Security assessment of the smart grid : a review focusing on the NAN architecture

Abstract: This paper presents a comprehensive review on the security aspect of the smart grid communication network. The paper focus on the Neighborhood Area Network (NAN) cybersecurity and it laid emphasis on how the NAN architecture is such an attractive target to intruders and attackers. The paper aims at summarizing recent research efforts on some of the attacks and the various techniques employed in tackling them as they were discussed in recent literatures and research works. Furthermore, the paper presents a detailed review on the smart grid communication layers, wireless technology standards, networks and the security challenges the grid is currently facing. The work concludes by explaining current and future directions NAN communication security could consider in terms of data privacy measures. The data privacy measures are discussed in terms of prevention and detection techniques

Intelligent Sensor Networks

In the last decade, wireless or wired sensor networks have attracted much attention. However, most designs target general sensor network issues including protocol stack (routing, MAC, etc.) and security issues. This book focuses on the close integration of sensing, networking, and smart signal processing via machine learning. Based on their world-class research, the authors present the fundamentals of intelligent sensor networks. They cover sensing and sampling, distributed signal processing, and intelligent signal learning. In addition, they present cutting-edge research results from leading experts

Honeypot for Wireless Sensor Networks

People have understood that computer systems need safeguarding and require knowledge of security principles for their protection. While this has led to solutions for system components such as malware-protection, firewalls and intrusion detection systems, the ubiquitous usage of tiny microcomputers appeared at the same time. A new interconnectivity is on the rise in our lives. Things become “smart” and increasingly build new networks of devices. In this context the wireless sensor networks here interact with users and also, vice versa as well; unprivileged users able to interact with the wireless sensor network may harm the privileged user as a result. The problem that needs to be solved consists of possible harm that may be caused by an unprivileged user interacting with the wireless sensor network of a privileged user and may come via an attack vector targeting a vul- nerability that may take as long as it is needed and the detection of such mal-behaviour can only be done if a sensing component is implemented as a kind of tool detecting the status of the attacked wireless sensor network component and monitors this problem happening as an event that needs to be researched further on. Innovation in attack detection comprehension is the key aspect of this work, because it was found to be a set of hitherto not combined aspects, mechanisms, drafts and sketches, lacking a central combined outcome. Therefore the contribution of this thesis consists in a span of topics starting with a summary of attacks, possible countermeasures and a sketch of the outcome to the design and implementation of a viable product, concluding in an outlook at possible further work. The chosen path for the work in this research was experimental prototype construction following an established research method that first highlights the analysis of attack vectors to the system component and then evaluates the possibilities in order to im- prove said method. This led to a concept well known in common large-scale computer science systems, called a honeypot. Its common definitions and setups were analy- sed and the concept translation to the wireless sensor network domain was evaluated. Then the prototype was designed and implemented. This was done by following the ap- proach set by the science of cybersecurity, which states that the results of experiments and prototypes lead to improving knowledge intentionally for re-use

Optimized Monitoring and Detection of Internet of Things resources-constraints Cyber Attacks

This research takes place in the context of the optimized monitoring and detec- tion of Internet of Things (IoT) resource-constraints attacks. Meanwhile, the In- ternet of Everything (IoE) concept is presented as a wider extension of IoT. How- ever, the IoE realization meets critical challenges, including the limited network coverage and the limited resources of existing network technologies and smart devices. The IoT represents a network of embedded devices that are uniquely identifiable and have embedded software required to communicate between the transient states. The IoT enables a connection between billions of sensors, actu- ators, and even human beings to the Internet, creating a wide range of services, some of which are mission-critical. However, IoT networks are faulty; things are resource-constrained in terms of energy and computational capabilities. For IoT systems performing a critical mission, it is crucial to ensure connectivity, availability, and device reliability, which requires proactive device state moni- toring. This dissertation presents an approach to optimize the monitoring and detection of resource-constraints attacks in IoT and IoE smart devices. First, it has been shown that smart devices suffer from resource-constraints problems; therefore, using lightweight algorithms to detect and mitigate the resource-constraints at- tack is essential. Practical analysis and monitoring of smart device resources’ are included and discussed to understand the behaviour of the devices before and after attacking real smart devices. These analyses are straightforwardly extended for building lightweight detection and mitigation techniques against energy and memory attacks. Detection of energy consumption attacks based on monitoring the package reception rate of smart devices is proposed to de- tect energy attacks in smart devices effectively. The proposed lightweight algo- rithm efficiently detects energy attacks for different protocols, e.g., TCP, UDP, and MQTT. Moreover, analyzing memory usage attacks is also considered in this thesis. Therefore, another lightweight algorithm is also built to detect the memory-usage attack once it appears and stops. This algorithm considers mon- itoring the memory usage of the smart devices when the smart devices are Idle, Active, and Under attack. Based on the presented methods and monitoring analysis, the problem of resource-constraint attacks in IoT systems is systemat- ically eliminated by parameterizing the lightweight algorithms to adapt to the resource-constraint problems of the smart devices

Location based services in wireless ad hoc networks

In this dissertation, we investigate location based services in wireless ad hoc networks from four different aspects - i) location privacy in wireless sensor networks (privacy), ii) end-to-end secure communication in randomly deployed wireless sensor networks (security), iii) quality versus latency trade-off in content retrieval under ad hoc node mobility (performance) and iv) location clustering based Sybil attack detection in vehicular ad hoc networks (trust). The first contribution of this dissertation is in addressing location privacy in wireless sensor networks. We propose a non-cooperative sensor localization algorithm showing how an external entity can stealthily invade into the location privacy of sensors in a network. We then design a location privacy preserving tracking algorithm for defending against such adversarial localization attacks. Next we investigate secure end-to-end communication in randomly deployed wireless sensor networks. Here, due to lack of control on sensors\u27 locations post deployment, pre-fixing pairwise keys between sensors is not feasible especially under larger scale random deployments. Towards this premise, we propose differentiated key pre-distribution for secure end-to-end secure communication, and show how it improves existing routing algorithms. Our next contribution is in addressing quality versus latency trade-off in content retrieval under ad hoc node mobility. We propose a two-tiered architecture for efficient content retrieval in such environment. Finally we investigate Sybil attack detection in vehicular ad hoc networks. A Sybil attacker can create and use multiple counterfeit identities risking trust of a vehicular ad hoc network, and then easily escape the location of the attack avoiding detection. We propose a location based clustering of nodes leveraging vehicle platoon dispersion for detection of Sybil attacks in vehicular ad hoc networks --Abstract, page iii