environment is implemented. In experiments conducted for this application, attack context scenarios that commonly occur were created using a smart meter as an example, which is an essential power system device. Inference rules were then composed for each attack stage to check the paths of attacks those that exploit the vulnerability of a smart meter system. As a result, it was confirmed that a high level attack detection results can be obtained based on the inference rules.