Securing Smart Grid In-Network Aggregation through False Data Detection

Existing prevention-based secure in-network data aggregation schemes for the smart grids cannot e ectively detect accidental errors and falsified data injected by malfunctioning or compromised meters. In this work, we develop a light-weight anomaly detector based on kernel density estimator to locate the smart meter from which the falsified data is injected. To reduce the overhead at the collector, we design a dynamic grouping scheme, which divides meters into multiple interconnected groups and distributes the verification and detection load among the root of the groups. To enable outlier detection at the root of the groups, we also design a novel data re-encryption scheme based on bilinear mapping so that data previously encrypted using the aggregation key is transformed in a form that can be recovered by the outlier detectors using a temporary re-encryption key. Therefore, our proposed detection scheme is compatible with existing in-network aggregation approaches based on additive homomorphic encryption. We analyze the security and eÿciency of our scheme in terms of storage, computation and communication overhead, and evaluate the performance of our outlier detector with experiments using real-world smart meter consumption data. The results show that the performance of the light-weight detector yield high precision and recall

Chameleon: a Blind Double Trapdoor Hash Function for Securing AMI Data Aggregation

Data aggregation is an integral part of Advanced Metering Infrastructure (AMI) deployment that is implemented by the concentrator. Data aggregation reduces the number of transmissions, thereby reducing communication costs and increasing the bandwidth utilization of AMI. However, the concentrator poses a great risk of being tampered with, leading to erroneous bills and possible consumer disputes. In this paper, we propose an end-to-end integrity protocol using elliptic curve based chameleon hashing to provide data integrity and authenticity. The concentrator generates and sends a chameleon hash value of the aggregated readings to the Meter Data Management System (MDMS) for verification, while the smart meter with the trapdoor key computes and sends a commitment value to the MDMS so that the resulting chameleon hash value calculated by the MDMS is equivalent to the previous hash value sent by the concentrator. By comparing the two hash values, the MDMS can validate the integrity and authenticity of the data sent by the concentrator. Compared with the discrete logarithm implementation, the ECC implementation reduces the computational cost of MDMS, concentrator and smart meter by approximately 36.8%, 80%, and 99% respectively. We also demonstrate the security soundness of our protocol through informal security analysis

Survey in Smart Grid and Smart Home Security: Issues, Challenges and Countermeasures

The electricity industry is now at the verge of a new era. An era that promises, through the evolution of the existing electrical grids to Smart Grids, more efficient and effective power management, better reliability, reduced production costs and more environmentally friendly energy generation. Numerous initiatives across the globe, led by both industry and academia, reflect the mounting interest around the enormous benefits but also the great risks introduced by this evolution. This paper focuses on issues related to the security of the Smart Grid and the Smart Home, which we present as an integral part of the Smart Grid. Based on several scenarios we aim to present some of the most representative threats to the Smart Home / Smart Grid environment. The threats detected are categorized according to specific security goals set for the Smart Home/Smart Grid environment and their impact on the overall system security is evaluated. A review of contemporary literature is then conducted with the aim of presenting promising security countermeasures with respect to the identified specific security goals for each presented scenario. An effort to shed light on open issues and future research directions concludes the paper

Security protocols suite for machine-to-machine systems

Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

Internet of Things for Sustainability: Perspectives in Privacy, Cybersecurity, and Future Trends

In the sustainability IoT, the cybersecurity risks to things, sensors, and monitoring systems are distinct from the conventional networking systems in many aspects. The interaction of sustainability IoT with the physical world phenomena (e.g., weather, climate, water, and oceans) is mostly not found in the modern information technology systems. Accordingly, actuation, the ability of these devices to make changes in real world based on sensing and monitoring, requires special consideration in terms of privacy and security. Moreover, the energy efficiency, safety, power, performance requirements of these device distinguish them from conventional computers systems. In this chapter, the cybersecurity approaches towards sustainability IoT are discussed in detail. The sustainability IoT risk categorization, risk mitigation goals, and implementation aspects are analyzed. The openness paradox and data dichotomy between privacy and sharing is analyzed. Accordingly, the IoT technology and security standard developments activities are highlighted. The perspectives on opportunities and challenges in IoT for sustainability are given. Finally, the chapter concludes with a discussion of sustainability IoT cybersecurity case studies