With cyberattacks on power grids growing more sophisticated, researchers at the University of Missouri have developed CIBR-Fort, an AI-powered system that predicts and neutralizes threats in real-time—bringing a new level of security to the nation's energy infrastructure.
Image Credit: tete_escape / Shutterstock
Researchers at the University of Missouri's College of Engineering are taking on a critical challenge: protecting power grids from the rising threat of cyberattacks. These attacks have the potential to plunge millions into darkness, jeopardizing security and even lives.
While utilities have made strides in defense after numerous past attacks, cybercriminals are constantly evolving their tactics. That's why Mizzou is stepping up, aiming to stay ahead in this high-stakes digital arms race.
"Current grid operators rely on outdated security measures like firewalls and antivirus software, which are ineffective against sophisticated, modern attacks," Prasad Calyam, Curators' Distinguished Professor of Electrical Engineering and Computer Science, said. "What's needed is a cybersecurity framework that uses real-time knowledge to predict and detect targeted attacks, along with active defense strategies that mitigate cyberattacks effectively."
Calyam, the director of the Mizzou Cyber Education, Research and Infrastructure (CERI) Center, led a team to develop this system. The researchers focused their attention on inverter-based resources (IBRs), systems that connect renewable energy sources to the electric grid. Because they are connected to the internet for information sharing and network control purposes, IBRs are particularly vulnerable to cyberattacks, which could disrupt the grid, damage equipment, or steal data.
"IBRs' exposure to the internet creates more attack surfaces," Calyam said. "They have different layers - network, communication and hardware - which can each be targeted in various ways."
Predicting cyberattacks with accuracy
Calyam and his colleagues developed the CIBR-Fort system to improve the cybersecurity of IBRs. It employs advanced technology, such as large language models (LLMs) and knowledge graphs, to spot unusual behavior, detect risks, and act quickly.
CIBER-Fort can predict cyberattacks with 91.88% accuracy, and its knowledge base is designed to grow by adding new types of attacks. This helps ensure that future evolving threats can be predicted and mitigated.
"The system, which is based on a cloud platform, can quickly respond to threats in real-time, with an average response time of 40 milliseconds per data flow," said Roshan Lal Neupane, a cyberinfrastructure engineer at CERI and co-author on the paper.
CIBR-Fort not only helps detect cyberattacks but also has the capability to defend against them by redirecting attack traffic, using decoys, and analyzing the attacker's actions to find ways to stop them.
"Interactive systems respond to the attacker's actions - opening files or folders that seem real - effectively tricking attackers and wasting their time," said Vamsi Pusapati, one of the paper's co-authors and a graduate student pursuing his master's in computer science at Mizzou.
The innovative and constantly evolving CIBR-Fort system enables scalable security for power grids of the future.
The team will present their findings at the 2025 Institute of Electrical and Electronics Engineers/International Federation for Information Processing Network Operations and Management Symposium.