Short-term risk assessment of botnet attacks on advanced metering infrastructure

Kallisthenis I. Sgouras; Avraam N. Kyriakidis; Dimitris P. Labridis

Short-term risk assessment of botnet attacks on advanced metering infrastructure

View Fulltext

Author(s): Kallisthenis I. Sgouras¹ ; Avraam N. Kyriakidis¹ ; Dimitris P. Labridis¹
- Affiliations: 1: Department of Electrical and Computer Engineering , Aristotle University of Thessaloniki , 541 24 Thessaloniki , Greece
Source: Volume 2, Issue 3, October 2017, p. 143 – 151
DOI: 10.1049/iet-cps.2017.0047 , Online ISSN 2398-3396

This is an open access article published by the IET under the Creative Commons Attribution License (http://creativecommons.org/licenses/by/3.0/)

Received 16/03/2017, Accepted 17/07/2017, Revised 07/06/2017, Published 24/07/2017

An ongoing evolution of the power grids into more intelligent and sophisticated ones has been taking place since the beginning of the 21st century. The underlying objective of the power systems is to deliver electrical energy with high-security standards, i.e. to supply power to the consumers uninterruptedly. However, the integration of information technology into the smart grid introduces new vulnerabilities related to cyber-security which the authors should address extensively. This study discusses the impact of coordinated cyber-attacks on the advanced metering infrastructure. In this work, emulations of distributed denial-of-service attacks in a closed testbed environment using a topology of smart meters that participate in an electricity market are being performed. This study proposes a method to evaluate the impact on the reliability of such attacks. The results demonstrate that the proposed method can serve as a tool for the evaluation of the short-term risk of botnet attacks during load shifting in smart distribution networks.

