Files in this item



application/pdfHuaiyu_Zhu.pdf (2MB)
(no description provided)PDF


Title:Intrusion detection and prevention in advanced metering networks
Author(s):Zhu, Huaiyu
Advisor(s):Nicol, David M.
Department / Program:Electrical & Computer Eng
Discipline:Electrical & Computer Engr
Degree Granting Institution:University of Illinois at Urbana-Champaign
Subject(s):smart grid security
intrusion detection
security system design
Abstract:Advanced metering infrastructure (AMI) is envisioned to be able to revolutionize the power grid and turn it into the “smart grid”. AMI, through the use of “smart meters” and high-speed networks, promises to strengthen both the stability and sustainability of the grid. The vision of AMI is to enhance and improve the grid by providing fine-grained control over pricing and usage to both the utility and the customers. The promise is so convincing that there have been rapid, large-scale deployments all over the world in a very short time. In this frenzy of excitement, security of AMI, an issue of utmost importance, may have been overlooked. In this work, we present our in-depth study of the vulnerabilities in AMI to cyber-attacks. We also propose a scalable, content-aware methodology to stop propagating malware which exploits the vulnerabilities of AMI to disrupt the operation of service. Towards this end we design and implement a host-based policy engine that examines both ingress and egress traffic to the AMI application layer. Policy engine rules may refer to the structure and behavior of the AMI protocol, and may also perform multi-stage analysis of data payloads and look for evidence that malicious content is carried, rather than data. Our experimental results show that the policy engine is promising in controlling the malicious traffic and introducing negligible performance overhead.
Issue Date:2015-01-21
Rights Information:Copyright 2014 Huaiyu Zhu
Date Available in IDEALS:2015-01-21
Date Deposited:2014-12

This item appears in the following Collection(s)

Item Statistics