Deep Learning-Based Intrusion Detection System for Advanced Metering Infrastructure

Smart grid is an alternative solution of the conventional power grid which harnesses the power of the information technology to save the energy and meet today's environment requirements. Due to the inherent vulnerabilities in the information technology, the smart grid is exposed to a wide variety of threats that could be translated into cyber-attacks. In this paper, we develop a deep learning-based intrusion detection system to defend against cyber-attacks in the advanced metering infrastructure network. The proposed machine learning approach is trained and tested extensively on an empirical industrial dataset which is composed of several attack categories including the scanning, buffer overflow, and denial of service attacks. Then, an experimental comparison in terms of detection accuracy is conducted to evaluate the performance of the proposed approach with Naive Bayes, Support Vector Machine, and Random Forest. The obtained results suggest that the proposed approaches produce optimal results comparing to the other algorithms. Finally, we propose a network architecture to deploy the proposed anomaly-based intrusion detection system across the Advanced Metering Infrastructure network. In addition, we propose a network security architecture composed of two types of Intrusion detection system types, Host and Network-based, deployed across the Advanced Metering Infrastructure network to inspect the traffic and detect the malicious one at all the levels.Comment: 7 pages, 6 figures. 2019 NISS19: Proceedings of the 2nd International Conference on Networking, Information Systems & Securit

BSCSML: Design of an Efficient Bioinspired Security &Privacy Model for Cyber Physical System using Machine Learning

With the increasing prevalence of Smart Grid Cyber Physical Systems with Advanced Metering Infrastructure (SG CPS AMI), securing their internal components has become one of the paramount concerns. Traditional security mechanisms have proven to be insufficient in defending against sophisticated attacks. Bioinspired security and privacy models have emerged as promising solutions due to their stochastic solutions. This paper proposes a novel bio-inspired security and privacy model for SG CPS AMI that utilizes machine learning to strengthen their security levels. The proposed model is inspired by the hybrid Grey Wolf Teacher Learner based Optimizer (GWTLbO) Method’s ability to detect and respond to threats in real-time deployments. The GWTLbO Model also ensures higher privacy by selecting optimal methods between k-privacy, t-closeness & l-diversity depending upon contextual requirements. This study improves system accuracy and efficiency under diverse attacks using machine learning techniques. The method uses supervised learning to teach the model to recognize known attack trends and uncontrolled learning to spot unknown attacks. Our model was tested using real-time IoT device data samples. The model identified Zero-Day Attacks, Meter Bypass, Flash Image Manipulation, and Buffer-level attacks. The proposed model detects and responds to attacks with high accuracy and low false-positive rates. In real-time operations, the proposed model can handle huge volumes of data efficiently. The bioinspired security and privacy model secures CPS efficiently and is scalable for various cases. Machine learning techniques can improve the security and secrecy of these systems and revolutionize defense against different attacks

A Survey on Energy Efficiency in Smart Homes and Smart Grids

Empowered by the emergence of novel information and communication technologies (ICTs) such as sensors and high-performance digital communication systems, Europe has adapted its electricity distribution network into a modern infrastructure known as a smart grid (SG). The benefits of this new infrastructure include precise and real-time capacity for measuring and monitoring the different energy-relevant parameters on the various points of the grid and for the remote operation and optimization of distribution. Furthermore, a new user profile is derived from this novel infrastructure, known as a prosumer (a user that can produce and consume energy to/from the grid), who can benefit from the features derived from applying advanced analytics and semantic technologies in the rich amount of big data generated by the different subsystems. However, this novel, highly interconnected infrastructure also presents some significant drawbacks, like those related to information security (IS). We provide a systematic literature survey of the ICT-empowered environments that comprise SGs and homes, and the application of modern artificial intelligence (AI) related technologies with sensor fusion systems and actuators, ensuring energy efficiency in such systems. Furthermore, we outline the current challenges and outlook for this field. These address new developments on microgrids, and data-driven energy efficiency that leads to better knowledge representation and decision-making for smart homes and SGsThis research was co-funded by Interreg Österreich-Bayern 2014–2020 programme project KI-Net: Bausteine für KI-basierte Optimierungen in der industriellen Fertigung (AB 292). This work is also supported by the ITEA3 OPTIMUM project and ITEA3 SCRATCH project, all of them funded by the Centro Tecnológico de Desarrollo Industrial (CDTI), Spain

