Neighborhood Watch: Security and Privacy Analysis of Automatic Meter Reading Systems Ishtiaq Rouf, Hossen Mustafa Rob Miller Marco Grutese Presented By.

Slides:

Advertisements

Similar presentations

INDIVIDUAL PROJECT BY R.KARTHIKMANOJ

Advertisements

I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.

1 Programa de Engenharia Elétrica - PEE/COPPE/UFRJ Universidade Federal do Rio de Janeiro A Review of Anomalies Detection Schemes for Smart Grids Andrés.

GRS: The Green, Reliability, and Security of Emerging Machine to Machine Communications Rongxing Lu, Xu Li, Xiaohui Liang, Xuemin (Sherman) Shen, and Xiaodong.

RF Circuit Design Chris Fuller /7/2012.

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Wireless Security David Wagner University of California, Berkeley.

Low Power Design for Wireless Sensor Networks Aki Happonen.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

Integrated Circuits Design for Applications in Communications Dr. Charles Surya Department of Electronic and Information Engineering DE636  6220

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Wireless Sensor Network Security Anuj Nagar CS 590.

RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.

IT-101 Section 001 Lecture #15 Introduction to Information Technology.

RF Wakeup Sensor – On-Demand Wakeup for Zero Idle Listening and Zero Sleep Delay.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore.

Advanced Metering Infrastructure

ENERGY INDUSTRY FUNDAMENTALS: MODULE 5, UNITS A & B: Emerging Technologies.

1 Department of Water and Power City of Los Angeles Automatic Meter Infrastructure Program Mariko Marianes and John Yu.

InterSwyft Technology presentation. Introduction InterSwyft brings secured encrypted transmission of SMS messages for internal and external devices such.

Authentication Approaches over Internet Jia Li

Mitigating DoS Attacks against Broadcast Authentication in Wireless Sensor Networks Peng Ning, An Liu North Carolina State University and Wenliang Du Syracuse.

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

ISEC0511 Programming for Information System Security

Future of Smart Metering Kansas Renewable Energy & Energy Efficiency Conference September 26, 2007.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Working with Mobile Computers Lesson 12. Skills Matrix Technology SkillObjective DomainObjective # Configuring Vista Wireless Networking Use the Network.

Smart Grid Security Challenges Ahmad Alqasim 1. Agenda Problem Statement Power system vs. smart grid Background Information Focus Point Privacy Attack.

An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

CONTENTS 1. Introduction 2. Smart Metering System 3. How does the system work? 4. Advantage of AMR system Electric company benefits.

Energy Management System Industrial Controls & Drives (India) Private Limited Chennai

An Analysis of Bluetooth Security

EMERGENCY VEHICLE ALERT SYSTEM ECE 495C Digital Systems Senior Design Project Proposal Team #3 Spring 2008 January 09, 2008.

1 Capstone Design Project Silent Alarm System Students: Su Huang & Fenghua Chen Advisor: Professor James Hedrick March 03, 2007.

CWSP Guide to Wireless Security Chapter 2 Wireless LAN Vulnerabilities.

Submitted By: A.Anjaneyulu INTRODUCTION Near Field Communication (NFC) is based on a short-range wireless connectivity, designed for.

Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson

Wireless Network Security Presented by: Prabhakaran Theertharaman.

Wi-Fi Technology. Agenda Introduction Introduction History History Wi-Fi Technologies Wi-Fi Technologies Wi-Fi Network Elements Wi-Fi Network Elements.

Senior Project – Electrical Engineering – 2005 Wireless Baby Monitor Nelson Rosario, Farida Siddiqi Advisors: Professor Ekram Hassib Professor Emad A.

A Dynamic Packet Stamping Methodology for DDoS Defense Project Presentation by Maitreya Natu, Kireeti Valicherla, Namratha Hundigopal CISC 859 University.

Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.

INDRIYA TECHNOLOGIES PRIVATE LIMITED BELEIVING IN A SMARTER AND GREENER WORLD.

Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”

Qinghan Xiao, Cam Boulet and Thomas Gibbons Second International Conference on Availability, Reliability and Security, 2007 Speaker : 黃韋綸 RFID Security.

Focus On Bluetooth Security Presented by Kanij Fatema Sharme.

Security in Wireless Sensor Networks by Toni Farley.

Bus Detection Device For The Passenger Using GPS And Gsm Application Student Name USN NO Guide Name H.O.D Name Name Of The College & Dept.

WAP vs. WEP Prof. Carlos Rodríguez Sánchez. WAP WAP Wireless Application Protocol a secure specification that allows users to access information instantly.

Wireless Networks Standards and Protocols & x Standards and x refers to a family of specifications developed by the IEEE for.

A Critical Analysis on the Security of IoTs

Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.

IS3220 Information Technology Infrastructure Security

Secure positioning in Wireless Networks Srdjan Capkun, Jean-Pierre Hubaux IEEE Journal on Selected area in Communication Jeon, Seung.

S V.MOUNICA 09551A0294.  To increase the distribution rate of present electric supply which is 70% to 100%.  Improving the supply to house holds without.

Wireless Communication Project Ideas for Engineering Students.

Wireless LAN Technology Chapter 13. Wireless LAN  Wireless LAN is one that make use of a wireless transmission medium.  Wireless LAN use infrared or.

Myongji University HMCL

Department of Electrical Engineering, National Taiwan University of Science and Technology EURASIP Journal on Wireless Communications and Networking.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

A Project by ABHISHEK N (1P909EC001) YASHAS B R (1PI09EC129) J CHETAN (1PI09EC051) Guided by Ms. ANNAPOORNA K Y DEPARTMENT OF ELECTRONICS AND COMMUNICATION.

