Quantitative analysis of firewall security under DDoS attacks in smart grid AMI networks

One of the key objectives of distributed denial of service (DDoS) attack on the smart grid advanced metering infrastructure is to threaten the availability of end user's metering data. This will surely disrupt the smooth operations of the grid and third party operators who need this data for billing and other grid control purposes. In previous work, we proposed a cloud-based Openflow firewall for mitigation against DDoS attack in a smart grid AMI. In this paper, PRISM model checker is used to perform a probabilistic best-and worst-case analysis of the firewall with regard to DDoS attack success under different firewall detection probabilities ranging from zero to 1. The results from this quantitative analysis can be useful in determining the extent the DDoS attack can undermine the correctness and performance of the firewall. In addition, the study can also be helpful in knowing the extent the firewall can be improved by applying the knowledge derived from the worst-case performance of the firewall.

[1]  Anas AlMajali,et al.  Mitigating the Risk of Cyber Attack on Smart Grid Systems , 2014, CSER.

[2]  Ehab Al-Shaer,et al.  Probabilistic model checking for AMI intrusion detection , 2013, 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[3]  Bernardi Pranggono,et al.  Impact of Distributed Denial-of-Service Attack on Advanced Metering Infrastructure , 2015, Wireless Personal Communications.

[4]  Ersin Dincelli,et al.  Using Features of Cloud Computing to Defend Smart Grid against DDoS Attacks , 2015 .

[5]  Canbing Li,et al.  The contributions of cloud technologies to smart grid , 2016 .

[6]  Scott A. Smolka,et al.  Formal Analysis of the DNS Bandwidth Amplification Attack and Its Countermeasures Using Probabilistic Model Checking , 2011, 2011 IEEE 13th International Symposium on High-Assurance Systems Engineering.

[7]  R. C. Diovu,et al.  A cloud-based openflow firewall for mitigation against DDoS attacks in smart grid AMI networks , 2017, 2017 IEEE PES PowerAfrica.

[8]  Maria Grazia Vigliotti,et al.  Probabilistic Mobile Ambients , 2009, Theoretical Computer Science.

[9]  Panagiotis Katsaros,et al.  A Probabilistic Attacker Model for Quantitative Verification of DoS Security Threats , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.

[10]  Raouf Boutaba,et al.  Performance Modeling and Analysis of Network Firewalls , 2012, IEEE Transactions on Network and Service Management.

[11]  Daniel Massey,et al.  Detection of invalid routing announcement in the Internet , 2002, Proceedings International Conference on Dependable Systems and Networks.

[12]  M. Abliz Internet Denial of Service Attacks and Defense Mechanisms , 2011 .

[13]  Zahid Anwar,et al.  IoTRiskAnalyzer: A Probabilistic Model Checking Based Framework for Formal Risk Analytics of the Internet of Things , 2017, IEEE Access.

[14]  Andrew Hinton,et al.  PRISM: A Tool for Automatic Verification of Probabilistic Systems , 2006, TACAS.

[15]  Dmitry Podkuiko,et al.  Multi-vendor penetration testing in the advanced metering infrastructure , 2010, ACSAC '10.

[16]  Dimitris P. Labridis,et al.  Cyber attack impact on critical Smart Grid infrastructures , 2014, ISGT 2014.

[17]  Shiyan Hu,et al.  Modeling distributed denial of service attack in advanced metering infrastructure , 2015, 2015 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT).