METIS: A two-tier intrusion detection system for advanced metering infrastructures
Paper in proceeding, 2014
Specification-based intrusion detection systems, the main defense mechanism proposed so far for Advanced Metering Infrastructures, do not provide a comprehensive protection against the wide spectrum of possible attack scenarios. Challenging aspects in this context include the need for timely detection and for novel attack scenario modeling techniques. This paper introduces METIS, a novel two-tier anomaly-based intrusion detection framework that targets such challenges. The framework provides a continuous and fully distributed processing of network traffic by relying on the data streaming processing paradigm. Attack scenarios can be specified by means of the traffic features they affect and their resulting patterns of malicious activities. We overview the framework, presenting the novel detection technique, and provide results from a case study. © 2014 Authors.
intrusion detection
advanced metering infrastructure
data streaming
Author
Vincenzo Massimiliano Gulisano
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Magnus Almgren
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
Marina Papatriantafilou
Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)
e-Energy 2014 - Proceedings of the 5th ACM International Conference on Future Energy Systems
211-212
978-145032819-7 (ISBN)
Algorithms for adaptiveness and robustness in electricity networks
Göteborg Energi AB, 2012-09-01 -- 2014-12-31.
CRitical Infrastructure Security AnaLysIS (CRISALIS)
European Commission (EC) (EC/FP7/285477), 2012-05-01 -- 2015-04-30.
Areas of Advance
Information and Communication Technology
Energy
Subject Categories (SSIF 2011)
Communication Systems
DOI
10.1145/2602044.2602072