摘要 |
Any system with an interface may be attacked by a bad actor. If that interface is exposed to a network, the bad actor may launch a remote attack or cause other systems to attack the system. Many attacks exploit vulnerabilities that are unknown to the system operators (e.g., zero-day attacks). Power grid components, such as electricity meters, are increasingly networked and, therefore, increasingly attacked. By determining a pattern of behavior for a meter and then looking for a variation of the pattern, an attack may be identified. Once an attack is discovered, countermeasures may be launched to restore the system to normal operations, harden the system against future attack, and/or retaliate against the attacker. |