False data injection attacks and the insider threat in smart systems

Gonen S., SAYAN H. H., YILMAZ E. N., Ustunsoy F., Karacayilmaz G.

COMPUTERS & SECURITY, vol.97, 2020 (SCI-Expanded) identifier identifier

  • Publication Type: Article / Article
  • Volume: 97
  • Publication Date: 2020
  • Doi Number: 10.1016/j.cose.2020.101955
  • Journal Name: COMPUTERS & SECURITY
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus, PASCAL, ABI/INFORM, Aerospace Database, Applied Science & Technology Source, Business Source Elite, Business Source Premier, Communication Abstracts, Compendex, Computer & Applied Sciences, Criminal Justice Abstracts, INSPEC, Metadex, Civil Engineering Abstracts
  • Keywords: Cyber security, Industrial control systems, PLC security, FDI, Data manipulation, INFORMATION
  • Gazi University Affiliated: Yes


Smart networks and smart city systems, which are increasing in use with new approaches every day, are now in the investment plan of each state. At many points, these two concepts combine. Industrial Control Systems (ICS), which constitute the infrastructure of these systems, have opened to external networks due to the requirements of the era. Once smart grids are integrated with smart cities, ICS left its isolated structure. This process has emerged more security vulnerabilities. In this study, False Data Injection (FDI) attack was carried out to change the memory address values of Programmable Logic Controller (PLC)s which is an important component of ICS. Initially, the feasibility of the attack was examined. Thereafter, in the event of an attack, the effect on the systems was revealed. Eventually, important software and hardware solution suggestions to prevent the attack are mentioned. Thus, in the possible cyber attacks that may occur, it is aimed to recover critical systems with minimum damage and make them to be operational as soon as possible. It is considered that this study will make important contributions to other studies regarding ICS security. (c) 2020 Elsevier Ltd. All rights reserved.