Presentation is loading. Please wait.

Presentation is loading. Please wait.

Suhankar Mishra1, Thang N. Dinh2, My T. Thai1, and Incheol Shin3

Published byBrendan Simpson Modified over 6 years ago

Similar presentations

Presentation on theme: "Suhankar Mishra1, Thang N. Dinh2, My T. Thai1, and Incheol Shin3"— Presentation transcript:

1 Optimal Inspection Points for Malicious Attack Detection in Smart Grids
Suhankar Mishra1, Thang N. Dinh2, My T. Thai1, and Incheol Shin3 Dept. of Comp. & Inf. & Sci. & Eng., University of Florida, Gainesville, Florida, USA1 Dept. of Comp. Sci., Virginia Commonwealth University, Richmond, VA, USA2 Info. Security Dept., Mokpo National University Muan, Rep. of Korea3

2 Outline Motivation Optimal Inspection Points Problem
Single-path routings: FPTAS for trees Multiple-path routing: FPTAS for SP-graphs Discussion

3 Motivation Smart grids =
Old electricity network New communication Intelligence Automation SCADA (Distribution Supervisory Control and Data Acquisition) Transmits individual device status, distribution control commands, access logs, etc. Vulnerable to intercepting, tampering, and forging data

4 Motivation (cont.) Solution: Deep Packet Inspection (DPI) Challenges
Advanced Firewalls for SCADA/ICS Dig deeper into the protocols to understand the message content and apply more detailed rules Challenges Cannot be deployed at all points (e.g. economic reason) Cannot scanned all messages (limited capacity) Strict latency constraints Exp: 3ms for fault isolation and protection control messages (IEC 61850)

5 Optimal Inspection Points (OIP) Problem
𝛿 𝑢 : DPI delay 𝑚 𝑢 : Capacity 𝑟: center 𝑓(𝑢, 𝑣): Packet flow 𝑂: Intmd nodes S: terminal nodes

6 OIP Problem (cont.) Input: A directed acyclic graph 𝑮=(𝑽, 𝑬)
𝑽= 𝒓 ∪𝑶 ∪𝑺, where 𝑟: SCADA center. All packets are forwarded towards 𝑟 S: Terminal nodes that might send malicious packets. O: Set of intermediate nodes where DPI can be deployed 𝜹 𝒖 : Delay caused by employing DPI at 𝑢, ∀𝑢∈𝑂 𝒎 𝒖 : Capacity (#packets) of DPI scanner at 𝑢, ∀𝑢∈𝑂 𝜹 𝒎𝒂𝒙 : Maximum allowable delay for DPI at 𝑟 Flow 𝒇 𝒖, 𝒗 ≥0: traffic(#packets) 𝑢→𝑣, ∀ 𝑢, 𝑣 ∈𝐸 Problem: Find a subset of points 𝐷⊆𝑉 to deploy DPI Accumulating delay at 𝑟 for DPI ≤ 𝛿 𝑚𝑎𝑥 Maximize the #scanned packets

7 Complexity Theorem 1: OIP problem is NP-complete, even when the graph is a simple path.

8 Single-path vs. Multi-path routing
Single-path routing Multi-path routing (Single route, E.g. OSPF) (Different routes possible) #packets routed along (𝑢, 𝑣) is proportional to 𝑓(𝑢,𝑣) v u u

9 Single-path routing The graph is a tree rooted at 𝑟
There exists Fully Polynomial-Time Approximation Scheme

10 Single-path routing

11 Single-path: Dynamic Programming

12 Multi-path routing FPTAS for Series-Parallel graphs

13 Multi-path: FPTAS

14 Multi-path: FPTAS Series Operations Parallel Operations

15 Conclusions & Discussion
Introduce Optimal Inspection Points problem in Smart Grids and prove its NP-completeness. FPTAS for single-path routing FPTAS for multi-path routing in SP-graphs Approximation Algorithms for Multi-path routing in general graph

16 Thank you for your listening!
Questions & Answers Thank you for your listening!

Download ppt "Suhankar Mishra1, Thang N. Dinh2, My T. Thai1, and Incheol Shin3"

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Impact of Interference on Multi-hop Wireless Network Performance Kamal Jain, Jitu Padhye, Venkat Padmanabhan and Lili Qiu Microsoft Research Redmond.

