Enabling Self-healing Smart Grid Through Jamming Resilient Local Controller Switching

A key component of a smart grid is its ability to collect useful information from a power grid for enabling control centers to estimate the current states of the power grid. Such information can be delivered to the control centers via wireless or wired networks. It is envisioned that wireless technology will be widely used for local-area communication subsystems in the smart grid (e.g., in distribution networks). However, various attacks with serious impact can be launched in wireless networks such as channel jamming attacks and denial-of-service attacks. In particular, jamming attacks can cause significant damages to power grids, e.g., delayed delivery of time-critical messages can prevent control centers from properly controlling the outputs of generators to match load demands. In this paper, a communication subsystem with enhanced self-healing capability in the presence of jamming is designed via intelligent local controller switching while integrating a retransmission mechanism. The proposed framework allows sufficient readings from smart meters to be continuously collected by various local controllers to estimate the states of a power grid under various attack scenarios. The jamming probability is also analyzed considering the impact of jammer power and shadowing effects. In addition, guidelines on optimal placement of local controllers to ensure effective switching of smart meters under jamming are provided. Via theoretical, experimental and simulation studies, it is demonstrated that our proposed system is effective in maintaining communications between smart meters and local controllers even when multiple jammers are present in the network

Robust multiple frequency multiple power localization schemes in the presence of multiple jamming attacks

Localization of the wireless sensor network is a vital area acquiring an impressive research concern and called upon to expand more with the rising of its applications. As localization is gaining prominence in wireless sensor network, it is vulnerable to jamming attacks. Jamming attacks disrupt communication opportunity among the sender and receiver and deeply impact the localization process, leading to a huge error of the estimated sensor node position. Therefore, detection and elimination of jamming influence are absolutely indispensable. Range-based techniques especially Received Signal Strength (RSS) is facing severe impact of these attacks. This paper proposes algorithms based on Combination Multiple Frequency Multiple Power Localization (C-MFMPL) and Step Function Multiple Frequency Multiple Power Localization (SF-MFMPL). The algorithms have been tested in the presence of multiple types of jamming attacks including capture and replay, random and constant jammers over a log normal shadow fading propagation model. In order to overcome the impact of random and constant jammers, the proposed method uses two sets of frequencies shared by the implemented anchor nodes to obtain the averaged RSS readings all over the transmitted frequencies successfully. In addition, three stages of filters have been used to cope with the replayed beacons caused by the capture and replay jammers. In this paper the localization performance of the proposed algorithms for the ideal case which is defined by without the existence of the jamming attack are compared with the case of jamming attacks. The main contribution of this paper is to achieve robust localization performance in the presence of multiple jamming attacks under log normal shadow fading environment with a different simulation conditions and scenarios

A Mixed-Integer Programming Approach for Jammer Placement Problems for Flow-Jamming Attacks on Wireless Communication Networks

In this dissertation, we study an important problem of security in wireless networks. We study different attacks and defense strategies in general and more specifically jamming attacks. We begin the dissertation by providing a tutorial introducing the operations research community to the various types of attacks and defense strategies in wireless networks. In this tutorial, we give examples of mathematical programming models to model jamming attacks and defense against jamming attacks in wireless networks. Later we provide a comprehensive taxonomic classification of the various types of jamming attacks and defense against jamming attacks. The classification scheme will provide a one stop location for future researchers on various jamming attack and defense strategies studied in literature. This classification scheme also highlights the areas of research in jamming attack and defense against jamming attacks which have received less attention and could be a good area of focus for future research. In the next chapter, we provide a bi-level mathematical programming model to study jamming attack and defense strategy. We solve this using a game-theoretic approach and also study the impact of power level, location of jamming device, and the number of transmission channels available to transmit data on the attack and defense against jamming attacks. We show that by increasing the number of jamming devices the throughput of the network drops by at least 7%. Finally we study a special type of jamming attack, flow-jamming attack. We provide a mathematical programming model to solve the location of jamming devices to increase the impact of flow-jamming attacks on wireless networks. We provide a Benders decomposition algorithm along with some acceleration techniques to solve large problem instances in reasonable amount of time. We draw some insights about the impact of power, location and size of the network on the impact of flow-jamming attacks in wireless networks

A Mixed-Integer Programming Approach for Jammer Placement Problems for Flow-Jamming Attacks on Wireless Communication Networks

