论文信息 - Optimal Auditing on Smart-Grid Networks

Optimal Auditing on Smart-Grid Networks

As the existing power grid becomes increasingly complex, the deployment of Smart Grids-which can significantly improve the stability and efficiency of power infrastructure- has seen increasing interest. However, with new technology comes new security concerns. Recent work has shown that fabricating valid but malicious messages on a Smart Grid's SCADA network can cause widespread power outages. Moreover, the large scale, complexity, and tight constraints of these networks makes deploying in-line detection systems insufficient. A common approach is to instead conduct whole-network audits by temporarily duplicating & forwarding all network traffic to a server dedicated to detecting malicious content. This is usually done by taking advantage of port- mirroring to duplicate the packets received with minimal overhead. However, the operation of these audits sees a number of challenges. For instance, each router used to collect traffic demands physical set-up - thus there is a real cost to needlessly high coverage. In this work, we consider the problem of efficiently finding the minimal set of routers in the SCADA network to use for auditing traffic. This efficiency is critical for enabling timely auditing. Similar versions of this problem have seen study. However, they suffer either from a severe mismatch w.r.t. the problem domain, or from serious scalability concerns. This motivates us to devise a novel (2+\theta)(ln|V|+1) approximation algorithm for this problem with a 2- approximation for the special case of tree networks. We experimentally evaluate our solution and compare it to an optimal IP formulation, finding that it performs near-optimally on small networks and significantly outperforms heuristics in all cases.

My T. Thai | J. David Smith | Lan N. Nguyen | Jungmin Kang

[1] Mihalis Yannakakis,et al. Multiway Cuts in Directed and Node Weighted Graphs , 1994, ICALP.

[2] Sujeet Shenoi,et al. Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..

[3] Heejo Lee,et al. This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[4] W. Hoeffding. Probability Inequalities for sums of Bounded Random Variables , 1963 .

[5] Xiang Li,et al. Rate alteration attacks in smart grid , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[6] My T. Thai,et al. Optimal Inspection Points for Malicious Attack Detection in Smart Grids , 2014, COCOON.

[7] Randy L. Ekl,et al. Security Technology for Smart Grid Networks , 2010, IEEE Transactions on Smart Grid.

[8] Yuval Rabani,et al. On the Hardness of Approximating Multicut and Sparsest-Cut , 2005, Computational Complexity Conference.

[9] John A. Clark,et al. Optimising IDS Sensor Placement , 2010, 2010 International Conference on Availability, Reliability and Security.

[10] Sushil Jajodia,et al. Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs , 2008, Journal of Network and Systems Management.