Optical Networks & Smart Grid Lab.

Slides:



Advertisements
Similar presentations
Applications of Wireless Sensor Networks in Smart Grid Presented by Zhongming Zheng.
Advertisements

A Transmission Control Scheme for Media Access in Sensor Networks Lee, dooyoung AN lab A.Woo, D.E. Culler Mobicom’01.
An Assessment of Mobile Ad-Hoc Network (MANET) Issues Jerry Usery CS 526 May 12 th, 2008.
Common IS Threat Mitigation Strategies An overview of common detection and protection technologies Max Caceres CORE Security Technologies
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
1 CCNA 2 v3.1 Module Intermediate TCP/IP CCNA 2 Module 10.
A Virtual Environment for Investigating Counter Measures for MITM Attacks on Home Area Networks Lionel Morgan 1, Sindhuri Juturu 2, Justin Talavera 3,
Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)
Future of Smart Metering Kansas Renewable Energy & Energy Efficiency Conference September 26, 2007.
Event Stream Processing for Intrusion Detection in ZigBee Home Area Networks Sandra Pogarcic, Samujjwal Bhandari, Kedar Hippalgaonkar, and Susan Urban.
Network Intrusion Detection Using Random Forests Jiong Zhang Mohammad Zulkernine School of Computing Queen's University Kingston, Ontario, Canada.
Layered Approach using Conditional Random Fields For Intrusion Detection.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.
Intrusion Prevention System. Module Objectives By the end of this module, participants will be able to: Use the FortiGate Intrusion Prevention System.
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
Agenda Review route summarization Cisco acquire Sourcefire Review Final Exam.
2008/2/191 Customizing a Geographical Routing Protocol for Wireless Sensor Networks Proceedings of the th International Conference on Information.
IEEE Communications Surveys & Tutorials 1st Quarter 2008.
Cisco 3 - Switching Perrine. J Page 16/4/2016 Chapter 4 Switches The performance of shared-medium Ethernet is affected by several factors: data frame broadcast.
Intrusion Detection Systems Paper written detailing importance of audit data in detecting misuse + user behavior 1984-SRI int’l develop method of.
Mobile IPv6 and Firewalls: Problem Statement Speaker: Jong-Ru Lin
Selective Packet Inspection to Detect DoS Flooding Using Software Defined Networking Author : Tommy Chin Jr., Xenia Mountrouidou, Xiangyang Li and Kaiqi.
Security System for KOREN/APII-Testbed
IP Addressing.
© 2002, Cisco Systems, Inc. All rights reserved..
Cyber Security in Smart Grids BY ADITYA KANDULA DEVASIA THOMAS.
25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.
Ethernet Packet Filtering – Part 2 Øyvind Holmeide 10/28/2014 by.
Published: USENIX HotBots, 2007 Presented: Wei-Cheng Xiao 2016/10/11.
Reporter: Hung-Wei Liu Advisor: Tsung-Hung Lin 1.
Application Layer Functionality and Protocols Abdul Hadi Alaidi
IBM Tivoli Provisioning Manager IPv6 Enablement
CompTIA Security+ Study Guide (SY0-401)
Snort – IDS / IPS.
TAODV: A Trusted AODV Routing Protocol for MANET
Re-evaluating the WPA2 Security Protocol
Port Connection Status
AppleTalk and Networking
Distributed Network Traffic Feature Extraction for a Real-time IDS
Network Security.
Transport Layer.
draft-baker-opsawg-firewalls
Planning the Addressing Structure
Understand the OSI Model Part 2
System Control based Renewable Energy Resources in Smart Grid Consumer
IS3120 Network Communications Infrastructure
EE5900: Cyber-Physical Systems
Optical Networks & Smart Grid Lab
Net 323: NETWORK Protocols
CompTIA Security+ Study Guide (SY0-401)
Sahar Rahim MS-Electrical Engineering Supervisor: Dr. Nadeem Javaid
Network Security: IP Spoofing and Firewall
Mrityunjai Tiwari, Sukumara T, Sasi SR Kumar /Presented to CIGRE Colloquium, Mysore, Adaptability of Wireless Sensor Network for Integrating.
Network Intrusion Detection Using GA
Leach routing protocol in WSN
Network Devices Hub Definition:
Localized Scheduling for End-to-End Delay
Optical Networks & Smart Grid Lab.
CORE Security Technologies
Intrusion Prevention Systems
Leach routing protocol in WSN
Advanced Computer Networks
Lesson 8: Configuring IP Settings MOAC : Configuring Windows Devices.
Lecture 2: Overview of TCP/IP protocol
Reducing Total Network Power Consumption
Identifying Slow HTTP DoS/DDoS Attacks against Web Servers DEPARTMENT ANDDepartment of Computer Science & Information SPECIALIZATIONTechnology, University.
EEC4113 Data Communication & Multimedia System Chapter 1: Introduction by Muhazam Mustapha, July 2010.
Autonomous Network Alerting Systems and Programmable Networks
Network Security Mark Creighton GBA 576 6/4/2019.
Wen-Long Chin, Wan Li, and Hsiao-Hwa Chen
Presentation transcript:

