Presentation is loading. Please wait.

Presentation is loading. Please wait.

Optical Networks & Smart Grid Lab.

Published byAnne-Mari Jaakkola Modified over 5 years ago

Similar presentations

Presentation on theme: "Optical Networks & Smart Grid Lab."— Presentation transcript:

1 Optical Networks & Smart Grid Lab.
Moving Target Defense Intrusion Detection System for IPv6 Based Advanced Metering Infrastructure Brycent Chatfield & Rami Haddad Department of Electrical Engineering Georgia Southern University

2 Outline Brief overview of smart grids Focus of study
Moving Target Defense Intrusion Detection System algorithm Experimental overview & results Conclusion

3 What is a Smart Grid? A system which includes a variety of operational and energy measures including smart meters, smart appliances, renewable energy resources, and energy efficiency resources. Integrates high speed two-way communication technologies Current traditional grid features one-way communication

4 HAN, NAN, & WAN

5 Need for Smart Grid Current power grid is reaching its limitation
Development of traditional power grid not keeping pace with industrial and social advancements Energy demands increased approximately three times within 60 year period Brings about challenge of using energy efficiently

6 Vulnerabilities Increased connectivity brings about vulnerabilities within smart grid Consequences: Blackouts Access to personal information and energy usage Manipulation of pricing Ease of delaying, blocking, or corruption communications (DoS) Much larger attack surface

7 Focus of Study Implementation of Moving Target Defense Intrusion Detection System (MTDIDS) Moving Target Attacks New era attack vectors Changeable attack characteristics Renders conventional signature based approaches useless Anomaly detection algorithm Entropy based approach Random routing protocol Planar Keys

8 MTDIDS Overview Three Training Phases Detection Phase
Phase 1: Random Routing Table Generation Phase 2: Parity Packet Rate Selection Phase 3: Planar Key Development Detection Phase Planar Signature Analysis Coordinator node/server Utilizes IPv6 Address Space Session validation timeframe

9 Phase 1: Random Routing Table
Packet Analysis Length Parameter Determines size of routing table Randomly generated number (i.e. PAL = 1024) Each packet provided random IP and Port Packet Trajectory Number of IPs and Ports determined by utility company Rolling Window i.e. Transmission begins where last packet left off

10 Phase 1: Random Routing Table
Packet Number IPv6 Address Port Assignment 1 Rand(IP) Rand(Port) 2 3 . Packet Analysis Length

11 Phase 2: Parity Packet Rate Selection
Packets appended with security bits Parity Rate Randomly generated number Constitutes increment in which parity packets are selected i.e. PR = 3 Purpose Second dimension of security Allows detection if intruder has accessed routing table

12 Phase 3: Planar Key Development
Secure delivery of routing table & parity information to nodes Planar Key Creation Packet, IP, & Port used as coordinates (Packet Number,IP,Port) Generates signature plane for each IP Likewise, planar key developed for parity packets Valid for allotted session time

13 Phase 3: Planar Key Development
Packet Planar Key Coordinate 1 Packet 1, Rand(IP), Rand(Port) 2 Packet 2, Rand(IP), Rand(Port) 3 Packet 3, Rand(IP), Rand(Port) 4 Packet 4, Rand(IP), Rand(Port) N Packet N, Rand(IP), Rand(Port)

14 Detection: Planar Signature Analysis
|E(Packet,IP,Port) – O(Packet,Port,IP)| = 0 Incoming packets analyzed according to packet analysis length Packets mapped: O(Packet,IP,Port) Compared to planar key: E(Packet,IP,Port) Network Conditions Normal: Singularity exists at origin Compromised: Difference planes will populate

15 Normal Traffic Conditions

16 MTDIDS Experimental Overview
MATLAB used to establish TCP/IP connection Node A and B wish to communicate Session 1 valid for 10 minute interval Packet Analysis Length: 25,000 Parity Rate: 3 Number of IPs: 5 Number of Ports: 65536

17 MTDIDS Address Selection
# IPv6 Address Selection 1 2001:0db8:3c4d:0015:5e39:bfc9:99b2:3ef7 2 2001:0db8:3c4d:0015:dab7:4ea2:d754:9943 3 2001:0db8:3c4d:0015:52f7:2912:96c9:e095 4 2001:0db8:3c4d:0015:d1a3:aaa8:99db:6ee8 5 2001:0db8:3c4d:0015:6185:8bac:2931:ab5e

