{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T04:03:37Z","timestamp":1750133017117,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":58,"publisher":"ACM","funder":[{"name":"Cyber Security Cooperative Research Centre","award":["C11-00306"],"award-info":[{"award-number":["C11-00306"]}]},{"name":"CSIRO's Critical Infrastructure Protection and Resilience Mission","award":["R-20215"],"award-info":[{"award-number":["R-20215"]}]},{"DOI":"10.13039\/501100009318","name":"Helmholtz Association","doi-asserted-by":"publisher","award":["37.12.01 and 46.23.02"],"award-info":[{"award-number":["37.12.01 and 46.23.02"]}],"id":[{"id":"10.13039\/501100009318","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,17]]},"DOI":"10.1145\/3679240.3734653","type":"proceedings-article","created":{"date-parts":[[2025,6,16]],"date-time":"2025-06-16T13:13:42Z","timestamp":1750079622000},"page":"838-845","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Advanced Persistent Threats on Consumer Energy Resources in Decentralized Energy Systems"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8231-4331","authenticated-orcid":false,"given":"Kaibin","family":"Bao","sequence":"first","affiliation":[{"name":"KIT, Karlsruhe, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0362-2844","authenticated-orcid":false,"given":"Sid Chi-Kin","family":"Chau","sequence":"additional","affiliation":[{"name":"CSIRO Data61, Sydney, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1137-1782","authenticated-orcid":false,"given":"Ghada","family":"Elbez","sequence":"additional","affiliation":[{"name":"KIT, Karlsruhe, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9334-953X","authenticated-orcid":false,"given":"Qi","family":"Liu","sequence":"additional","affiliation":[{"name":"KIT, Karlsruhe, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3572-9083","authenticated-orcid":false,"given":"Veit","family":"Hagenmeyer","sequence":"additional","affiliation":[{"name":"KIT, Karlsruhe, Germany"}]}],"member":"320","published-online":{"date-parts":[[2025,6,16]]},"reference":[{"key":"e_1_3_3_1_2_2","doi-asserted-by":"crossref","unstructured":"Samrat Acharya Yury Dvorkin and Ramesh Karri. 2020. Public Plug-in Electric Vehicles + Grid Data: Is a New Cyberattack Vector Viable? IEEE Transactions on Smart Grid 11 6 (2020) 5099 \u2013 5113.","DOI":"10.1109\/TSG.2020.2994177"},{"key":"e_1_3_3_1_3_2","unstructured":"OpenADR Alliance. 2025. OpenADR 3.0. https:\/\/www.openadr.org. [Online; accessed 19-Mar-2025]."},{"key":"e_1_3_3_1_4_2","first-page":"1093","volume-title":"26th USENIX Security Symposium (USENIX Security 17)","author":"Antonakakis Manos","year":"2017","unstructured":"Manos Antonakakis, Tim April, Michael Bailey, Matt Bernhard, Elie Bursztein, Jaime Cochran, Zakir Durumeric, J.\u00a0Alex Halderman, Luca Invernizzi, Michalis Kallitsis, Deepak Kumar, Chaz Lever, Zane Ma, Joshua Mason, Damian Menscher, Chad Seaman, Nick Sullivan, Kurt Thomas, and Yi Zhou. 2017. Understanding the Mirai Botnet. In 26th USENIX Security Symposium (USENIX Security 17). USENIX Association, Vancouver, BC, 1093\u20131110. https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/antonakakis"},{"key":"e_1_3_3_1_5_2","unstructured":"Australia. 2017. Peak Demand and Energy Forecasts. Weather 22 (2017) 4."},{"key":"e_1_3_3_1_6_2","doi-asserted-by":"publisher","DOI":"10.1049\/cp.2018.0030"},{"key":"e_1_3_3_1_7_2","doi-asserted-by":"publisher","unstructured":"Elisa Bertino and Nayeem Islam. 2017. Botnets and Internet of Things Security. Computer 50 2 (2017) 76\u201379. 10.1109\/MC.2017.62","DOI":"10.1109\/MC.2017.62"},{"key":"e_1_3_3_1_8_2","volume-title":"Many SCADA Mobile Apps Lack Security by Design","author":"Bjorlin Courtney","year":"2018","unstructured":"Courtney Bjorlin. 