References

1. 1)
  - 19. Yan, Y., Qian, Y., Sharif, H.: ‘A secure and reliable in-network collaborative communication scheme for advanced metering infrastructure in smart grid’. Proc. Wireless Communications Networking Conf., Cancún, Mexico, March 2011, pp. 909–914, doi: 10.1109/WCNC.2011.5779257.
2. 2)
  - 1. NERC: ‘Grid security exercise 2015 (GridEx III) public report’ (NERC, 2015), pp. 1–23.
3. 3)
  - 13. Kang, B., Maynard, P., McLaughlin, K., et al: ‘Investigating cyber-physical attacks against IEC 61850 photovoltaic inverter installations’. Proc. 20th Conf. Emerging Technologies Factory Automation, Luxembourg City, Luxembourg, September 2015, pp. 1–8, doi: 10.1109/ETFA.2015.7301457.
4. 4)
  - 47. Allan, R.N., Billinton, R., Sjarief, I., et al: ‘A reliability test system for educational purposes-basic distribution system data and results’, IEEE Trans. Power Syst., 1991, 6, (2), pp. 813–820, doi: 10.1109/59.76730.
5. 5)
  - 22. Yu, K., Arifuzzaman, M., Wen, Z., et al: ‘A key management scheme for secure communications of information centric advanced metering infrastructure in smart grid’. Proc. Int. Conf. Power System Technology (POWERCON 2014), Chengdu, China, October 2014, pp. 2019–2024, doi: 10.1109/TIM.2015.2444238.
6. 6)
  - 4. Gungor, V.C., Sahin, D., Kocak, T., et al: ‘A survey on smart grid potential applications and communication requirements’, IEEE Trans. Ind. Inform., 2013, 9, (1), pp. 28–42, doi: 10.1109/TII.2012.2218253.
7. 7)
  - 10. ‘American recovery and reinvestment act of 2009’, an act of the congress of the United States of America Publ. L. No. 111-5, February 2009.
8. 8)
  - 35. Khurana, H., Hadley, M., Lu, N., et al: ‘Smart-grid security issues’, IEEE Secur. Priv., 2010, 8, (1), pp. 81–85, doi: 10.1109/MSP.2010.49.
9. 9)
  - 46. Riley, G.F., Henderson, T.R.: ‘The ns-3 network simulator’, in Wehrle, K., Güneş, M., Gross, J. (EDs.): ‘Modeling and tools for network simulation’ (Springer Berlin Heidelberg, 2010), pp. 15–34, doi: 10.1007/978-3-642-12331-3_2.
10. 10)
  - 12. Godfrey, T., Mullen, S., Griffith, D.W., et al: ‘Modeling smart grid applications with co-simulation’. Proc. First IEEE Int. Conf. Smart Grid Communications, Gaithersburg, MD, USA, October 2010, pp. 291–296, doi: 10.1109/SMARTGRID.2010.5622057.
11. 11)
  - 34. Makrushin, D.: ‘The cost of launching a DDoS attack’. Available at https://securelist.com/analysis/publications/77784/the-cost-of-launching-a-ddos-attack.
12. 12)
  - 33. Enisa: ‘Major DDoS attacks involving IoT devices’. Available at https://www.enisa.europa.eu/publications/info-notes/major-ddos-attacks-involving-iot-devices.
13. 13)
  - 17. Fanxin, K., Xue, L.: ‘Distributed deadline and renewable aware electric vehicle demand response in the smart grid’. Real-Time Systems Symp., Washington, DC, USA, December 2015, pp. 23–32, doi: 10.1109/RTSS.2015.10.
14. 14)
  - 30. Barbeau, M.: ‘WiMax/802.16 threat analysis’. Proc. First ACM Int. Workshop on Quality of Service & Security in Wireless and mobile networks’.Montreal, Quebec, Canada, October 2005, pp. 8–15, doi: 10.1145/1089761.1089764.
15. 15)
  - 42. ‘BoNeSi DDoS botnet simulator’. Available at https://github.com/Markus-Go/bonesi.
16. 16)
  - 3. Smart Grid Interoperability Panel Cyber Security Working Group: ‘Introduction to NISTIR 7628 guidelines for smart grid cyber security’ (NIST, USA, 2014), pp. 1–597.
17. 17)
  - 7. Janicke, H., Nicholson, A., Webber, S., et al: ‘Runtime-monitoring for industrial control systems’, Electronics, 2015, 4, (4), pp. 995–1017, doi: 10.3390/electronics4040995.
18. 18)
  - 26. Barroso, D.: ‘Botnets – the silent threat’ (ENISA, 2007), pp. 1–12.
19. 19)
  - 6. Li, X., Liang, X., Lu, R., et al: ‘Securing smart grid: cyber attacks, countermeasures, and challenges’, IEEE Commun. Mag., 2012, 50, (8), pp. 38–45, doi: 10.1109/MCOM.2012.6257525.
20. 20)
  - 25. Locke, G., Gallagher, P.D.: ‘NIST framework and roadmap for smart grid interoperability standards, Release 1.0’ (NIST, USA, 2010), pp. 1–145.
21. 21)
  - 45. Chassin, D.P., Schneider, K., Gerkensmeyer, C.: ‘GridLAB-D: an open-source power systems modeling and simulation environment’. Proc. IEEE PES T&D Conf. and Exposition, Chicago, IL, USA, April 2008, pp. 1–5, doi: 10.1109/TDC.2008.4517260.
22. 22)
  - 21. Liu, J., Xiao, Y., Li, S., et al: ‘Cyber security and privacy issues in smart grids’, IEEE Commun. Surv. Tutor., 2012, 14, (4), pp. 981–997, doi: 10.1109/SURV.2011.122111.00145.
23. 23)
  - 18. Erickson, V.L., Cerpa, A.E.: ‘Occupancy based demand response HVAC control strategy’. Proc. Second ACM Workshop Embedded Sensing Systems for Energy-Efficiency in Building, Zurich, Switzerland, November 2010, pp. 7–12, doi: 10.1145/1878431.1878434.
24. 24)
  - 23. Wang, W., Lu, Z.: ‘Cyber security in the smart grid: survey and challenges’, Comput. Netw., 2013, 57, (5), pp. 1344–1371, doi: 10.1016/j.comnet.2012.12.017.
25. 25)