Understand Wireless Security LESSON Security Fundamentals.

N-Guard: a Solution to Secure Access to NFC tags

Presentation transcript:

Neighborhood Watch: Security and Privacy Analysis of Automatic Meter Reading Systems Ishtiaq Rouf, Hossen Mustafa Rob Miller Marco Grutese Presented By Krishna Rawali Puppala Security and Privacy Analysis of AMR Systems

What is a Smart Meter?? Security and Privacy Analysis of AMR Systems

Benefits of having a Smart Meter No more manual readings. More accurate bills. Improves efficiency and reliability. Real time reports. And many more..... But is it SECURE ???? Security and Privacy Analysis of AMR Systems

Beware!! Smart Meters are tracking us Security and Privacy Analysis of AMR Systems

Recent Articles Security and Privacy Analysis of AMR Systems

Architecture AMR Meters Hasmetering engine & ERT(Encoder-Re -ceiver-Transmitter) AMR Readers Handheld devices Mobile collectors Fixed Network AMR - No manual walk Security and Privacy Analysis of AMR Systems

Communication Protocol Meters use simple modulation schemes- – OOK ( on-off Keying) or FSK ( Frequency Shift Keying) included with the Manchestor Encoding Scheme. Two types of Communication models- Wake-up Model  Two-way communication Reader sends an Activation signal to wake-up the meter. Bubble-up Model  One-way communication There is a meter reading broadcast for every 30s Security and Privacy Analysis of AMR Systems

Reverse Engineering to discover meter protocol  First step is to capture few transmissions from each meter.  Built a detection software to capture, replay and verify signals Security and Privacy Analysis of AMR Systems

AMR Transmission Packets Pilot Packet- A high priority control packet associated with the data packet Security and Privacy Analysis of AMR Systems

Reverse Engineering to discover meter protocol (cont) Decoding Packets Security and Privacy Analysis of AMR Systems

Security and Privacy Analysis of AMR Systems

Lessons Learned Reverse Engineering requires modest effort. - Anyone can reverse engineer with low cost and effort. No Encryption. - Anyone can eavesdrop on real time consumption packets. Battery drain attacks. - Wake-up meters transmit a packet as soon as they receive an activation signal Security and Privacy Analysis of AMR Systems

Packet Spoofing Spoofing a packet has become easier. Packet is spoofed with an arbitrary meter ID and reading. Observations- No Authentication. No Input Validation Security and Privacy Analysis of AMR Systems

Security and Privacy Analysis of AMR Systems

Neighborhood Monitoring Eavesdropping Range- – Tested two locations in a state: Rural and Urban Location Range Rural 150m Urban 70m Results- Attacker can able to sniff packets in any area without entering private property Security and Privacy Analysis of AMR Systems

Neighborhood Monitoring (con t) Boosted Eavesdropping Range How to boost the range at low cost? - Adding LNA ( Low Noise Amplifier). - LNA amplifies received signal strength. Increases eavesdropping range in the urban area from 70m to 300m Security and Privacy Analysis of AMR Systems

Security and Privacy Analysis of AMR Systems

Neighborhood Monitoring Number of Observed Meters Used two RF Sniffers – - Narrowband Sniffer 4 MHz - Wideband Sniffer 12.5MHz Meter w/o LNA w LNA Narrowband Wideband Security and Privacy Analysis of AMR Systems

Neigborhood Monitoring Packet Reception Rate – Received packets per hour (pph) – Larger pph maps to more frequent energy consumption and high level of information leakage Security and Privacy Analysis of AMR Systems

Even at a low packet reception rate, it is very easy to infer data of the residents Security and Privacy Analysis of AMR Systems

Inferring Household Events Visual Observation Mechanisms - on-board LCD display - infrared (IR) LED using cameras or IR photodiodes Security and Privacy Analysis of AMR Systems

Inferring Household Events Automated LCD Screen Monitoring For every consumption of Wh( Watt-hour), one of the dot toggles Tracks the toggles on a laptop and generates electricity trace Security and Privacy Analysis of AMR Systems

Inferring Household Evemts Infrared LED Monitoring – For every consumption of 1Wh, IR LED flashes. – Designed IR circuit to capture the IR flashes. – Once the diode detects the flash, the voltage becomes high Security and Privacy Analysis of AMR Systems

Experiments & Results Examined whether RF Sniffing can reveal sensitive information. Found that RF sniffing suffered from low granularity of data. Question: RF eavesdropping information sufficient to infer sensitive data? Ans: Conducted two experiments and found that both camera and IR based methods captured data with high granularity than RF Eavesdropping Security and Privacy Analysis of AMR Systems

Results Security and Privacy Analysis of AMR Systems

Defense Strategies Spoofing Defenses for Legacy Meters – Radio fingerprinting techniques. – Anomaly Detection. Cryptographic Mechanisms – Encrypting data packets using standard block encryption algorithms. – Requires upgrading of the meters. Jammer add-on – add-on device PPJ (Privacy Preserving Jammer). No upgradation Security and Privacy Analysis of AMR Systems

Privacy Preserving Jammer Deactivation Protocol Security and Privacy Analysis of AMR Systems

Conclusion AMR systems are vulnerable to spoofing attacks. Continuous broadcast of readings for every 30s risking millions of meters. Offered a security solution that the authors call PPJ. – No modification of current meters. – Prevents information leakage Security and Privacy Analysis of AMR Systems