Auditing on Smart-Grid With Dynamic Traffic Flows: An Algorithmic Approach

The introduction of Smart Grid systems has raised many new security concerns. If an attacker can compromise components of the Smart Grid communication network, they can fabricate malicious messages to interfere with the grid and ultimately cause outages. One method to address this concern is to conduct network audits by logging network traffic into dedicated servers in order to detect malicious messages. This may be done by using switches’ or routers’ ability to duplicate packets they receive with minimal overhead. The question of how many and which switches/routers to select for this task naturally follows. This paper considers the problem of finding minimal set of routers/switches in a Smart Grid communication network to use for auditing traffic. Accordingly, we devise three algorithms: the first one is highly effective with an approximation ratio of $(2+\theta)(\ln |V| + 1)$ . The second method is a highly scalable algorithm with a constant performance ratio. And the last one is a dynamic algorithm which can efficiently update its solution in response to changes to critical traffic. We experimentally evaluate our solutions and compare them to an optimal Integer Programming formulation, finding that they perform near-optimally and significantly outperform a simple heuristic in all cases.

[1]  Mihalis Yannakakis,et al.  Multiway Cuts in Directed and Node Weighted Graphs , 1994, ICALP.

[2]  Leandros A. Maglaras,et al.  Vulnerability Analysis of Network Scanning on SCADA Systems , 2018, Secur. Commun. Networks.

[3]  Zhuo Lu,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[4]  My T. Thai,et al.  Optimal Inspection Points for Malicious Attack Detection in Smart Grids , 2014, COCOON.

[5]  Sushil Jajodia,et al.  Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs , 2008, Journal of Network and Systems Management.

[6]  Boudewijn R. Haverkort,et al.  What's under the hood? Improving SCADA security with process awareness , 2016, 2016 Joint Workshop on Cyber- Physical Security and Resilience in Smart Grids (CPSR-SG).

[7]  Xiangyu Niu,et al.  Dynamic Detection of False Data Injection Attack in Smart Grid using Deep Learning , 2018, 2019 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT).

[8]  Lang Tong,et al.  Malicious Data Attacks on the Smart Grid , 2011, IEEE Transactions on Smart Grid.

[9]  Naima Kaabouch,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[10]  Carl A. Gunter,et al.  Cumulative Attestation Kernels for Embedded Systems , 2009, IEEE Transactions on Smart Grid.

[11]  Michael E. Webber,et al.  Energy audit analysis of residential air-conditioning systems in Austin, Texas , 2012 .

[12]  Randy L. Ekl,et al.  Security Technology for Smart Grid Networks , 2010, IEEE Transactions on Smart Grid.

[13]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[14]  Alexis Kwasinski,et al.  Experimental and data collection methods for a large-scale smart grid deployment: Methods and first results , 2014 .

[15]  Sujeet Shenoi,et al.  Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..

[16]  Sandip C. Patel,et al.  Security Enhancements for Distributed Control Systems , 2007, Critical Infrastructure Protection.

[17]  M. Pipattanasomporn,et al.  Analysis of communication schemes for Advanced Metering Infrastructure (AMI) , 2014, 2014 IEEE PES General Meeting | Conference & Exposition.

[18]  Vijay V. Vazirani,et al.  Approximation Algorithms , 2001, Springer Berlin Heidelberg.

[19]  John A. Clark,et al.  Optimising IDS Sensor Placement , 2010, 2010 International Conference on Availability, Reliability and Security.

[20]  Lingfeng Wang,et al.  Inclusion of SCADA Cyber Vulnerability in Power System Reliability Assessment Considering Optimal Resources Allocation , 2016, IEEE Transactions on Power Systems.

[21]  Kaamran Raahemifar,et al.  A survey on Advanced Metering Infrastructure , 2014 .

[22]  W. Hoeffding Probability Inequalities for sums of Bounded Random Variables , 1963 .

[23]  Periklis Chatzimisios,et al.  Monitoring Traffic Optimization in a Smart Grid , 2017, IEEE Transactions on Industrial Informatics.

[24]  Xiang Li,et al.  Rate alteration attacks in smart grid , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[25]  Xin-She Yang,et al.  Introduction to Algorithms , 2021, Nature-Inspired Optimization Algorithms.

[26]  Leandros A. Maglaras,et al.  A security architectural pattern for risk management of industry control systems within critical national infrastructure , 2017, Int. J. Crit. Infrastructures.