18 Planar Key Development

19 Malicious Objective Objective: Malicious node attempts to mimic network traffic to crack planar key. Information known to attacker by means of reconnaissance: IPs used Number of ports Packet analysis length

20 MTDIDS Results

21 Conclusion MTDIDS proposed for new era attack detection
Creates dynamic attack surface Significantly decreases profitability of exploits Variable Parameters Packet Analysis Length Parity Rate Number of IPs Number of Ports Session Time Attack detection 4.29 times faster when implemented with solid state technology

22 Questions

Download ppt "Optical Networks & Smart Grid Lab."

Similar presentations

Applications of Wireless Sensor Networks in Smart Grid Presented by Zhongming Zheng.

Applications of Wireless Sensor Networks in Smart Grid Presented by Zhongming Zheng.
A Transmission Control Scheme for Media Access in Sensor Networks 2006. 9. 28 Lee, dooyoung AN lab A.Woo, D.E. Culler Mobicom’01.

A Transmission Control Scheme for Media Access in Sensor Networks Lee, dooyoung AN lab A.Woo, D.E. Culler Mobicom’01.
An Assessment of Mobile Ad-Hoc Network (MANET) Issues Jerry Usery CS 526 May 12 th, 2008.

An Assessment of Mobile Ad-Hoc Network (MANET) Issues Jerry Usery CS 526 May 12 th, 2008.
Common IS Threat Mitigation Strategies An overview of common detection and protection technologies Max Caceres CORE Security Technologies www.coresecurity.com.

Common IS Threat Mitigation Strategies An overview of common detection and protection technologies Max Caceres CORE Security Technologies
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
1 CCNA 2 v3.1 Module 10. 2 Intermediate TCP/IP CCNA 2 Module 10.

1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.
A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,

A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,
Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)

Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)
Future of Smart Metering Kansas Renewable Energy & Energy Efficiency Conference September 26, 2007.

Future of Smart Metering Kansas Renewable Energy & Energy Efficiency Conference September 26, 2007.
Event Stream Processing for Intrusion Detection in ZigBee Home Area Networks Sandra Pogarcic, Samujjwal Bhandari, Kedar Hippalgaonkar, and Susan Urban.

Event Stream Processing for Intrusion Detection in ZigBee Home Area Networks Sandra Pogarcic, Samujjwal Bhandari, Kedar Hippalgaonkar, and Susan Urban.
Network Intrusion Detection Using Random Forests Jiong Zhang Mohammad Zulkernine School of Computing Queen's University Kingston, Ontario, Canada.

Network Intrusion Detection Using Random Forests Jiong Zhang Mohammad Zulkernine School of Computing Queen's University Kingston, Ontario, Canada.
Layered Approach using Conditional Random Fields For Intrusion Detection.

Layered Approach using Conditional Random Fields For Intrusion Detection.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Intrusion Prevention System. Module Objectives By the end of this module, participants will be able to: Use the FortiGate Intrusion Prevention System.

Intrusion Prevention System. Module Objectives By the end of this module, participants will be able to: Use the FortiGate Intrusion Prevention System.
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen

1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
Agenda Review route summarization Cisco acquire Sourcefire Review Final Exam.

Agenda Review route summarization Cisco acquire Sourcefire Review Final Exam.
2008/2/191 Customizing a Geographical Routing Protocol for Wireless Sensor Networks Proceedings of the 2005 11th International Conference on Information.

2008/2/191 Customizing a Geographical Routing Protocol for Wireless Sensor Networks Proceedings of the th International Conference on Information.
IEEE Communications Surveys & Tutorials 1st Quarter 2008.

IEEE Communications Surveys & Tutorials 1st Quarter 2008.
Cisco 3 - Switching Perrine. J Page 16/4/2016 Chapter 4 Switches The performance of shared-medium Ethernet is affected by several factors: data frame broadcast.

Cisco 3 - Switching Perrine. J Page 16/4/2016 Chapter 4 Switches The performance of shared-medium Ethernet is affected by several factors: data frame broadcast.
Intrusion Detection Systems. 1980-Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.

Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.

Similar presentations

Ads by Google