In this dissertation, we study an important problem of security in wireless networks. We study different attacks and defense strategies in general and more specifically jamming attacks. We begin the dissertation by providing a tutorial introducing the operations research community to the various types of attacks and defense strategies in wireless networks. In this tutorial, we give examples of mathematical programming models to model jamming attacks and defense against jamming attacks in wireless networks. Later we provide a comprehensive taxonomic classification of the various types of jamming attacks and defense against jamming attacks. The classification scheme will provide a one stop location for future researchers on various jamming attack and defense strategies studied in literature. This classification scheme also highlights the areas of research in jamming attack and defense against jamming attacks which have received less attention and could be a good area of focus for future research. In the next chapter, we provide a bi-level mathematical programming model to study jamming attack and defense strategy. We solve this using a game-theoretic approach and also study the impact of power level, location of jamming device, and the number of transmission channels available to transmit data on the attack and defense against jamming attacks. We show that by increasing the number of jamming devices the throughput of the network drops by at least 7%. Finally we study a special type of jamming attack, flow-jamming attack. We provide a mathematical programming model to solve the location of jamming devices to increase the impact of flow-jamming attacks on wireless networks. We provide a Benders decomposition algorithm along with some acceleration techniques to solve large problem instances in reasonable amount of time. We draw some insights about the impact of power, location and size of the network on the impact of flow-jamming attacks in wireless networks

Interference Mitigation in Multi-Hop Wireless Networks with Advanced Physical-Layer Techniques

In my dissertation, we focus on the wireless network coexistence problem with advanced physical-layer techniques. For the first part, we study the problem of Wireless Body Area Networks (WBAN)s coexisting with cross-technology interference (CTI). WBANs face the RF cross-technology interference (CTI) from non-protocol-compliant wireless devices. Werst experimentally characterize the adverse effect on BAN caused by the CTI sources. Then we formulate a joint routing and power control (JRPC) problem, which aims at minimizing energy consumption while satisfying node reachability and delay constraints. We reformulate our problem into a mixed integer linear programing problem (MILP) and then derive the optimal results. A practical JRPC protocol is then proposed. For the second part, we study the coexistence of heterogeneous multi-hop networks with wireless MIMO. We propose a new paradigm, called cooperative interference mitigation (CIM), which makes it possible for disparate networks to cooperatively mitigate the interference to/from each other to enhance everyone\u27s performance. We establish two tractable models to characterize the CIM behaviors of both networks by using full IC (FIC) and receiver-side IC (RIC) only. We propose two bi-criteria optimization problems aiming at maximizing both networks\u27 throughput, while cooperatively canceling the interference between them based on our two models. In the third and fourth parts, we study the coexistence problem with MIMO from a different point of view: the incentive of cooperation. We propose a novel two-round game framework, based on which we derive two networks\u27 equilibrium strategies and the corresponding closed-form utilities. We then extend our game-theoretical analysis to a general multi-hop case, specifically the coexistence problem between primary network and multi-hop secondary network in the cognitive radio networks domain. In the final part, we study the benefits brought by reconfigurable antennas (RA). We systematically exploit the pattern diversity and fast reconfigurability of RAs to enhance the throughput of MWNs. Werst propose a novel link-layer model that captures the dynamic relations between antenna pattern, link coverage and interference. Based on our model, a throughput optimization framework is proposed by jointly considering pattern selection and link scheduling, which is formulated as a mixed integer non-linear programming problem

Game-Theoretic Frameworks and Strategies for Defense Against Network Jamming and Collocation Attacks