Intrusion Detection in Industrial Networks via Data Streaming

Given the increasing threat surface of industrial networks due to distributed, Internet-of-Things (IoT) based system architectures, detecting intrusions in\ua0 Industrial IoT (IIoT) systems is all the more important, due to the safety implications of potential threats. The continuously generated data in such systems form both a challenge but also a possibility: data volumes/rates are high and require processing and communication capacity but they contain information useful for system operation and for detection of unwanted situations.In this chapter we explain that\ua0 stream processing (a.k.a. data streaming) is an emerging useful approach both for general applications and for intrusion detection in particular, especially since it can enable data analysis to be carried out in the continuum of edge-fog-cloud distributed architectures of industrial networks, thus reducing communication latency and gradually filtering and aggregating data volumes. We argue that usefulness stems also due to\ua0 facilitating provisioning of agile responses, i.e. due to potentially smaller latency for intrusion detection and hence also improved possibilities for intrusion mitigation. In the chapter we outline architectural features of IIoT networks, potential threats and examples of state-of-the art intrusion detection methodologies. Moreover, we give an overview of how leveraging distributed and parallel execution of streaming applications in industrial setups can influence the possibilities of protecting these systems. In these contexts, we give examples using electricity networks (a.k.a. Smart Grid systems).We conclude that future industrial networks, especially their Intrusion Detection Systems (IDSs), should take advantage of data streaming concept by decoupling semantics from the deployment

Smart Metering Communication Protocols and Performance Under Cyber Security Vulnerabilities

The communication process is the key that characterizes the modern concept of smart grid, a new technology that introduced a “two-way communication” in energy measurement systems and can be best represented through the smart meters. Hence, the goal of smart metering communication is to ensure a secure and reliable transmission of information that can only be accessed by end users and energy supplying companies. With the goal of improving the information security in smart energy grids, the research presented in this work focused on studying different advanced metering infrastructure communication protocols and, it showcases a series of experiments performed on smart meters to evaluate their defenses against a set of cybersecurity attacks. A small-scale simulation of a smart metering system was performed in the cybersecurity laboratory in the department of Electrical and Computer Engineering at the University of Texas - Rio Grande Valley; and specialized software applications were developed to retrieve data in real time. Our experimental results demonstrated that security attacks have a considerable impact on the communication aspect of smart meters. This could help making smart meter manufacturing companies aware of the dangers caused by cyber-attacks and develop robust defenses against security attacks and enhance overall efficiency and reliability of the smart grid power delivery

A Comprehensive Survey on the Cyber-Security of Smart Grids: Cyber-Attacks, Detection, Countermeasure Techniques, and Future Directions

One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks based on the security requirements, confidentiality, integrity, and availability, without taking into consideration the accountability requirement. In addition, some of these surveys focused on the Transmission Control Protocol/Internet Protocol (TCP/IP) model, which does not differentiate between the application, session, and presentation and the data link and physical layers of the Open System Interconnection (OSI) model. In this survey paper, we provide a classification of attacks based on the OSI model and discuss in more detail the cyber-attacks that can target the different layers of smart grid networks communication. We also propose new classifications for the detection and countermeasure techniques and describe existing techniques under each category. Finally, we discuss challenges and future research directions

Intrusion Detection for Smart Grid Communication Systems

Transformation of the traditional power grid into a smart grid hosts an array of vulnerabilities associated with communication networks. Furthermore, wireless mediums used throughout the smart grid promote an environment where Denial of Service (DoS) attacks are very effective. In wireless mediums, jamming and spoofing attack techniques diminish system operations thus affecting smart grid stability and posing an immediate threat to Confidentiality, Integrity, and Availability (CIA) of the smart grid. Intrusion detection systems (IDS) serve as a primary defense in mitigating network vulnerabilities. In IDS, signatures created from historical data are compared to incoming network traffic to identify abnormalities. In this thesis, intrusion detection algorithms are proposed for attack detection in smart grid networks by means of physical, data link, network, and session layer analysis. Irregularities in these layers provide insight to whether the network is experiencing genuine or malicious activity