Harnessing the unknown in advanced metering infrastructure traffic
Paper i proceeding, 2015

The Advanced Metering Infrastructure (AMI), a key component for smart grids, is expanding with more installed devices. Due to security and privacy concerns, the communication between these devices is encrypted, making it more secure against malicious third parties but also obscuring the ability of the network owner to detect any misbehaving user or equipment. We are investigating how to balance the need for confidentiality with the need to monitor the AMI. More specifically, we develop one important component for an AMI Intrusion Detection System (IDS), which can accurately determine the individual commands (but not their content) sent between AMI devices even when they are sent over an encrypted channel or in a protocol that the IDS cannot parse. We explain our methodology and propose features which summarize traffic characteristics. We conduct a feasibility study based on representative protocols in AMI and demonstrate the real utility of this IDS component. Our results are validated experimentally using two different datasets containing realistic traffic captured from two different AMI testbeds.

Networks

AMI encrypted traffic

Security

Smart Grid

Författare

Valentin Tudor

Chalmers, Data- och informationsteknik, Nätverk och system

Magnus Almgren

Chalmers, Data- och informationsteknik, Nätverk och system

Marina Papatriantafilou

Chalmers, Data- och informationsteknik, Nätverk och system

SAC '15 Proceedings of the 30th Annual ACM Symposium on Applied Computing

2204-2211

Ämneskategorier

Data- och informationsvetenskap

Styrkeområden

Energi

DOI

10.1145/2695664.2695725

ISBN

978-1-4503-3196-8