Intrusion Detection of Flooding DoS Attacks on Emulated Smart Meters

Akbar, Yousef M. A. H.

11 May 2020

The power grid has changed a great deal from what has been generally viewed as a traditional power grid. The modernization of the power grid has seen an increase in the integration and incorporation of computing and communication elements, creating an interdependence of both physical and cyber assets of the power grid. The fast-increasing connectivity has transformed the grid from what used to be primarily a physical system into a Cyber- Physical System (CPS). The physical elements within a power grid are well understood by power engineers; however, the newly deployed cyber aspects are new to most researchers and operators in this field. The new computing and communications structure brings new vulnerabilities along with all the benefits it provides. Cyber security of the power grid is critical due to the potential impact it can make on the community or society that relies on the critical infrastructure. These vulnerabilities have already been exploited in the attack on the Ukrainian power grid, a highly sophisticated, multi-layered attack which caused large power outages for numerous customers. There is an urgent need to understand the cyber aspects of the modernized power grid and take the necessary precautions such that the security of the CPS can be better achieved. The power grid is dependent on two main cyber infrastructures, i.e., Supervisory Control And Data Acquisition (SCADA) and Advanced Metering Infrastructure (AMI). This thesis investigates the AMI in power grids by developing a testbed environment that can be created and used to better understand and develop security strategies to remove the vulnerabilities that exist within it. The testbed is to be used to conduct and implement security strategies, i.e., an Intrusion Detections Systems (IDS), creating an emulated environment to best resemble the environment of the AMI system. A DoS flooding attack and an IDS are implemented on the emulated testbed to show the effectiveness and validate the performance of the emulated testbed. / M.S. / The power grid is becoming more digitized and is utilizing information and communication technologies more, hence the smart grid. New systems are developed and utilized in the modernized power grid that directly relies on new communication networks. The power grid is becoming more efficient and more effective due to these developments, however, there are some considerations to be made as for the security of the power grid. An important expectation of the power grid is the reliability of power delivery to its customers. New information and communication technology integration brings rise to new cyber vulnerabilities that can inhibit the functionality of the power grid. A coordinated cyber-attack was conducted against the Ukrainian power grid in 2015 that targeted the cyber vulnerabilities of the system. The attackers made sure that the grid operators were unable to observe their system being attacked via Denial of Service attacks. Smart meters are the digitized equivalent of a traditional energy meter, it wirelessly communicates with the grid operators. An increase in deployment of these smart meters makes it such that we are more dependent on them and hence creating a new vulnerability for an attack. The smart meter integration into the power grid needs to be studied and carefully considered for the prevention of attacks. A testbed is created using devices that emulate the smart meters and a network is established between the devices. The network was attacked with a Denial of Service attack to validate the testbed performance, and an Intrusion detection method was developed and applied onto the testbed to prove that the testbed created can be used to study and develop methods to cover the vulnerabilities present.

Denial of Service (DoS)

Advanced Metering Infrastructure (AMI)

Wireless Mesh Network (WMN)

Cyber-Physical System (CPS)

Power Grid

Cyber Security of Smart Meters

New opportunities provided by the Swedish electricity meter reform

Wallin, Fredrik

January 2010

The reduction of the impact of energy consumption is a priority issue and a major challenge that concerns every country in the world. This is a complex task that needs to be tackled from several angles in the search for areas where optimizations and savings can be made. In Sweden an electricity meter reading reform was fully implemented by 1st July 2009, including 5.2 million customers, and this created new set of circumstances in the Swedish electricity market. The main purpose of this thesis work has been to investigate the possibilities of increasing the use of remote meter readings. Two research questions have been: “How can the electricity market benefit from remote collected meter readings?” and “Where do barriers appear when utilizing meter readings?”. The work started in 2000/2001 to study Internet based applications that visualize electricity consumption patterns. Over these years the daily internet users have increased from approximately 40 % to 73 % and new markets for web-based applications have evolved. These solutions can be important in the forthcoming years as energy portals that hold new energy services. Experiences from new installations indicate that at least interested customers do submit information concerning building and household properties through internet. Still, it is challenging to enable the majority of customers to take part in these new solutions. It may therefore be important to remind customers on a regular basis in order maintain the frequency using the application and to make it habitual. Further the introduction of demand-based pricing allows electricity distribution utilities to achieve a stronger correlation between peak loads in the distribution network area and their revenues.

automatic meter reading (AMR)

advanced metering infrastructure (AMI)

peak load

consumption patterns

visualize

consumption feed-back

added values

demand-based

tariffs

bottom-up modeling

web-based applications

TECHNOLOGY

TEKNIKVETENSKAP