683 research outputs found
AMI threats, intrusion detection requirements and deployment recommendations
AbstractāAdvanced Metering Infrastructures (AMI) facilitate bidirectional communication between smart meters and utilities, allowing information about consumption, outages, and electricity rates to be shared reliably and efficiently. However, the numerous smart meters being connected through mesh networks open new opportunities for attackers to interfere with communications and compromise utilities ā assets or steal customers ā private information. The goal of this paper is to survey the various threats facing AMIs and the common attack techniques used to realize them in order to identify and understand the requirements for a comprehensive intrusion detection solution. The threat analysis leads to an extensive āattack tree ā that captures the attackersā key objectives (e.g., energy theft) and the individual attack steps (e.g., eavesdropping on the network) that would be involved in achieving them. With reference to the attack tree, we show the type of information that would be required to effectively detect attacks. We also suggest that the widest coverage in monitoring the attacks can be provided by a hybrid sensing infrastructure that uses both a centralized intrusion detection system and embedded meter sensors. I
USING A K-NEAREST NEIGHBORS MACHINE LEARNING APPROACH TO DETECT CYBERATTACKS ON THE NAVY SMART GRID
In 2019, the Naval Facilities Engineering Command (NAVFAC) deployed the Navy smart grid across multiple bases in the United States. The smart grid can improve the reliability, availability, and efficiency of electricity supply. While this brings about immense benefit, placing the grid on a network connected to the internet increases the threat of cyberattacks aimed at intelligence collection, disruption, and destruction. In this thesis, we propose an Intrusion Detection System (IDS) for the NAVFAC smart grid. This IDS comprises a feature extractor, classifier, anomaly detector, and response manager. We use the K-Nearest Neighbors machine learning algorithm to show that various attacks (web attacks, FTP/SSH attacks, DOS, DDOS and port scanning) can be grouped into broader attack classes of Active, Denial, and Probe for appropriate response management. We also show that in order to reduce the load on the security operations center (SOC), the accuracy of the classifier can be maximized by optimizing the value of k, which is the number of data points nearest to the sample under consideration that decides the class assigned.http://archive.org/details/usingaknearestne1094566054Outstanding ThesisCommander, Republic of Singapore NavyApproved for public release. distribution is unlimite
The Impact of Stealthy Attacks on Smart Grid Performance: Tradeoffs and Implications
The smart grid is envisioned to significantly enhance the efficiency of
energy consumption, by utilizing two-way communication channels between
consumers and operators. For example, operators can opportunistically leverage
the delay tolerance of energy demands in order to balance the energy load over
time, and hence, reduce the total operational cost. This opportunity, however,
comes with security threats, as the grid becomes more vulnerable to
cyber-attacks. In this paper, we study the impact of such malicious
cyber-attacks on the energy efficiency of the grid in a simplified setup. More
precisely, we consider a simple model where the energy demands of the smart
grid consumers are intercepted and altered by an active attacker before they
arrive at the operator, who is equipped with limited intrusion detection
capabilities. We formulate the resulting optimization problems faced by the
operator and the attacker and propose several scheduling and attack strategies
for both parties. Interestingly, our results show that, as opposed to
facilitating cost reduction in the smart grid, increasing the delay tolerance
of the energy demands potentially allows the attacker to force increased costs
on the system. This highlights the need for carefully constructed and robust
intrusion detection mechanisms at the operator.Comment: Technical report - this work was accepted to IEEE Transactions on
Control of Network Systems, 2016. arXiv admin note: substantial text overlap
with arXiv:1209.176
Intrusion Detection for Smart Grid Communication Systems