  - 5. Mo, Y., Kim, T.H.J., Brancik, K., et al: ‘Cyber-physical security of a smart grid infrastructure’, Proc. IEEE, 2012, 100, (1), pp. 195–209, doi: 10.1109/JPROC.2011.2161428.
26. 26)
  - 48. CEER: ‘Benchmarking report 5.2 on the continuity of electricity supply’, February 2015, pp. 1–54.
27. 27)
  - 44. White, B., Lepreau, J., Stoller, L., et al: ‘An integrated experimental environment for distributed systems and networks’. Proc. Fifth Symp. Operating Systems Design Implementation (OSDI ‘02), Boston, MA, USA, December 2002, pp. 255–270, doi: 10.1145/844128.844152.
28. 28)
  - 27. IEEE Std. 2030–2011: ‘IEEE guide for smart grid interoperability of energy technology and information technology operation with the Electric power system (EPS), end-use applications, and loads’, 2011, doi: 10.1109/IEEESTD.2011.6018239.
29. 29)
  - 37. Brown, R.E.: ‘Electric power distribution reliability’ (CRC Press, Boca Raton, FL, 2008, 2nd edn.).
30. 30)
  - 38. Sun, Y., Cheng, L., Liu, H., et al: ‘Power system operational reliability evaluation based on real-time operating state’. Proc. Int. Power Engineering Conf., Singapore, November 2005, pp. 722–727, doi: 10.1109/IPEC.2005.207002.
31. 31)
  - 24. He, D., Chen, C., Bu, J., et al: ‘Secure service provision in smart grid communications’, IEEE Commun. Mag., 2012, 50, (8), pp. 53–61, doi: 10.1109/MCOM.2012.6257527.
32. 32)
  - 14. Sgouras, K.I., Birda, A.D., Labridis, D.P.: ‘Cyber attack impact on critical smart grid infrastructures’. Proc. IEEE PES Innovative Smart Grid Technologies Conf. (ISGT 2014), Washington, DC, USA, February 2014, pp. 1–5, doi: 10.1109/ISGT.2014.6816504.
33. 33)
  - 40. He, J., Cheng, L., Sun, Y.Z.: ‘Transformer real-time reliability model based on operating conditions’, J. Zhejiang Univ. Sci. A, 2007, 8, (3), pp. 378–383, doi: 10.1631/jzus.2007.A0378.
34. 34)
  - 15. Asri, S., Pranggono, B.: ‘Impact of distributed denial-of-service attack on advanced metering infrastructure’, Wirel. Pers. Commun., 2015, 83, (3), pp. 2211–2223, doi: 10.1007/s11277-015-2510-3.
35. 35)
  - 43. ‘Emulab – network emulation testbed’. available at http://www.emulab.net.
36. 36)
  - 39. Sun, Y., Wang, P., Cheng, L., et al: ‘Operational reliability assessment of power systems considering condition-dependent failure rate’, IET Gener. Transm. Distrib., 2010, 4, (1), pp. 60–72, doi: 10.1049/iet-gtd.2009.0006.
37. 37)
  - 20. Fang, X., Misra, S., Xue, G., et al: ‘Smart grid – the new and improved power grid: a survey’, IEEE Commun. Surv. Tutor., 2011, 14, (4), pp. 944–980, doi: 10.1109/SURV.2011.101911.00087.
38. 38)
  - 9. Bhat, K., Sundarraj, V., Sinha, S., et al: ‘IEEE cyber security for the smart grid’ (IEEE, 2013), pp. 1–122, doi: 10.1109/IEEESTD.2013.6613505.
39. 39)
  - 41. Li, W.: ‘Risk assessment of power systems: models, methods, and applications’ (John Wiley & Sons, Inc., New York, 2014, 2nd edn.).
40. 40)
  - 2. Hamilton, B.A., Miller, J., Renz, B.: ‘Understanding the benefits of the smart grid – smart grid implementation strategy’ (National Energy Technology Laboratory, DoE, USA, 2010), pp. 1–41.
41. 41)
  - 36. Zhu, D.: ‘Electric distribution reliability analysis considering time-varying load, weather conditions and reconfiguration with distributed generation’. PhD thesis, Virginia Polytechnic Institute and State University, 2007.
42. 42)
  - 28. Sridhar, S., Hahn, A., Govindarasu, M.: ‘Cyber-physical system security for the electric power grid’, Proc. IEEE, 2012, 100, (1), pp. 210–224, doi: 10.1109/JPROC.2011.2165269.
43. 43)
  - 32. Usman, A., Shami, S.H.: ‘Evolution of communication technologies for smart grid applications’, Renew. Sustain. Energy Rev., 2013, 19, pp. 191–199, doi: 10.1016/j.rser.2012.11.002.
44. 44)
  - 16. Paterakis, N.G., Erdinç, O., Catalão, J.P.S.: ‘An overview of demand response: key-elements and international experience’, Renew. Sustain. Energy Rev., 2017, 69, pp. 871–891, doi: 10.1016/j.rser.2016.11.167.
45. 45)
  - 8. Eder-Neuhauser, P., Zseby, T., Fabini, J.: ‘Resilience and security: a qualitative survey of urban smart grid architectures’, IEEE Access, 2016, 4, pp. 839–848, doi: 10.1109/ACCESS.2016.2531279.
46. 46)
  - 11. Manasseh, E.C., Ohno, S., Yamamoto, T., et al: ‘Distributed demand-side management optimisation for multi-residential users with energy production and storage strategies’, J. Eng., 2014, pp. 1–8, doi: 10.1049/joe.2014.0199.
47. 47)
  - 29. NERC: ‘Grid security exercise (GridEx II) after-action report’ (NERC, 2014), pp. 1–26.
48. 48)
  - 31. Traynor, P., Lin, M., Ongtang, M., et al: ‘On cellular botnets: measuring the impact of malicious devices on a cellular network core’. Proc. 16th ACM Conf. Computer and Communications Security, Chicago, IL, USA, November 2009, pp. 223–234, doi: 10.1145/1653662.1653690.

Login

Not registered yet?

Share

Tools

Login to add to favourites

Key

Short-term risk assessment of botnet attacks on advanced metering infrastructure

References

Related content