BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid

Authors: 

Saleh Soltan, Prateek Mittal, and H. Vincent Poor, Princeton University

Abstract: 

We demonstrate that an Internet of Things (IoT) botnet of high wattage devices–such as air conditioners and heaters–gives a unique ability to adversaries to launch large-scale coordinated attacks on the power grid. In particular, we reveal a new class of potential attacks on power grids called the Manipulation of demand via IoT (MadIoT) attacks that can leverage such a botnet in order to manipulate the power demand in the grid. We study five variations of the MadIoT attacks and evaluate their effectiveness via state-of-the-art simulators on real-world power grid models. These simulation results demonstrate that the MadIoT attacks can result in local power outages and in the worst cases, large-scale blackouts. Moreover, we show that these attacks can rather be used to increase the operating cost of the grid to benefit a few utilities in the electricity market. This work sheds light upon the interdependency between the vulnerability of the IoT and that of the other networks such as the power grid whose security requires attention from both the systems security and power engineering communities.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {217539,
author = {Saleh Soltan and Prateek Mittal and H. Vincent Poor},
title = {{BlackIoT}: {IoT} Botnet of High Wattage Devices Can Disrupt the Power Grid},
booktitle = {27th USENIX Security Symposium (USENIX Security 18)},
year = {2018},
isbn = {978-1-939133-04-5},
address = {Baltimore, MD},
pages = {15--32},
url = {https://www.usenix.org/conference/usenixsecurity18/presentation/soltan},
publisher = {USENIX Association},
month = aug
}

Presentation Video 

Presentation Audio