Abstract
Recent studies have shown that AMI is potential to immense number of threats [7, 14, 19, 24, 25], which can affect the deployment and growth of smart grids. These studies outline that although there are some secure communication protocols used in smart grids, many vulnerabilities and exploitations have been observed. Despite these facts, limited progress has been made so far in order to detect malicious behaviors in smart grids [3, 4, 10]. In Chap. 1, Fig. 1.3 presents a typical AMI network. Smart meters communicate with intelligent data collectors using various mediums. These collectors communicate with the headend system (and vice versa) using WAN. Unlike traditional networks, AMI has its own requirements which pose significant challenges for monitoring and intrusion detection.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ambient Smart Grid Nodes (2013), http://cdn2.hubspot.net/hub/165743/file-20041060-pdf/docs/ambient_smart_grid_node.pdf
C. Baier, J.P. Katoen, Principles of Model Checking (The MIT Press, Cambridge, 2008)
R. Berthier, W. Sanders, Specification-based intrusion detection for advanced metering infrastructures, in IEEE 17th Pacific Rim International Symposium on Dependable Computing (PRDC) (2011)
R. Berthier, W. Sanders, H. Khurana, Intrusion detection for advanced metering infrastructures: requirements and architectural directions, in First IEEE International Conference on Smart Grid Communications (Smart-GridComm) (2010)
D.C. Challener et al., Storing keys in a cryptology device, US Patent Application 10/051,495, 2002
Y. Chen et al., Learning Markov models for stationary system behaviors, in NASA Formal Methods. Lecture Notes in Computer Science (Springer, New York, 2012)
F.M. Cleveland, Cyber security issues for Advanced Metering Infrastructure (AMI), in IEEE Power and Energy Society General Meeting-Conversion and Delivery of Electrical Energy in the 21st Century (2008)
Duke Energy Smart Grid Laboratory (2015), http://epic.uncc.edu/laboratories/duke-energy-smart-grid-laboratory. Accessed 2015
Echelon Data Concentrator (2013), http://www.echelon.com/assets/bltdc1832fafd7deb8c/Data-Concentrator-DCN-1000-Series-datasheet.pdf
M.A. Faisal et al., Securing advanced metering infrastructure using intrusion detection system with data stream mining, in Proceedings of Pacific Asia Workshop on Intelligence and Security Informatics (PAISI) (2012)
P. Garcia-Teodoro et al., Anomaly-based network intrusion detection: techniques, systems and challenges, in Comput. Secur. 28(1–2), 18–28 (2009)
Y. Gu, A. McCullum, D. Towsley, Detecting anomalies in network traffic using maximum entropy estimation, in Proceedings of the ACM SIGCOMM Conference on Internet Measurement (IMC) (2005)
HPROF: A Heap/CPU Profiling Tool (2015), http://docs.oracle.com/javase/7/docs/technotes/samples/hprof.html. Accessed 2015
Idaho National Laboratory (INL), NSTB Assessments summary report: common industrial control system cyber security weaknesses, May 2010
J. Jung et al., Fast portscan detection using sequential hypothesis testing, in Proceedings of the IEEE Symposium on Security and Privacy (2004)
M. Kwiatkowska, D. Parker, Advances in probabilistic model checking, in Proceedings 2011 Marktoberdorf Summer School: Tools for Analysis and Verification of Software Safety and Security (2012)
D. Mashima, A.A. Cárdenas, Evaluating electricity theft detectors in smart grid networks, in Research in Attacks, Intrusions, and Defenses (2012)
S. McLaughlin, D. Podkuiko, P. McDaniel, Energy theft in the advanced metering infrastructure, in Critical Information Infrastructures Security (2010)
S. McLaughlin et al., Multi-vendor penetration testing in the advanced metering infrastructure, in Proceedings of the 26th Annual Computer Security Applications Conference, (ACSAC) (2010)
M. Merhav, M. Gutman, J. Ziv, On the estimation of the order of a Markov chain and universal data compression, in IEEE Transactions on Information Theory (1989)
NISTIR 7628: Guidelines for Smart Grid Cyber Security, Smart grid inter-operability panel- cyber security working group (2010), http://www.nist.gov/smartgrid/upload/nistir-7628_total.pdf
Probabilistic Symbolic Model Checker, PRISM (2015), http://www.prismmodelchecker.org/. Accessed 2015
Smart Meter - ARM (2015), http://www.arm.com/markets/embedded/smart-meter.php. Accessed 2015
The White House, Homeland Security Presidential Directive 7: Critical Infrastructure Identification, Prioritization and Protection, September 22, 2015. https://www.dhs.gov/homeland-security-presidential-directive-7
U.S. Government Accountability Office (GAO), Information security: TVA needs to address weaknesses in control systems and networks (2008)
Yices: An SMT Solver (2015), http://yices.csl.sri.com/. Accessed 2015
Y. Zhang et al., Distributed intrusion detection system in a multi-layer network architecture of smart grids. IEEE Trans. Smart Grid 2 (4), 796–808 (2011)
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Al-Shaer, E., Rahman, M.A. (2016). Intrusion Detection Systems for AMI. In: Security and Resiliency Analytics for Smart Grids. Advances in Information Security, vol 67. Springer, Cham. https://doi.org/10.1007/978-3-319-32871-3_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-32871-3_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-32870-6
Online ISBN: 978-3-319-32871-3
eBook Packages: Computer ScienceComputer Science (R0)