Moving target defense for securing smart grid communications: Architectural design, implementation and evaluation

Supervisory Control And Data Acquisition (SCADA) communications are often subjected to various kinds of sophisticated cyber-attacks which can have a serious impact on the Critical Infrastructure such as the power grid. Most of the time, the success of the attack is based on the static characteristics of the system, thereby enabling an easier profiling of the target system(s) by the adversary and consequently exploiting their limited resources. In this thesis, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, which leverages the existing communication network with an end-to-end IP Hopping technique among the trusted peer devices. This offers a proactive L3 layer network defense, minimizing IP-specific threats and thwarting worm propagation, APTs, etc., which utilize the cyber kill chain for attacking the system through the SCADA network. The main contribution of this thesis is to show how MTD concepts provide proactive defense against targeted cyberattacks, and a dynamic attack surface to adversaries without compromising the availability of a SCADA system. Specifically, the thesis presents a brief overview of the different type of MTD designs, the proposed MTD architecture and its implementation with IP hopping technique over a Control Center–Substation network link along with a 3-way handshake protocol for synchronization on the Iowa State’s Power Cyber testbed. The thesis further investigates the delay and throughput characteristics of the entire system with and without the MTD to choose the best hopping rate for the given link. It also includes additional contributions for making the testbed scenarios more realistic to real world scenarios with multi-hop, multi-path

[1]  Ehab Al-Shaer,et al.  Spatio-temporal Address Mutation for Proactive Cyber Agility against Sophisticated Attackers , 2014, MTD '14.

[2]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[3]  Richard Ford,et al.  Moving-Target Defenses for Computer Networks , 2014, IEEE Security & Privacy.

[4]  Ehab Al-Shaer,et al.  Random Host Mutation for Moving Target Defense , 2012, SecureComm.

[5]  Brian P. Van Leeuwen,et al.  Operational cost of deploying Moving Target Defenses defensive work factors , 2015, MILCOM 2015 - 2015 IEEE Military Communications Conference.

[6]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[7]  Baosheng Wang,et al.  Analysis of Port Hopping for Proactive Cyber Defense 1 , 2015 .

[8]  Michael Atighetchi,et al.  Adaptive use of network-centric mechanisms in cyber-defense , 2003, Sixth IEEE International Symposium on Object-Oriented Real-Time Distributed Computing, 2003..

[9]  Aditya Ashok,et al.  Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid , 2013, IEEE Transactions on Smart Grid.

[10]  Harry G. Perros,et al.  SDN-based solutions for Moving Target Defense network protection , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[11]  Sean Peisert,et al.  Techniques for the dynamic randomization of network attributes , 2015, 2015 International Carnahan Conference on Security Technology (ICCST).

[12]  Jugal K. Kalita,et al.  Network attacks: Taxonomy, tools and systems , 2014, J. Netw. Comput. Appl..

[13]  Aditya Ashok,et al.  Experimental evaluation of cyber attacks on Automatic Generation Control using a CPS Security Testbed , 2015, 2015 IEEE Power & Energy Society General Meeting.

[14]  Scott A. DeLoach,et al.  A Theory of Cyber Attacks: A Step Towards Analyzing MTD Systems , 2015, MTD@CCS.

[15]  Fei Li,et al.  A moving target DDoS defense mechanism , 2014, Comput. Commun..

[16]  Yu Li,et al.  Morphing communications of Cyber-Physical Systems towards moving-target defense , 2014, 2014 IEEE International Conference on Communications (ICC).

[17]  Scott A. DeLoach,et al.  Mission-oriented moving target defense based on cryptographically strong network dynamics , 2013, CSIIRW '13.

[18]  Ravishankar K. Iyer,et al.  Software-Defined Networking for Smart Grid Resilience: Opportunities and Challenges , 2015, CPSS@ASIACSS.

[19]  Ehab Al-Shaer,et al.  Moving Target Defense for Hardening the Security of the Power System State Estimation , 2014, MTD '14.

[20]  G. Manimaran,et al.  Data integrity attacks and their impacts on SCADA control system , 2010, IEEE PES General Meeting.

[21]  Baosheng Wang,et al.  RPAH: Random Port and Address Hopping for Thwarting Internal and External Adversaries , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[22]  Scott A. DeLoach,et al.  Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST , 2012 .

[23]  Scott A. DeLoach,et al.  Investigating the application of moving target defenses to network security , 2013, 2013 6th International Symposium on Resilient Control Systems (ISRCS).

[24]  Hovav Shacham,et al.  On the effectiveness of address-space randomization , 2004, CCS '04.

[25]  Joseph G. Tront,et al.  Using an IPv6 moving target defense to protect the Smart Grid , 2012, 2012 IEEE PES Innovative Smart Grid Technologies (ISGT).