{"id":"https://openalex.org/W4312295755","doi":"https://doi.org/10.1109/tsg.2022.3216726","title":"Accurate Automata-Based Detection of Cyber Threats in Smart Grid Communication","display_name":"Accurate Automata-Based Detection of Cyber Threats in Smart Grid Communication","publication_year":2022,"publication_date":"2022-11-03","ids":{"openalex":"https://openalex.org/W4312295755","doi":"https://doi.org/10.1109/tsg.2022.3216726"},"language":"en","primary_location":{"id":"doi:10.1109/tsg.2022.3216726","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsg.2022.3216726","pdf_url":null,"source":{"id":"https://openalex.org/S59604973","display_name":"IEEE Transactions on Smart Grid","issn_l":"1949-3053","issn":["1949-3053","1949-3061"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Smart Grid","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5030524096","display_name":"Vojt\u011bch Havlena","orcid":"https://orcid.org/0000-0003-4375-7954"},"institutions":[{"id":"https://openalex.org/I60587646","display_name":"Brno University of Technology","ror":"https://ror.org/03613d656","country_code":"CZ","type":"education","lineage":["https://openalex.org/I60587646"]}],"countries":["CZ"],"is_corresponding":true,"raw_author_name":"Vojt\u011bch Havlena","raw_affiliation_strings":["Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic","institution_ids":["https://openalex.org/I60587646"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5003268701","display_name":"Petr Matou\u0161ek","orcid":"https://orcid.org/0000-0003-4589-2041"},"institutions":[{"id":"https://openalex.org/I60587646","display_name":"Brno University of Technology","ror":"https://ror.org/03613d656","country_code":"CZ","type":"education","lineage":["https://openalex.org/I60587646"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Petr Matou\u0161ek","raw_affiliation_strings":["Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic","institution_ids":["https://openalex.org/I60587646"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5001527809","display_name":"Ond\u0159ej Ry\u0161av\u00fd","orcid":"https://orcid.org/0000-0001-9652-6418"},"institutions":[{"id":"https://openalex.org/I60587646","display_name":"Brno University of Technology","ror":"https://ror.org/03613d656","country_code":"CZ","type":"education","lineage":["https://openalex.org/I60587646"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Ond\u0159ej Ry\u0161av\u00fd","raw_affiliation_strings":["Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic","institution_ids":["https://openalex.org/I60587646"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5059358773","display_name":"Luk\u00e1\u0161 Hol\u00edk","orcid":"https://orcid.org/0000-0001-6957-1651"},"institutions":[{"id":"https://openalex.org/I60587646","display_name":"Brno University of Technology","ror":"https://ror.org/03613d656","country_code":"CZ","type":"education","lineage":["https://openalex.org/I60587646"]}],"countries":["CZ"],"is_corresponding":false,"raw_author_name":"Luk\u00e1\u0161 Hol\u00edk","raw_affiliation_strings":["Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic"],"affiliations":[{"raw_affiliation_string":"Faculty of Information Technology, Brno University of Technology, Brno, Czech Republic","institution_ids":["https://openalex.org/I60587646"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5030524096"],"corresponding_institution_ids":["https://openalex.org/I60587646"],"apc_list":null,"apc_paid":null,"fwci":2.0485,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.8664563,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":"14","issue":"3","first_page":"2352","last_page":"2366"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13429","display_name":"Electricity Theft Detection Techniques","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7085305452346802},{"id":"https://openalex.org/keywords/intrusion-detection-system","display_name":"Intrusion detection system","score":0.6101547479629517},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5866625308990479},{"id":"https://openalex.org/keywords/probabilistic-logic","display_name":"Probabilistic logic","score":0.5344917178153992},{"id":"https://openalex.org/keywords/automaton","display_name":"Automaton","score":0.5039259791374207},{"id":"https://openalex.org/keywords/industrial-control-system","display_name":"Industrial control system","score":0.48930642008781433},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.48839110136032104},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.47663912177085876},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.47365081310272217},{"id":"https://openalex.org/keywords/filter","display_name":"Filter (signal processing)","score":0.4203365445137024},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.4125719964504242},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.4043145179748535},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.39369457960128784},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.38460829854011536},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.2064940333366394},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.20634251832962036},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.16969120502471924},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.1342344582080841}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7085305452346802},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.6101547479629517},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5866625308990479},{"id":"https://openalex.org/C49937458","wikidata":"https://www.wikidata.org/wiki/Q2599292","display_name":"Probabilistic