2018. Many SCADA Mobile Apps Lack Security by Design. https:\/\/www.iotworldtoday.com\/security\/many-scada-mobile-apps-lack-security-by-design [Online; accessed 26-Mar-2025]."},{"key":"e_1_3_3_1_9_2","volume-title":"WHEN THE LIGHTS WENT OUT","author":"Hamilton Booz Allen","unstructured":"Booz Allen Hamilton. [n. d.]. WHEN THE LIGHTS WENT OUT. https:\/\/www.boozallen.com\/content\/dam\/boozallen\/documents\/2016\/09\/ukraine-report-when-the-lights-went-out.pdf Accessed: June 2024."},{"key":"e_1_3_3_1_10_2","doi-asserted-by":"publisher","unstructured":"Peter Broklyn Ralph Shad and Axel Egon. 2024. The Evolving Thread Landscape Pf Ai-Powered Cyberattacks:A Multi-Faceted Approach to Defense And Mitigate. 10.2139\/ssrn.4904878","DOI":"10.2139\/ssrn.4904878"},{"key":"e_1_3_3_1_11_2","volume-title":"WIN32\/INDUSTROYER: A new threat for industrial control systems","author":"Cherepanov Anton","unstructured":"Anton Cherepanov. [n. d.]. WIN32\/INDUSTROYER: A new threat for industrial control systems. https:\/\/web-assets.esetstatic.com\/wls\/2017\/06\/Win32_Industroyer.pdf Accessed: June 2024."},{"key":"e_1_3_3_1_12_2","volume-title":"Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors","year":"2018","unstructured":"CISA. 2018. Advanced Persistent Threat Activity Targeting Energy and Other Critical Infrastructure Sectors. https:\/\/www.cisa.gov\/news-events\/alerts\/2017\/10\/20\/advanced-persistent-threat-activity-targeting-energy-and-other-critical-infrastructure-sectors Accessed: March 2025."},{"key":"e_1_3_3_1_13_2","volume-title":"Israel concealed explosives inside batteries of pagers sold to Hezbollah, Lebanese officials say","year":"2024","unstructured":"CNN. 2024. Israel concealed explosives inside batteries of pagers sold to Hezbollah, Lebanese officials say. https:\/\/edition.cnn.com\/2024\/09\/27\/middleeast\/israel-pager-attack-hezbollah-lebanon-invs-intl\/index.html Accessed: March 2025."},{"key":"e_1_3_3_1_14_2","unstructured":"European Commission. 2025. EU\u2019s Cyber Resilience Act. https:\/\/digital-strategy.ec.europa.eu\/en\/policies\/cyber-resilience-act. [Online; accessed 19-Mar-2025]."},{"key":"e_1_3_3_1_15_2","volume-title":"SUN:DOWN - Destabilizing the Grid via Orchestrated Exploitation of Solar Power Systems","author":"Dashevskyi Stanislav","year":"2025","unstructured":"Stanislav Dashevskyi, Francesco La\u00a0Spina, and Daniel dos Santos. 2025. SUN:DOWN - Destabilizing the Grid via Orchestrated Exploitation of Solar Power Systems. Technical Report. https:\/\/www.forescout.com\/resources\/sun-down-research-report\/"},{"key":"e_1_3_3_1_16_2","volume-title":"CHRYSENE Threat Group Operations","author":"Intelligence Dragos Threat","unstructured":"Dragos Threat Intelligence. [n. d.]. CHRYSENE Threat Group Operations. https:\/\/www.dragos.com\/threat\/chrysene\/ Accessed: June 2024."},{"key":"e_1_3_3_1_17_2","unstructured":"Ember and Energy Institute. 2024. Share of electricity generated by renewables. https:\/\/ourworldindata.org\/grapher\/share-of-electricity-production-from-renewable-sources?time=2005..latest&country=\u00a0OWID_WRL. [Online; accessed 21-Mar-2025]."},{"key":"e_1_3_3_1_18_2","unstructured":"Ember and Energy Institute. 2024. Share of electricity generated by solar power. https:\/\/ourworldindata.org\/grapher\/share-electricity-solar?tab=chart&time=2005..latest&country=OWID_WRL\u00a0DEU\u00a0NAM. [Online; accessed 21-Mar-2025]."},{"key":"e_1_3_3_1_19_2","doi-asserted-by":"publisher","DOI":"10.1109\/ETFA46521.2020.9212128"},{"key":"e_1_3_3_1_20_2","doi-asserted-by":"publisher","DOI":"10.1145\/3632775.3661943"},{"key":"e_1_3_3_1_21_2","unstructured":"Australian Government. 2024. Australia\u2019s Cyber Security Legislative Reforms. https:\/\/www.cisc.gov.au\/legislation-regulation-and-compliance\/cyber-security-legislative-reforms. [Online; accessed 19-Mar-2025]."