Modern networks are becoming increasingly more complex, heterogeneous, and densely connected. While more diverse services are enabled to an ever-increasing number of users through ubiquitous networking and pervasive computing, several important challenges have emerged. For example, densely connected networks are prone to higher levels of interference, which makes them more vulnerable to jamming attacks. Also, the utilization of software-based protocols to perform routing, load balancing and power management functions in Software-Defined Networks gives rise to more vulnerabilities that could be exploited by malicious users and adversaries. Moreover, the increased reliance on cloud computing services due to a growing demand for communication and computation resources poses formidable security challenges due to the shared nature and virtualization of cloud computing. In this thesis, we study two types of attacks: jamming attacks on wireless networks and side-channel attacks on cloud computing servers. The former attacks disrupt the natural network operation by exploiting the static topology and dynamic channel assignment in wireless networks, while the latter attacks seek to gain access to unauthorized data by co-residing with target virtual machines (VMs) on the same physical node in a cloud server. In both attacks, the adversary faces a static attack surface and achieves her illegitimate goal by exploiting a stationary aspect of the network functionality. Hence, this dissertation proposes and develops counter approaches to both attacks using moving target defense strategies. We study the strategic interactions between the adversary and the network administrator within a game-theoretic framework. First, in the context of jamming attacks, we present and analyze a game-theoretic formulation between the adversary and the network defender. In this problem, the attack surface is the network connectivity (the static topology) as the adversary jams a subset of nodes to increase the level of interference in the network. On the other side, the defender makes judicious adjustments of the transmission footprint of the various nodes, thereby continuously adapting the underlying network topology to reduce the impact of the attack. The defender\u27s strategy is based on playing Nash equilibrium strategies securing a worst-case network utility. Moreover, scalable decomposition-based approaches are developed yielding a scalable defense strategy whose performance closely approaches that of the non-decomposed game for large-scale and dense networks. We study a class of games considering discrete as well as continuous power levels. In the second problem, we consider multi-tenant clouds, where a number of VMs are typically collocated on the same physical machine to optimize performance and power consumption and maximize profit. This increases the risk of a malicious virtual machine performing side-channel attacks and leaking sensitive information from neighboring VMs. The attack surface, in this case, is the static residency of VMs on a set of physical nodes, hence we develop a timed migration defense approach. Specifically, we analyze a timing game in which the cloud provider decides when to migrate a VM to a different physical machine to mitigate the risk of being compromised by a collocated malicious VM. The adversary decides the rate at which she launches new VMs to collocate with the victim VMs. Our formulation captures a data leakage model in which the cost incurred by the cloud provider depends on the duration of collocation with malicious VMs. It also captures costs incurred by the adversary in launching new VMs and by the defender in migrating VMs. We establish sufficient conditions for the existence of Nash equilibria for general cost functions, as well as for specific instantiations, and characterize the best response for both players. Furthermore, we extend our model to characterize its impact on the attacker\u27s payoff when the cloud utilizes intrusion detection systems that detect side-channel attacks. Our theoretical findings are corroborated with extensive numerical results in various settings as well as a proof-of-concept implementation in a realistic cloud setting

