METIS: A two-tier intrusion detection system for advanced metering infrastructures
Paper i proceeding, 2014
Specification-based intrusion detection systems, the main defense mechanism proposed so far for Advanced Metering Infrastructures, do not provide a comprehensive protection against the wide spectrum of possible attack scenarios. Challenging aspects in this context include the need for timely detection and for novel attack scenario modeling techniques. This paper introduces METIS, a novel two-tier anomaly-based intrusion detection framework that targets such challenges. The framework provides a continuous and fully distributed processing of network traffic by relying on the data streaming processing paradigm. Attack scenarios can be specified by means of the traffic features they affect and their resulting patterns of malicious activities. We overview the framework, presenting the novel detection technique, and provide results from a case study. © 2014 Authors.
intrusion detection
advanced metering infrastructure
data streaming
Författare
Vincenzo Massimiliano Gulisano
Chalmers, Data- och informationsteknik, Nätverk och system
Magnus Almgren
Chalmers, Data- och informationsteknik, Nätverk och system
Marina Papatriantafilou
Chalmers, Data- och informationsteknik, Nätverk och system
e-Energy 2014 - Proceedings of the 5th ACM International Conference on Future Energy Systems
211-212
978-145032819-7 (ISBN)
Utvecklande av dataalgoritmer för nätverk för att stärka anpassningsbarhet och robusthet i elnät
Göteborg Energi AB, 2012-09-01 -- 2014-12-31.
CRitical Infrastructure Security AnaLysIS (CRISALIS)
Europeiska kommissionen (EU) (EC/FP7/285477), 2012-05-01 -- 2015-04-30.
Styrkeområden
Informations- och kommunikationsteknik
Energi
Ämneskategorier (SSIF 2011)
Kommunikationssystem
DOI
10.1145/2602044.2602072