logic","level":2,"score":0.5344917178153992},{"id":"https://openalex.org/C112505250","wikidata":"https://www.wikidata.org/wiki/Q787116","display_name":"Automaton","level":2,"score":0.5039259791374207},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.48930642008781433},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.48839110136032104},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.47663912177085876},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.47365081310272217},{"id":"https://openalex.org/C106131492","wikidata":"https://www.wikidata.org/wiki/Q3072260","display_name":"Filter (signal processing)","level":2,"score":0.4203365445137024},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.4125719964504242},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.4043145179748535},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39369457960128784},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.38460829854011536},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.2064940333366394},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.20634251832962036},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.16969120502471924},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.1342344582080841},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C31972630","wikidata":"https://www.wikidata.org/wiki/Q844240","display_name":"Computer vision","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tsg.2022.3216726","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsg.2022.3216726","pdf_url":null,"source":{"id":"https://openalex.org/S59604973","display_name":"IEEE Transactions on Smart Grid","issn_l":"1949-3053","issn":["1949-3053","1949-3061"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Smart Grid","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.6700000166893005}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":37,"referenced_works":["https://openalex.org/W38765094","https://openalex.org/W1579904204","https://openalex.org/W2021702566","https://openalex.org/W2035095458","https://openalex.org/W2035379194","https://openalex.org/W2084724474","https://openalex.org/W2089944128","https://openalex.org/W2111404412","https://openalex.org/W2121972959","https://openalex.org/W2122092249","https://openalex.org/W2161592722","https://openalex.org/W2202791206","https://openalex.org/W2328639092","https://openalex.org/W2549981724","https://openalex.org/W2590845164","https://openalex.org/W2619874920","https://openalex.org/W2776990447","https://openalex.org/W2804019764","https://openalex.org/W2890189996","https://openalex.org/W2937619061","https://openalex.org/W2977219614","https://openalex.org/W2984195658","https://openalex.org/W3024669438","https://openalex.org/W3035172199","https://openalex.org/W3164234844","https://openalex.org/W3164266835","https://openalex.org/W3181614810","https://openalex.org/W3182007606","https://openalex.org/W3186345182","https://openalex.org/W3202078809","https://openalex.org/W4200331296","https://openalex.org/W4210411892","https://openalex.org/W4210698069","https://openalex.org/W4241372395","https://openalex.org/W4285092692","https://openalex.org/W4285384943","https://openalex.org/W6754870966"],"related_works":["https://openalex.org/W2620598574","https://openalex.org/W1521770704","https://openalex.org/W2921689861","https://openalex.org/W3191984229","https://openalex.org/W2782351397","https://openalex.org/W2118020642","https://openalex.org/W4213196493","https://openalex.org/W2770763359","https://openalex.org/W2975700779","https://openalex.org/W4246310838"],"abstract_inverted_index":{"Several":[0],"industry":[1],"sectors,":[2],"including":[3],"critical":[4],"infrastructure,":[5],"have":[6],"experienced":[7],"severe":[8],"cyber":[9],"attacks":[10],"against":[11],"their":[12],"Industrial":[13],"Control":[14],"Systems":[15,46,59],"(ICS)":[16],"due":[17],"to":[18,39,121],"the":[19,88,92,113,119,127,141,144],"malware":[20],"that":[21,86,158],"masqueraded":[22],"itself":[23],"as":[24],"a":[25,76,104,123,156],"legitimate":[26],"ICS":[27,33,72,93,100,128,133,183],"process":[28],"and":[29,148],"communicated":[30],"with":[31],"valid":[32],"messages.":[34,73,134],"Such":[35],"behavior":[36],"is":[37,166,173],"difficult":[38],"detect":[40],"by":[41,131],"standard":[42],"techniques.":[43],"Intrusion":[44],"Detection":[45,58],"(IDS)":[47],"usually":[48],"filter":[49],"illegitimate":[50],"communication":[51,180],"using":[52,103],"pre-defined":[53],"patterns":[54],"while":[55],"statistical-based":[56],"Anomaly":[57],"(ADS)":[60],"mostly":[61],"observe":[62],"selected":[63],"attributes":[64],"of":[65,71,91,106,143],"transmitted":[66],"packets":[67],"without":[68],"deeper":[69],"analysis":[70],"We":[74,153],"propose":[75],"new":[77],"detection":[78,114,146],"approach":[79,172],"based":[80],"on":[81,175],"Deterministic":[82],"Probabilistic":[83],"Automata":[84],"(DPAs)":[85],"capture":[87],"intended":[89],"semantics":[90],"message":[94,101],"exchange.":[95],"The":[96,171],"method":[97,147],"models":[98],"normal":[99],"sequences":[102],"set":[105],"DPAs":[107],"representing":[108],"expected":[109],"traffic":[110,129],"patterns.":[111],"Then":[112],"system":[115],"applies":[116],"reasoning":[117],"about":[118,162],"model":[120],"reveal":[122],"malicious":[124],"activity":[125],"in":[126],"expressed":[130],"unexpected":[132],"In":[135],"this":[136],"paper,":[137],"we":[138],"significantly":[139],"improve":[140],"performance":[142],"automata-based":[145],"reduce":[149],"its":[150],"false-positive":[151],"rate.":[152],"also":[154],"present":[155],"technique":[157],"produces":[159],"additional":[160],"details":[161],"detected":[163],"anomalies,":[164],"which":[165],"important":[167],"for":[168],"real-world":[169],"deployment.":[170],"demonstrated":[174],"IEC":[176],"104":[177],"or":[178],"MMS":[179],"from":[181],"different":[182],"systems.":[184]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}