The penetration of distributed generators into the power distribution grid requires real-time control of the grid by monitoring the state of the power distribution grid. Such a large-scale monitoring cannot be performed by using traditional Supervisory Control and Data Acquisition (SCADA) systems due to its lack of the scalability. To address this issue, contemporary Wide Area Measurement Systems (WAMS) are deployed, which provide the dynamic snapshots of the power system. However, WAMS’s more open structure versus SCADA poses a risk of WAMS being vulnerable to cyberattacks. In particular, due to high responsiveness and availability requirements of WAMS applications, attacks i.e., Denial-of-Service (DoS) and Distributed DoS (DDoS) are of primary concern for WAMS.

In this paper, we focus on internal DoS/DDoS attacks launched against the WAMS devices by exploiting the vulnerabilities. To counter such attacks, we propose a proactive and robust extension of the Multipath-TCP (MPTCP) transportation protocol, termed as MPTCP-H. The proposed extension mitigates the internal attacks by using a novel stream hopping mechanism, which periodically renews the subflows to hide the open port numbers of the connection. By doing so, MPTCP-H significantly increases the attacker’s cost for a successful attack without perturbing the WAMS data traffic. The experimental results show that the proposed MPTCP-H provides a significant DoS/DDoS attack mitigation for WAMS at the expense of reasonable overheads, i.e., additional latency and message.

分布式发电机渗透到配电网中需要通过监视配电网的状态来实时控制电网。由于缺乏可伸缩性，因此无法通过使用传统的监督和数据采集（SCADA）系统执行这种大规模监视。为了解决此问题，已部署了当代的广域测量系统（WAMS），该系统提供了电源系统的动态快照。但是，WAMS与SCADA相比更加开放的结构构成WAMS容易受到网络攻击的风险。尤其是，由于WAMS应用程序对响应性和可用性的要求很高，因此攻击（即拒绝服务（DoS）和分布式DoS（DDoS））是WAMS的主要关注点。

在本文中，我们重点研究利用漏洞对WAMS设备发起的内部DoS / DDoS攻击。为了应对此类攻击，我们提出了一种主动且强大的扩展，称为MPTCP-H的多路径TCP（MPTCP）传输协议。拟议的扩展通过使用新颖的流跳跃机制减轻了内部攻击，该机制会定期更新子流以隐藏连接的开放端口号。这样，MPTCP-H会大大增加攻击者成功进行攻击的成本，而不会影响WAMS数据流量。实验结果表明，所提出的MPTCP-H以合理的开销（即额外的等待时间和消息）为代价，为WAMS提供了显着的DoS / DDoS攻击缓解。