Attack surface analysis and mitigation for near-field communication networks and devices in smart grids
With growing demand and increasing concern for energy sustainability, smart grids (SGs) have emerged as a promising solution by integrating information and communication technologies to enhance the efficiency, reliability, and flexibility of power systems. While SGs enable real-time monitoring, they...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Elsevier
2025-09-01
|
| Series: | Array |
| Subjects: | |
| Online Access: | http://www.sciencedirect.com/science/article/pii/S2590005625000748 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849405039363227648 |
|---|---|
| author | Jing Guo Zhimin Gu Haitao Jiang Yan Li Daohua Zhu |
| author_facet | Jing Guo Zhimin Gu Haitao Jiang Yan Li Daohua Zhu |
| author_sort | Jing Guo |
| collection | DOAJ |
| description | With growing demand and increasing concern for energy sustainability, smart grids (SGs) have emerged as a promising solution by integrating information and communication technologies to enhance the efficiency, reliability, and flexibility of power systems. While SGs enable real-time monitoring, they also introduce new security risks, particularly for endpoint and edge devices such as smart meters and inverters. Although earlier attacks primarily targeted centralized systems, recent studies have highlighted vulnerabilities on the consumer side, especially in the context of MadIoT-style attacks (MadIoT, short for Manipulation of Demand via IoT, refers to a class of coordinated attacks exploiting high-wattage IoT devices to destabilize power grids). This paper analyzes the attack surfaces of near-field communication network (NFN) protocols and devices within SGs, with a focus on widely adopted public protocols. We propose mitigation strategies to address these risks, including a reverse engineering-based edge device firmware emulation and execution method, a large language model-based protocol analysis approach, and a fuzzing-based malicious behavior simulation technique in a NFN. In our experiments, the proposed AFL-Netzob framework discovered 6 vulnerabilities across 3 firmware samples and achieved up to a 2× improvement in fuzzing efficiency compared to Boofuzz. These results demonstrate the practical effectiveness and general applicability of our framework in real-world smart grid scenarios. |
| format | Article |
| id | doaj-art-2f373858fb0f4201bb24ee8f227974ce |
| institution | Kabale University |
| issn | 2590-0056 |
| language | English |
| publishDate | 2025-09-01 |
| publisher | Elsevier |
| record_format | Article |
| series | Array |
| spelling | doaj-art-2f373858fb0f4201bb24ee8f227974ce2025-08-20T03:36:47ZengElsevierArray2590-00562025-09-012710044710.1016/j.array.2025.100447Attack surface analysis and mitigation for near-field communication networks and devices in smart gridsJing Guo0Zhimin Gu1Haitao Jiang2Yan Li3Daohua Zhu4Corresponding author.; State Grid Jiangsu Electric Power Co., Ltd. Research Institute, Nanjing, ChinaState Grid Jiangsu Electric Power Co., Ltd. Research Institute, Nanjing, ChinaState Grid Jiangsu Electric Power Co., Ltd. Research Institute, Nanjing, ChinaState Grid Jiangsu Electric Power Co., Ltd. Research Institute, Nanjing, ChinaState Grid Jiangsu Electric Power Co., Ltd. Research Institute, Nanjing, ChinaWith growing demand and increasing concern for energy sustainability, smart grids (SGs) have emerged as a promising solution by integrating information and communication technologies to enhance the efficiency, reliability, and flexibility of power systems. While SGs enable real-time monitoring, they also introduce new security risks, particularly for endpoint and edge devices such as smart meters and inverters. Although earlier attacks primarily targeted centralized systems, recent studies have highlighted vulnerabilities on the consumer side, especially in the context of MadIoT-style attacks (MadIoT, short for Manipulation of Demand via IoT, refers to a class of coordinated attacks exploiting high-wattage IoT devices to destabilize power grids). This paper analyzes the attack surfaces of near-field communication network (NFN) protocols and devices within SGs, with a focus on widely adopted public protocols. We propose mitigation strategies to address these risks, including a reverse engineering-based edge device firmware emulation and execution method, a large language model-based protocol analysis approach, and a fuzzing-based malicious behavior simulation technique in a NFN. In our experiments, the proposed AFL-Netzob framework discovered 6 vulnerabilities across 3 firmware samples and achieved up to a 2× improvement in fuzzing efficiency compared to Boofuzz. These results demonstrate the practical effectiveness and general applicability of our framework in real-world smart grid scenarios.http://www.sciencedirect.com/science/article/pii/S2590005625000748Smart gridEdge devicesAttack surface analysisNetwork protocolCommunication network |
| spellingShingle | Jing Guo Zhimin Gu Haitao Jiang Yan Li Daohua Zhu Attack surface analysis and mitigation for near-field communication networks and devices in smart grids Array Smart grid Edge devices Attack surface analysis Network protocol Communication network |
| title | Attack surface analysis and mitigation for near-field communication networks and devices in smart grids |
| title_full | Attack surface analysis and mitigation for near-field communication networks and devices in smart grids |
| title_fullStr | Attack surface analysis and mitigation for near-field communication networks and devices in smart grids |
| title_full_unstemmed | Attack surface analysis and mitigation for near-field communication networks and devices in smart grids |
| title_short | Attack surface analysis and mitigation for near-field communication networks and devices in smart grids |
| title_sort | attack surface analysis and mitigation for near field communication networks and devices in smart grids |
| topic | Smart grid Edge devices Attack surface analysis Network protocol Communication network |
| url | http://www.sciencedirect.com/science/article/pii/S2590005625000748 |
| work_keys_str_mv | AT jingguo attacksurfaceanalysisandmitigationfornearfieldcommunicationnetworksanddevicesinsmartgrids AT zhimingu attacksurfaceanalysisandmitigationfornearfieldcommunicationnetworksanddevicesinsmartgrids AT haitaojiang attacksurfaceanalysisandmitigationfornearfieldcommunicationnetworksanddevicesinsmartgrids AT yanli attacksurfaceanalysisandmitigationfornearfieldcommunicationnetworksanddevicesinsmartgrids AT daohuazhu attacksurfaceanalysisandmitigationfornearfieldcommunicationnetworksanddevicesinsmartgrids |