},{"key":"e_1_3_3_1_22_2","volume-title":"WikiLeaks emails: what they revealed about the Clinton campaign\u2019s mechanics","year":"2016","unstructured":"Guardian. 2016. WikiLeaks emails: what they revealed about the Clinton campaign\u2019s mechanics. https:\/\/www.theguardian.com\/us-news\/2016\/nov\/06\/wikileaks-emails-hillary-clinton-campaign-john-podesta Accessed: March 2025."},{"key":"e_1_3_3_1_23_2","doi-asserted-by":"publisher","unstructured":"Tareq Hossen Mehmetcan Gursoy and Behrooz Mirafzal. 2022. Self-Protective Inverters Against Malicious Setpoints Using Analytical Reference Models. IEEE Journal of Emerging and Selected Topics in Industrial Electronics 3 4 (Oct. 2022) 871\u2013877. 10.1109\/JESTIE.2022.3199672","DOI":"10.1109\/JESTIE.2022.3199672"},{"key":"e_1_3_3_1_24_2","doi-asserted-by":"publisher","DOI":"10.1145\/3679240.3734613"},{"key":"e_1_3_3_1_25_2","doi-asserted-by":"crossref","unstructured":"Muhammad\u00a0Adil Inam Yinfang Chen Akul Goyal Jason Liu Jaron Mink Noor Michael Sneha Gaur Adam Bates and Wajih\u00a0Ul Hassan. 2023. SoK: History is a Vast Early Warning System: Auditing the Provenance of System Intrusions. 2620\u20132638.","DOI":"10.1109\/SP46215.2023.10179405"},{"key":"e_1_3_3_1_26_2","unstructured":"Sam James. 2025. xz-utils backdoor situation (CVE-2024-3094). https:\/\/gist.github.com\/thesamesam\/223949d5a074ebc3dce9ee78baad9e27"},{"key":"e_1_3_3_1_27_2","doi-asserted-by":"publisher","DOI":"10.1109\/IECON.2011.6120048"},{"key":"e_1_3_3_1_28_2","doi-asserted-by":"publisher","DOI":"10.1145\/3632775.3661994"},{"key":"e_1_3_3_1_29_2","doi-asserted-by":"publisher","unstructured":"Constantinos Kolias Georgios Kambourakis Angelos Stavrou and Jeffrey Voas. 2017. DDoS in the IoT: Mirai and Other Botnets. Computer 50 7 (2017) 80\u201384. 10.1109\/MC.2017.201","DOI":"10.1109\/MC.2017.201"},{"key":"e_1_3_3_1_30_2","doi-asserted-by":"publisher","DOI":"10.1109\/ICMT58149.2023.10171308"},{"key":"e_1_3_3_1_31_2","doi-asserted-by":"crossref","unstructured":"David Kushner. 2013. The Real Story of Stuxnet. IEEE Spectrum (Oct. 2013).","DOI":"10.1109\/MSPEC.2013.6471059"},{"key":"e_1_3_3_1_32_2","doi-asserted-by":"publisher","unstructured":"Yuanliang Li and Jun Yan. 2023. Cybersecurity of Smart Inverters in the Smart Grid: A Survey. IEEE Transactions on Power Electronics 38 2 (Feb. 2023) 2364\u20132383. 10.1109\/TPEL.2022.3206239 Conference Name: IEEE Transactions on Power Electronics.","DOI":"10.1109\/TPEL.2022.3206239"},{"key":"e_1_3_3_1_33_2","doi-asserted-by":"publisher","DOI":"10.5445\/IR\/1000179480"},{"key":"e_1_3_3_1_34_2","unstructured":"Qi Liu Kaibin Bao Wajih\u00a0Ul Hassan and Veit Hagenmeyer. 2024. HADES: Detecting Active Directory Attacks via Whole Network Provenance Analytics. http:\/\/arxiv.org\/abs\/2407.18858 arXiv:https:\/\/arXiv.org\/abs\/2407.18858 [cs]."},{"key":"e_1_3_3_1_35_2","volume-title":"Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology","unstructured":"Mandiant. [n. d.]. Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology. https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/sandworm-disrupts-power-ukraine-operational-technology\/ Accessed: June 2024."},{"key":"e_1_3_3_1_36_2","volume-title":"New Targeted Attack in the Middle East by APT34","year":"2017","unstructured":"Mandiant. 2017. New Targeted Attack in the Middle East by APT34. https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/targeted-attack-in-middle-east-by-apt34\/ Accessed: June 2024."},{"key":"e_1_3_3_1_37_2","volume-title":"South Korean nuclear operator hacked amid cyber-attack fears","author":"McCurry Justin","year":"2014","unstructured":"Justin McCurry. 2014. South Korean nuclear operator hacked amid cyber-attack fears. https:\/\/www.theguardian.com\/world\/2014\/dec\/22\/south-korea-nuclear-power-cyber-attack-hack Accessed: March 2025."