Impact of Interference on Multi-hop Wireless Network Performance Kamal Jain, Jitu Padhye, Venkat Padmanabhan and Lili Qiu Microsoft Research Redmond.
The strength of routing Schemes. Main issues Eliminating the buzz: Are there real differences between forwarding schemes: OSPF vs. MPLS? Can we quantify.

The strength of routing Schemes. Main issues Eliminating the buzz: Are there real differences between forwarding schemes: OSPF vs. MPLS? Can we quantify.
Routing and Congestion Problems in General Networks Presented by Jun Zou CAS 744.

Routing and Congestion Problems in General Networks Presented by Jun Zou CAS 744.
Multicast in Wireless Mesh Network Xuan (William) Zhang Xun Shi.

Multicast in Wireless Mesh Network Xuan (William) Zhang Xun Shi.
Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.

Worm Origin Identification Using Random Moonwalks Yinglian Xie, V. Sekar, D. A. Maltz, M. K. Reiter, Hui Zhang 2005 IEEE Symposium on Security and Privacy.
Network Innovation using OpenFlow: A Survey

Network Innovation using OpenFlow: A Survey
Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.

Secure Multicast Xun Kang. Content Why need secure Multicast? Secure Group Communications Using Key Graphs Batch Update of Key Trees Reliable Group Rekeying.
Network Coding and Reliable Communications Group Network Coding for Multi-Resolution Multicast March 17, 2010 MinJi Kim, Daniel Lucani, Xiaomeng (Shirley)

Network Coding and Reliable Communications Group Network Coding for Multi-Resolution Multicast March 17, 2010 MinJi Kim, Daniel Lucani, Xiaomeng (Shirley)
Communication operations Efficient Parallel Algorithms COMP308.

Communication operations Efficient Parallel Algorithms COMP308.
Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly Designed by Yao Zhao.

Denial of Service Resilience in Ad Hoc Networks Imad Aad, Jean-Pierre Hubaux, and Edward W. Knightly Designed by Yao Zhao.
1 TDMA Scheduling in Competitive Wireless Networks Mario CagaljHai Zhan EPFL - I&C - LCA February 9, 2005.

1 TDMA Scheduling in Competitive Wireless Networks Mario CagaljHai Zhan EPFL - I&C - LCA February 9, 2005.
1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #5 Mobile Ad-Hoc Networks TBRPF.

1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #5 Mobile Ad-Hoc Networks TBRPF.
Deep Packet Inspection with Regular Expression Matching Min Chen, Danny Guo {michen, CSE Dept, UC Riverside 03/14/2007.

Deep Packet Inspection with Regular Expression Matching Min Chen, Danny Guo {michen, CSE Dept, UC Riverside 03/14/2007.
Power saving technique for multi-hop ad hoc wireless networks.

Power saving technique for multi-hop ad hoc wireless networks.
Connected Dominating Sets in Wireless Networks My T. Thai Dept of Comp & Info Sci & Engineering University of Florida June 20, 2006.

Connected Dominating Sets in Wireless Networks My T. Thai Dept of Comp & Info Sci & Engineering University of Florida June 20, 2006.
Critical Information Infrastructure Protection: Urgent vs. Important Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security.

Critical Information Infrastructure Protection: Urgent vs. Important Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security.
IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS 2007 (TPDS 2007)

IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS 2007 (TPDS 2007)
L13. Shortest path routing D. Moltchanov, TUT, Spring 2008 D. Moltchanov, TUT, Spring 2014.

L13. Shortest path routing D. Moltchanov, TUT, Spring 2008 D. Moltchanov, TUT, Spring 2014.
MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

MOBILE AD-HOC NETWORK(MANET) SECURITY VAMSI KRISHNA KANURI NAGA SWETHA DASARI RESHMA ARAVAPALLI.

Similar presentations

Ads by Google