AVQS: Attack Route-Based Vulnerability Quantification Scheme for Smart Grid

A smart grid is a large, consolidated electrical grid system that includes heterogeneous networks and systems. Based on the data, a smart grid system has a potential security threat in its network connectivity. To solve this problem, we develop and apply a novel scheme to measure the vulnerability in a smart grid domain. Vulnerability quantification can be the first step in security analysis because it can help prioritize the security problems. However, existing vulnerability quantification schemes are not suitable for smart grid because they do not consider network vulnerabilities. We propose a novel attack route-based vulnerability quantification scheme using a network vulnerability score and an end-to-end security score, depending on the specific smart grid network environment to calculate the vulnerability score for a particular attack route. To evaluate the proposed approach, we derive several attack scenarios from the advanced metering infrastructure domain. The experimental results of the proposed approach and the existing common vulnerability scoring system clearly show that we need to consider network connectivity for more optimized vulnerability quantification

Monitoring Agent for Detecting Malicious Packet Drops for Wireless Sensor Networks in the Microgrid and Grid-Enabled Vehicles

Of the range of wireless communication technologies, wireless sensor networks (WSN) will be one of the most appropriate technologies for the Microgrid and Grid-enabled Vehicles in the Smartgrid. To ensure the security of WSN, the detection of attacks is more efficient than their prevention because of the lack of computing power. Malicious packet drops are the easiest means of attacking WSNs. Thus, the sensors used for constructing a WSN require a packet drop monitoring agent, such as Watchdog. However, Watchdog has a partial drop problem such that an attacker can manipulate the packet dropping rate below the minimum misbehaviour monitoring threshold. Furthermore, Watchdog does not consider real traffic situations, such as congestion and collision, and so it has no way of recognizing whether a packet drop is due to a real attack or network congestion. In this paper, we propose a malicious packet drop monitoring agent, which considers traffic conditions. We used the actual traffic volume on neighbouring nodes and the drop rate while monitoring a sending node for specific period. It is more effective in real network scenarios because unlike Watchdog it considers the actual traffic, which only uses the Pathrater. Moreover, our proposed method does not require authentication, packet encryption or detection packets. Thus, there is a lower likelihood of detection failure due to packet spoofing, Man-In-the Middle attacks or Wormhole attacks. To test the suitability of our proposed concept for a series of network scenarios, we divided the simulations into three types: one attack node, more than one attack nodes and no attack nodes. The results of the simulations meet our expectations