Transformation of the traditional power grid into a smart grid hosts an array of vulnerabilities associated with communication networks. Furthermore, wireless mediums used throughout the smart grid promote an environment where Denial of Service (DoS) attacks are very effective. In wireless mediums, jamming and spoofing attack techniques diminish system operations thus affecting smart grid stability and posing an immediate threat to Confidentiality, Integrity, and Availability (CIA) of the smart grid. Intrusion detection systems (IDS) serve as a primary defense in mitigating network vulnerabilities. In IDS, signatures created from historical data are compared to incoming network traffic to identify abnormalities. In this thesis, intrusion detection algorithms are proposed for attack detection in smart grid networks by means of physical, data link, network, and session layer analysis. Irregularities in these layers provide insight to whether the network is experiencing genuine or malicious activity
Enhancing Cyber-Resiliency of DER-based SmartGrid: A Survey
The rapid development of information and communications technology has
enabled the use of digital-controlled and software-driven distributed energy
resources (DERs) to improve the flexibility and efficiency of power supply, and
support grid operations. However, this evolution also exposes
geographically-dispersed DERs to cyber threats, including hardware and software
vulnerabilities, communication issues, and personnel errors, etc. Therefore,
enhancing the cyber-resiliency of DER-based smart grid - the ability to survive
successful cyber intrusions - is becoming increasingly vital and has garnered
significant attention from both industry and academia. In this survey, we aim
to provide a systematical and comprehensive review regarding the
cyber-resiliency enhancement (CRE) of DER-based smart grid. Firstly, an
integrated threat modeling method is tailored for the hierarchical DER-based
smart grid with special emphasis on vulnerability identification and impact
analysis. Then, the defense-in-depth strategies encompassing prevention,
detection, mitigation, and recovery are comprehensively surveyed,
systematically classified, and rigorously compared. A CRE framework is
subsequently proposed to incorporate the five key resiliency enablers. Finally,
challenges and future directions are discussed in details. The overall aim of
this survey is to demonstrate the development trend of CRE methods and motivate
further efforts to improve the cyber-resiliency of DER-based smart grid.Comment: Submitted to IEEE Transactions on Smart Grid for Publication
Consideratio
Recommended from our members
Survey in Smart Grid and Smart Home Security: Issues, Challenges and Countermeasures
The electricity industry is now at the verge of a new era. An era that promises, through the evolution of the existing electrical grids to Smart Grids, more efficient and effective power management, better reliability, reduced production costs and more environmentally friendly energy generation. Numerous initiatives across the globe, led by both industry and academia, reflect the mounting interest around the enormous benefits but also the great risks introduced by this evolution. This paper focuses on issues related to the security of the Smart Grid and the Smart Home, which we present as an integral part of the Smart Grid. Based on several scenarios we aim to present some of the most representative threats to the Smart Home / Smart Grid environment. The threats detected are categorized according to specific security goals set for the Smart Home/Smart Grid environment and their impact on the overall system security is evaluated. A review of contemporary literature is then conducted with the aim of presenting promising security countermeasures with respect to the identified specific security goals for each presented scenario. An effort to shed light on open issues and future research directions concludes the paper
VOIP vs GSM Technology: The Way of the Future for Communication
This chopter presents ~Ā·(;/?as o disruptive lechnology to GSM technnfog_1Ā· as \l'c/1 os the issues. controFersies,
and problems surmunding its deployment. It ginā¢s o gent'ral introduction oftlze evolution
o/ communication svsten1s fim11 thE! POTS. /u (}SAf, and IWW ~'(J/P Se1ā¢ur~.d issues that swTound the
deployment of Voir such tiS [Jrovision of PSTN equivalent sen ices hy Voir scf'l'i<:c pml'iclers. regulation
ofthe service. introduction (~{latency and other counter measures bv some operators. threat posed
io PSTN providers due to eme1gence ol T-iJ!P. the needfinĀ· technical stundardi:::ation of Vu!P. securill'
issues, different cost structure, and cjuality ofservh:e pruvided H'<:'re alsu discussed in details Solutions
and recommendations weiĀ·e suggested to overcome rheclwllenges outlined. Tli)[P is eri!sented us the trulĀ·
o/the.fillurcj(n' communication T1'hen thisfinallv happens depends 011 how .fits! I he choll<'llges outlined
in this chapter are addressed Fulurc and ell/crging re.\'Curdltrends in the dep/ovmenl of Vn!P such cts
locating users in a st!cure a11d reliahle wuy, monitoring IIJ!P 11Cllt'ork.1Ā·. as ll;elf us inrrusion derecriun
and prevention on SIP ttā¢ere also considered. alter whic/1. conc/usiun ti'US made This dWjJ/er is hnth
informative and interestin
- ā¦