Um sistema baseado na Teoria do Perigo para detectar ataques Jamming em Manets

Orientador : Prof. Dr. Aldri Luiz dos SantosCoorientadora : Profa. Dra. Michele Nogueira LimaDissertação (mestrado) - Universidade Federal do Paraná, Setor de Ciencias Exatas, Programa de Pós-Graduação em Informática. Defesa: Curitiba, 16/09/2011Bibliografia: fls. 77-87Resumo: As redes sem fio possibilitam a comunica¸c˜ao de dispositivos computacionais port'ateis, como celulares, notebooks, palmtops, entre outros. Um principal desafio 'a seguran¸ca das aplica¸c˜oes e servi¸cos dependentes das redes sem fio 'e a vulnerabilidade das comunica¸c˜oes aos ataques jamming. No escopo das redes sem fio, as redes m'oveis ad hoc (MANETs - Mobile Ad hoc Networks) permitem que os usu'arios tenham mobilidade e acessem as informa¸c˜oes de forma descentralizada empregando ondas eletromagn'eticas atrav'es do meio de transmiss˜ao sem fio. Para tentar garantir a existˆencia de uma MANET segura, robusta e confi'avel, 'e necess'ario desenvolver um sistema de detec¸c˜ao como contramedida inicial aos ataques jamming. Em face 'as limita¸c˜oes dos sistemas de detec¸c˜ao de ataques jamming existentes, este trabalho prop˜oe um sistema de detec¸c˜ao distribu'?do e flex'?vel contra ataques jamming em MANETs. O sistema de detec¸c˜ao proposto, denominado DANTE (do inglˆes, Detecting jAmming attacks by the daNger ThEory), tem como inspira¸c˜ao a teoria do perigo, a qual possui caracter'?sticas que inspiram o desenvolvimento de um sistema de detec¸c˜ao de ataques jamming nas MANETs, como a descentraliza¸c˜ao, a dinamicidade e a quantifica ¸c˜ao. O sistema DANTE 'e composto por uma arquitetura com trˆes m'odulos, denominados medi¸c˜oes e informa¸c˜oes, detec¸c˜ao bio-inspirada e resposta ao ataque jamming. O m'odulo de medi¸c˜oes e informa¸c˜oes calcula os valores das medi¸c˜oes estat'?sticas e coleta os dados provenientes da camada de enlace que sofreram interferˆencia. O m'odulo de detec ¸c˜ao bio-inspirada determina e quantifica os ataques na rede. O m'odulo de resposta ao ataque jamming toma uma a¸c˜ao apropriada de acordo com a quantifica¸c˜ao do ataque. Para avaliar o desempenho do sistema DANTE s˜ao empregados dois tipos diferentes de cen'arios. Os cen'arios s˜ao compostos por trˆes dispositivos, os quais dois deles s˜ao leg'?timos e um atua como o atacante. No primeiro cen'ario, os dispositivos s˜ao vizinhos entre si, j'a no segundo cen'ario, o dispositivo atacante 'e vizinho somente de um dispositivo leg'?timo. A fim de avaliar o sistema DANTE s˜ao empregadas as m'etricas de desempenho denominadas acur'acia e precis˜ao. Al'em disso, o sistema DANTE 'e comparado a um outro sistema de detec¸c˜ao de ataques jamming encontrado na literatura, denominado neste trabalho como CLADE. Os resultados de simula¸c˜ao mostram que o sistema DANTE possui um desempenho superior ao sistema CLADE. Al'em de obter a precis˜ao de 100% nos ataques jamming deceptivo e reativo, o sistema DANTE alcan¸cou os maiores resultados para a acur'acia nos ataques jamming deceptivo, aleat'orio e reativo.Abstract: Wireless networks make possible the communication between portable devices, such as cell phones, laptops, palmtops, among others. A main challenge to security of applications and services dependent of wireless networks is the communications vulnerability to jamming attacks. In wireless networks context, mobile ad hoc networks (MANETs) allow users to have mobility and access information in a decentralized way using electromagnetic waves to communicate by wireless medium. In order to assure the existence of a secure, robust and trustworthy MANET, it is necessary to develop a detection system against jamming attacks as initial countermeasure. In face of existing detection systems limitations, this work proposes a detection system against jamming attacks to MANETs. The detection system proposed, called DANTE (Detecting jAmming attacks by the daNger ThEory), has as inspiration danger theory, that is supported by the argumentation that immune system discerns between danger and absence of danger. DANTE system comprises an architecture with three modules, called informations and measures, bio-inspired detection and jamming response. Information and measurements module captures data from the link layer that suffered interference and calculates the values of statistical measures. Bio-inspired detection module identifies and quantifies the presence of jammers in a bio-inspired manner. The jamming response module takes an action, based on quantification, to mitigate the impact of jamming attack. The performance of DANTE system is evaluated using two different scenarios. They comprise three devices, in which two serve as sender and receiver, and one acts as the attacker. In the first scenario all devices are neighbors, and in the second one, the attacker is neighbor only of sender. Two performance metrics, called accuracy and precision, are used in order to evaluate DANTE system. Further, DANTE system is compared with another jamming detection system, called in this work as CLADE. Simulation results show that DANTE system reaches a superior performance than CLADE system. Besides DANTE system obtains a precision rate of 100% in deceptive and reactive jamming at tacks, it reaches higher values than CLADE system to accuracy rate in deceptive, random and reactive jamming attacks

Secure Connectivity Through Key Predistribution Under Jamming Attacks In Ad Hoc and Sensor Networks

Wireless ad hoc and sensor networks have received attention from research communities over the last several years. The ability to operate without a fixed infrastructure is suitable for a wide range of applications which in many cases require protection from security attacks. One of the first steps to provide security is to distribute cryptographic keys among nodes for bootstrapping security. The unique characteristics of ad hoc networks create a challenge in distributing keys among limited resource devices. In this dissertation we study the impact on secure connectivity achieved through key pre-distribution, of jamming attacks which form one of the easiest but efficient means for disruption of network connectivity. In response to jamming, networks can undertake different coping strategies (e.g., using power adaptation, spatial retreats, and directional antennas). Such coping techniques have impact in terms of the changing the initial secure connectivity created by secure links through key predistribution. The objective is to explore how whether predistribution techniques are robust enough for ad hoc/sensor networks that employ various techniques to cope with jamming attacks by taking into account challenges that arise with key predistribution when strategies for coping with jamming attacks are employed. In the first part of this dissertation we propose a hybrid key predistribution scheme that supports ad hoc/sensor networks that use mobility to cope with jamming attacks. In the presence of jamming attacks, this hybrid scheme provides high key connectivity while reducing the number of isolated nodes (after coping with jamming using spatial retreats). The hybrid scheme is a combination of random key predistribution and deployment-based key predistribution schemes that have complementary useful features for secure connectivity. In the second part we study performance of these key predistribution schemes under other jamming coping techniques namely power adaptation and directional antennas. We show that the combination of the hybrid key predistribution and coping techniques can help networks in maintaining secure connectivity even under jamming attacks