Network Security Monitoring in a Small-Scale Smart-Grid Laboratory

Smart grids are the next generation of electrical grids, enabling the better management and leveling of power consumption by suppliers. Via the use of automatic meter reading, smart grid also provides better information to the end-users, making it possible to enhance their energy consumption and adapt it according to the current energy price, availability and other factors. As the grid becomes more and more reliant to ICT and communication networks, risks related to cybersecurity and privacy have to be taken into account. The link between automatic meters and the distribution operator has to be protected from security breaches that may lead to false billing and the transferred data has to be protected as it contains sensitive information about household and business behavior. In this article we present a limited state-of-the-art review as well as a network security monitoring setup for small-scale laboratory that is in essence a small scale smart grid environment. We discuss about the challenges and threats that are possible in the smart grid environment and the feasibility of using network security monitoring techniques that represent our work-in-progress research in this context.

[1]  Helge Janicke,et al.  SCADA security in the light of Cyber-Warfare , 2012, Comput. Secur..

[2]  Ravishankar K. Iyer,et al.  Adapting Bro into SCADA: building a specification-based intrusion detection system for the DNP3 protocol , 2013, CSIIRW '13.

[3]  I. Pearson Smart grid cyber security for Europe , 2011 .

[4]  Jian Zhang,et al.  Traffic Trace Artifacts due to Monitoring Via Port Mirroring , 2007, 2007 Workshop on End-to-End Monitoring Techniques and Services.

[5]  H. Vincent Poor,et al.  Competitive privacy in the smart grid: An information-theoretic approach , 2011, 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[6]  Eric D. Knapp,et al.  Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems , 2011 .

[7]  Eric D. Knapp,et al.  Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure , 2013 .

[8]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[9]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[10]  Matti Mantere,et al.  Network Traffic Features for Anomaly Detection in Specific Industrial Control System Network , 2013, Future Internet.

[11]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[12]  Matti Mantere,et al.  Challenges of Machine Learning Based Monitoring for Industrial Control System Networks , 2012, 2012 26th International Conference on Advanced Information Networking and Applications Workshops.

[13]  Matti Mantere,et al.  A module for anomaly detection in ICS networks , 2014, HiCoNS.

[14]  Aiko Pras,et al.  Difficulties in Modeling SCADA Traffic: A Comparative Analysis , 2012, PAM.

[15]  Randy L. Ekl,et al.  Security Technology for Smart Grid Networks , 2010, IEEE Transactions on Smart Grid.

[16]  Khosrow Moslehi,et al.  A Reliability Perspective of the Smart Grid , 2010, IEEE Transactions on Smart Grid.

[17]  Ralph Langner,et al.  Robust Control System Networks: How to Achieve Reliable Control After Stuxnet , 2011 .

[18]  Göran N Ericsson,et al.  Cyber Security and Power System Communication—Essential Parts of a Smart Grid Infrastructure , 2010, IEEE Transactions on Power Delivery.

[19]  Alfredo De Santis,et al.  Network anomaly detection with the restricted Boltzmann machine , 2013, Neurocomputing.

[20]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[21]  Richard Bejtlich,et al.  The Tao of Network Security Monitoring: Beyond Intrusion Detection , 2004 .

[22]  Shawn Ostermann,et al.  Detecting Anomalous Network Traffic with Self-organizing Maps , 2003, RAID.

[23]  Bert-Jaap Koops,et al.  Smart Metering and Privacy in Europe: Lessons from the Dutch Case , 2013, European Data Protection.