},{"key":"e_1_3_3_1_38_2","volume-title":"From technical details to the overall relevance for cybersecurity of critical infrastructures","author":"Mura Alessandro","year":"2024","unstructured":"Alessandro Mura. 2024. From technical details to the overall relevance for cybersecurity of critical infrastructures. Technical Report. https:\/\/centri.unibo.it\/computational-social-science\/it\/cosa-facciamo\/our-students-papers\/mura_cs-cw2024_final.pdf\/@@download\/file\/Mura_CS&CW2024_FINAL.pdf"},{"key":"e_1_3_3_1_39_2","doi-asserted-by":"crossref","unstructured":"Ahmed\u00a0S Musleh Jawad Ahmed Nadeem Ahmed Hunter Xu Guo Chen Stephen Kerr and Sanjay Jha. 2024. Experimental Cybersecurity Evaluation of Distributed Solar Inverters: Vulnerabilities and Impacts On the Australian Grid. IEEE Transactions on Smart Grid (2024).","DOI":"10.1109\/TSG.2024.3393439"},{"key":"e_1_3_3_1_40_2","doi-asserted-by":"publisher","unstructured":"Nils M\u00fcller Kaibin Bao and Kai Heussen. 2024. Cyber\u2013physical event reasoning for distributed energy resources. Sustainable Energy Grids and Networks 39 (Sept. 2024) 101400. 10.1016\/j.segan.2024.101400","DOI":"10.1016\/j.segan.2024.101400"},{"key":"e_1_3_3_1_41_2","doi-asserted-by":"publisher","unstructured":"Ehsan Naderi Samaneh Pazouki and Arash Asrari. 2023. A coordinated cyberattack targeting load centers and renewable distributed energy resources for undervoltage\/overvoltage in the most vulnerable regions of a modern distribution system. Sustainable Cities and Society 88 (Jan. 2023) 104276. 10.1016\/j.scs.2022.104276","DOI":"10.1016\/j.scs.2022.104276"},{"key":"e_1_3_3_1_42_2","volume-title":"3rd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 20)","author":"Osman Amr","year":"2020","unstructured":"Amr Osman, Armin Wasicek, Stefan K\u00f6psell, and Thorsten Strufe. 2020. Transparent Microsegmentation in Smart Home IoT Networks. In 3rd USENIX Workshop on Hot Topics in Edge Computing (HotEdge 20). USENIX Association. https:\/\/www.usenix.org\/conference\/hotedge20\/presentation\/osman"},{"key":"e_1_3_3_1_43_2","volume-title":"SolarWinds hack: the mystery of one of the biggest cyberattacks ever","author":"Paganini Pierluigi","year":"2021","unstructured":"Pierluigi Paganini. 2021. SolarWinds hack: the mystery of one of the biggest cyberattacks ever. https:\/\/cybernews.com\/security\/solarwinds-hack-the-mystery-of-one-of-the-biggest-cyberattacks-ever\/ [Online; accessed 26-Mar-2025]."},{"key":"e_1_3_3_1_44_2","volume-title":"If IoT devices are being cyber-certified, why aren\u2019t mobile applications?","author":"Ree Brad","year":"2021","unstructured":"Brad Ree. 2021. If IoT devices are being cyber-certified, why aren\u2019t mobile applications?https:\/\/www.securitymagazine.com\/articles\/94445-if-iot-devices-are-being-cyber-certified-why-arent-mobile-applications [Online; accessed 26-Mar-2025]."},{"key":"e_1_3_3_1_45_2","unstructured":"Mathis Richtmann. 2025. How hackers capture your solar panels and cause grid havoc. https:\/\/www.dw.com\/en\/how-hackers-capture-your-solar-panels-and-cause-grid-havoc\/a-71593448\/. [Online; accessed 19-Mar-2025]."},{"key":"e_1_3_3_1_46_2","unstructured":"Secura. 2024. Cybersecurity threats and measures for the solar power sector. https:\/\/topsectorenergie.nl\/documents\/1299\/2024-Secura_Report-Cybersecurity_threats_and_measures_for_the_solar_power_sector.pdf."},{"key":"e_1_3_3_1_47_2","doi-asserted-by":"publisher","unstructured":"Sajad Shirali-Shahreza and Yashar Ganjali. 2018. Protecting Home User Devices with an SDN-Based Firewall. IEEE Transactions on Consumer Electronics 64 1 (2018) 92\u2013100. 10.1109\/TCE.2018.2811261","DOI":"10.1109\/TCE.2018.2811261"},{"key":"e_1_3_3_1_48_2","volume-title":"Anatomy of an Attack: Detecting and Defeating CRASHOVERRIDE","author":"Slowik Joe","unstructured":"Joe Slowik. [n. d.]. Anatomy of an Attack: Detecting and Defeating CRASHOVERRIDE. https:\/\/www.dragos.com\/wp-content\/uploads\/CRASHOVERRIDE2018.pdf Accessed: June 2024."},{"key":"e_1_3_3_1_49_2","unstructured":"SolarPower Europe. 2024. Global Market Outlook For Solar Power 2024-2028. https:\/\/www.solarpowereurope.org\/insights\/outlooks\/global-market-outlook-for-solar-power-2024-2028\/detail."},{"key":"e_1_3_3_1_50_2","first-page":"15","volume-title":"27th USENIX Security Symposium (USENIX Security 18)","author":"Soltan Saleh","year":"2018","unstructured":"Saleh Soltan, Prateek Mittal, and H.\u00a0Vincent Poor. 2018. BlackIoT: IoT Botnet of High Wattage Devices Can Disrupt the Power Grid. In 27th USENIX Security Symposium (USENIX Security 18). USENIX Association, Baltimore, MD, 15\u201332. https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/soltan"},{"key":"e_1_3_3_1_51_2","unstructured":"Morgan Stanley. 2024. AI and Cybersecurity: A New Era. https:\/\/www.morganstanley.com\/articles\/ai-cybersecurity-new-era"},{"key":"e_1_3_3_1_52_2","volume-title":"Dragonfly: Western energy sector targeted by sophisticated attack group","year":"2017","unstructured":"Symantec. 2017. Dragonfly: Western energy sector targeted by sophisticated attack group. https:\/\/www.theguardian.com\/world\/2014\/dec\/22\/south-korea-nuclear-power-cyber-attack-hack Accessed: March 2025."},{"key":"e_1_3_3_1_53_2","unstructured":"Satori Threat Intelligence and\u00a0Research Team. 2025. Satori Threat Intelligence Disruption: BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes. https:\/\/www.humansecurity.com\/learn\/blog\/satori-threat-intelligence-disruption-badbox-2-0\/"},{"key":"e_1_3_3_1_54_2","unstructured":"TechRepublic.com. 2023. Kaspersky\u2019s Advanced Persistent Threats Predictions for 2024. https:\/\/www.techrepublic.com\/article\/kaspersky-advanced-threat-predictions-2024\/. [Online; accessed 19-Mar-2025]."},{"key":"e_1_3_3_1_55_2","doi-asserted-by":"publisher","DOI":"10.1109\/IECON.2018.8591583"},{"key":"e_1_3_3_1_56_2","volume-title":"OilRig","author":"Corporation The MITRE","unstructured":"The MITRE Corporation. [n. d.]. OilRig. https:\/\/attack.mitre.org\/groups\/G0049\/ Accessed: June 2024."},{"key":"e_1_3_3_1_57_2","unstructured":"Wired.com. 2025. A Hacker Group Within Russia\u2019s Notorious Sandworm Unit is Breaching Western Networks. https:\/\/www.wired.com\/story\/russia-sandworm-badpilot-cyberattacks-western-countries\/. [Online; accessed 19-Mar-2025]."},{"key":"e_1_3_3_1_58_2","unstructured":"Wood Mackenzie. 2024. Global PV inverter shipments grew by 56% in 2023 to 536 GWac. https:\/\/www.woodmac.com\/press-releases\/2024-press-releases\/global-pv-inverter-shipments-grew-by-56-in-2023-to-536-gwac. [Online; accessed 21-Mar-2025]."},{"key":"e_1_3_3_1_59_2","doi-asserted-by":"publisher","DOI":"10.1109\/CyberPELS49534.2020.9311533"}],"event":{"name":"E-Energy '25: The 16th ACM International Conference on Future and Sustainable Energy Systems","location":"Rotterdam Netherlands","acronym":"E-Energy '25","sponsor":["SIGEnergy ACM Special Interest Group on Energy Systems and Informatics"]},"container-title":["Proceedings of the 16th ACM International Conference on Future and Sustainable Energy Systems"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3679240.3734653","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,16]],"date-time":"2025-06-16T13:56:27Z","timestamp":1750082187000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3679240.3734653"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,16]]},"references-count":58,"alternative-id":["10.1145\/3679240.3734653","10.1145\/3679240"],"URL":"https:\/\/doi.org\/10.1145\/3679240.3734653","relation":{},"subject":[],"published":{"date-parts":[[2025,6,16]]},"assertion":[{"value":"2025-06-16","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}