Presentation is loading. Please wait.

Presentation is loading. Please wait.

David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.

Published byWillie Ladd Modified over 9 years ago

Similar presentations

Presentation on theme: "David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just."— Presentation transcript:

1 David Grochocki et al

2  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just a click away

3 Survey Various Threats Identify Common Attack Techniques Decompose the data to form a Attack Tree Identify the required information which would detech the attacks Model an IDS

4

5  Communication between NAN and Gateway (DCU) – Mostly 802.15.4 or sometimes 802.11  Communication between Gateway (DCU) and Utility company – 3G, Edge, WiMax.  NAN Mesh offers reliability and robustness  But.,  Complicates Security Monitoring Solution  Few smart meter vendors distribute meters which can report to the utility company directly through user’s home internet.

6  Access to a communication infrastructure other than Internet  Access to millions of low computation devices  Access to sensitive customer information  High visibility and Impact  Financial Value of Consumption data

7  5 Attack motivations  30 Unique attack techniques  Relevant ones to AMI are alone considered

8 Survey Various Threats Identify Common Attack Techniques Decompose the data to form a Attack Tree Identify the required information which would detech the attacks Model an IDS

9  DDoS attack  Stealing Customer Information  Remote Disconnection

10  Why?  Results in data outage for many Meters  How?  Install malware on meter or remote network exploit  Co-ordinate DDoS among compromised meters  Flood DCU with large packets

11  Why?  Eavesdropping, Social Engineering  How?  Stealing encryption keys of the smart meter by physically tampering or bruteforcing the cryptosystem  Capture AMI traffic  Decrypt to obtain clear text information

12  Why?  Distrupt Business, Inflict loss  How?  Installing malware on the DCU through physical tampering or by exploiting a network vulnerability  Identify the meters with corresponding address information  Use that information to disconnect targeted users

13

14 Survey Various Threats Identify Common Attack Techniques Decompose the data to form a Attack Tree Identify the required information which would detech the attacks Model an IDS

15  System Information  CPU Usage, Battery Level, Firmware Intergrity, Clock Synchronisation  Network Information  NAN Collision rate, Packet loss  Policy Information  Authorized AMI devices, Authorized Updates, Address Mappings, Authorized services

16

17 Survey Various Threats Identify Common Attack Techniques Decompose the data to form a Attack Tree Identify the required information which would detech the attacks Model an IDS

18  Centralized IDS Model Utility Company IDS DCU

19  Can detect attacks against Utility network  But, will miss attacks against smart meters

20 DCU Meter + IDS Meter Meter + IDS

21  Will have access to meter specific information  But.,  Attacks on DCU cannot be detected  Functioning both as a meter and IDS can be resource intensive  Keys of all other meters have to be stored in Meter + IDS devices to inspect data  Not a good idea to store some one’s decryption key on some one else’s meter

22 DCU Meter IDS Meter IDS

23  More processing power  Less number of IDS sensors required  So less number of places where keys are stored  But still, Attacks on DCU are not detected

24 DCU Meter IDS Meter IDS Utility Company IDS

25  Either Centralized + Embedded or Centralized + Dedicated sensors  Can detect both attacks at both (DCS and NAN) ends

26  According to the architecure discussed in this paper, DCU is the device which is more likely to have a Public IP address  Smart meter vendors or third parties may soon start integrating 802.11 or GSM/3G into smart meters  But, why?

27

28  Banner Grabbing!  SHODAN – Exponse Online Devices  Ipv4 computer search engine  Webcams, Routers, Power Plants, iPhones, Wind Turbines, Refrigerators, VoIP Phones

29

30

31

32

Download ppt "David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just."

Similar presentations

EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU 12-2011.

EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU
 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.

Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Xanthus Consulting International Smart Grid Cyber Security: Support from Power System SCADA and EMS Frances Cleveland

Xanthus Consulting International Smart Grid Cyber Security: Support from Power System SCADA and EMS Frances Cleveland
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:

Chapter 10: Data Centre and Network Security Proxies and Gateways * Firewalls * Virtual Private Network (VPN) * Security issues * * * * Objectives:
CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,

CERT ® System and Network Security Practices Presented by Julia H. Allen at the NCISSE 2001: 5th National Colloquium for Information Systems Security Education,
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.

FIT5037 Advanced Network Security --- Modern Computing and Security --- Lecture 1.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.

Presented by C.SARITHA ( 07R91A0568) INTRUSION DETECTION SYSYTEM.
1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.

1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.

Similar presentations

Ads by Google