Optical Networks & Smart Grid Lab. Moving Target Defense Intrusion Detection System for IPv6 Based Advanced Metering Infrastructure Brycent Chatfield & Rami Haddad Department of Electrical Engineering Georgia Southern University

Outline Brief overview of smart grids Focus of study Moving Target Defense Intrusion Detection System algorithm Experimental overview & results Conclusion

What is a Smart Grid? A system which includes a variety of operational and energy measures including smart meters, smart appliances, renewable energy resources, and energy efficiency resources. Integrates high speed two-way communication technologies Current traditional grid features one-way communication

HAN, NAN, & WAN

Need for Smart Grid Current power grid is reaching its limitation Development of traditional power grid not keeping pace with industrial and social advancements Energy demands increased approximately three times within 60 year period Brings about challenge of using energy efficiently

Vulnerabilities Increased connectivity brings about vulnerabilities within smart grid Consequences: Blackouts Access to personal information and energy usage Manipulation of pricing Ease of delaying, blocking, or corruption communications (DoS) Much larger attack surface

Focus of Study Implementation of Moving Target Defense Intrusion Detection System (MTDIDS) Moving Target Attacks New era attack vectors Changeable attack characteristics Renders conventional signature based approaches useless Anomaly detection algorithm Entropy based approach Random routing protocol Planar Keys

MTDIDS Overview Three Training Phases Detection Phase Phase 1: Random Routing Table Generation Phase 2: Parity Packet Rate Selection Phase 3: Planar Key Development Detection Phase Planar Signature Analysis Coordinator node/server Utilizes IPv6 Address Space Session validation timeframe

Phase 1: Random Routing Table Packet Analysis Length Parameter Determines size of routing table Randomly generated number (i.e. PAL = 1024) Each packet provided random IP and Port Packet Trajectory Number of IPs and Ports determined by utility company Rolling Window i.e. Transmission begins where last packet left off

Phase 1: Random Routing Table Packet Number IPv6 Address Port Assignment 1 Rand(IP) Rand(Port) 2 3 . Packet Analysis Length

Phase 2: Parity Packet Rate Selection Packets appended with security bits Parity Rate Randomly generated number Constitutes increment in which parity packets are selected i.e. PR = 3 Purpose Second dimension of security Allows detection if intruder has accessed routing table

Phase 3: Planar Key Development Secure delivery of routing table & parity information to nodes Planar Key Creation Packet, IP, & Port used as coordinates (Packet Number,IP,Port) Generates signature plane for each IP Likewise, planar key developed for parity packets Valid for allotted session time

Phase 3: Planar Key Development Packet Planar Key Coordinate 1 Packet 1, Rand(IP), Rand(Port) 2 Packet 2, Rand(IP), Rand(Port) 3 Packet 3, Rand(IP), Rand(Port) 4 Packet 4, Rand(IP), Rand(Port) N Packet N, Rand(IP), Rand(Port)

Detection: Planar Signature Analysis |E(Packet,IP,Port) – O(Packet,Port,IP)| = 0 Incoming packets analyzed according to packet analysis length Packets mapped: O(Packet,IP,Port) Compared to planar key: E(Packet,IP,Port) Network Conditions Normal: Singularity exists at origin Compromised: Difference planes will populate

Normal Traffic Conditions

MTDIDS Experimental Overview MATLAB used to establish TCP/IP connection Node A and B wish to communicate Session 1 valid for 10 minute interval Packet Analysis Length: 25,000 Parity Rate: 3 Number of IPs: 5 Number of Ports: 65536

MTDIDS Address Selection # IPv6 Address Selection 1 2001:0db8:3c4d:0015:5e39:bfc9:99b2:3ef7 2 2001:0db8:3c4d:0015:dab7:4ea2:d754:9943 3 2001:0db8:3c4d:0015:52f7:2912:96c9:e095 4 2001:0db8:3c4d:0015:d1a3:aaa8:99db:6ee8 5 2001:0db8:3c4d:0015:6185:8bac:2931:ab5e

Planar Key Development

Malicious Objective Objective: Malicious node attempts to mimic network traffic to crack planar key. Information known to attacker by means of reconnaissance: IPs used Number of ports Packet analysis length

MTDIDS Results

Conclusion MTDIDS proposed for new era attack detection Creates dynamic attack surface Significantly decreases profitability of exploits Variable Parameters Packet Analysis Length Parity Rate Number of IPs Number of Ports Session Time Attack detection 4.29 times faster when implemented with solid state technology

Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.