Integrated Cyber-Physical Resiliency for Power Grids Under IoT-Enabled Dynamic Botnet Attacks

Yuhan Zhao, Juntao Chen, Quanyan Zhu

Research output: Contribution to journalArticlepeer-review


The wide adoption of the Internet of Things (IoT)-enabled energy devices improves the quality of life, but simultaneously, it enlarges the attack surface of the power grid system. The adversary can gain illegitimate control of a large number of these devices and use them as a means to compromise the physical grid operation, a mechanism known as the IoT botnet attack. This article aims to improve the resiliency of cyber-physical power grids to such attacks. Specifically, we use an epidemic model to understand the dynamic botnet formation, which facilitates the assessment of the cyber layer vulnerability of the grid. The attacker aims to exploit this vulnerability to enable a successful physical compromise, while the system operator’s goal is to ensure a normal operation of the grid by mitigating cyber risks. We develop a cross-layer game-theoretic framework for strategic decision-making to enhance cyber-physical grid resiliency. The cyber-layer game guides the system operator on how to defend against the botnet attacker as the first layer of defense, while the dynamic game strategy at the physical layer further counteracts the adversarial behavior in real time for improved physical resilience. A number of case studies on the IEEE-39 bus system are used to corroborate the devised approach.

Original languageEnglish (US)
Pages (from-to)1-15
Number of pages15
JournalIEEE Transactions on Control Systems Technology
StateAccepted/In press - 2024


  • Botnet
  • Botnet attacks
  • Epidemics
  • Games
  • Internet of Things
  • Power grids
  • Power system dynamics
  • Resilience
  • cross-layer defense
  • cyber-physical grid resilience
  • dynamic games

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Electrical and Electronic Engineering


Dive into the research topics of 'Integrated Cyber-Physical Resiliency for Power Grids Under IoT-Enabled Dynamic Botnet Attacks'. Together they form a unique fingerprint.

Cite this