METIS: A two-tier intrusion detection system for advanced metering infrastructures
Paper i proceeding, 2014

Specification-based intrusion detection systems, the main defense mechanism proposed so far for Advanced Metering Infrastructures, do not provide a comprehensive protection against the wide spectrum of possible attack scenarios. Challenging aspects in this context include the need for timely detection and for novel attack scenario modeling techniques. This paper introduces METIS, a novel two-tier anomaly-based intrusion detection framework that targets such challenges. The framework provides a continuous and fully distributed processing of network traffic by relying on the data streaming processing paradigm. Attack scenarios can be specified by means of the traffic features they affect and their resulting patterns of malicious activities. We overview the framework, presenting the novel detection technique, and provide results from a case study. © 2014 Authors.

intrusion detection

data streaming

advanced metering infrastructure

Författare

Vincenzo Massimiliano Gulisano

Chalmers, Data- och informationsteknik, Nätverk och system

Magnus Almgren

Chalmers, Data- och informationsteknik, Nätverk och system

Marina Papatriantafilou

Chalmers, Data- och informationsteknik, Nätverk och system

e-Energy 2014 - Proceedings of the 5th ACM International Conference on Future Energy Systems

211-212

DOI

10.1145/2602044.2602072

ISBN

978-145032819-7