Specification-based intrusion detection for advanced metering infrastructures

Proceedings of IEEE Pacific Rim International Symposium on Dependable Computing, PRDC

Volumn , Issue , 2011, Pages 184-193

  Berthier, Robin ^a   Sanders, William H ^a  

^a University of Illinois at Urbana Champaign   (United States)

Author keywords

AMI; formal method; intrusion detection; specification based security

Indexed keywords

ACCESS POINTS; ADVANCED METERING INFRASTRUCTURES; AMI; APPLICATION LAYERS; ENERGY DISTRIBUTIONS; FORMAL FRAMEWORK; NETWORK TRAFFIC; POWER GRIDS; PROTOTYPE IMPLEMENTATIONS; REAL TIME; RUNNING-IN; SECURITY POLICY; SECURITY THREATS; SITUATIONAL AWARENESS; SMART METERS; SPECIFICATION-BASED SECURITY; STANDARD PROTOCOLS;

ELECTRIC POWER DISTRIBUTION; FORMAL METHODS; INTRUSION DETECTION; SECURITY SYSTEMS; SENSORS; SPECIFICATIONS;

CRITICAL INFRASTRUCTURES;

EID: 84857771025     PISSN: 15410110     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/PRDC.2011.30     Document Type: Conference Paper

References (34)

1. N. Falliere, L. Murchu, and E. Chien, "W32. Stuxnet Dossier," Symantec Security Response, 2010.
2. S. McLaughlin, D. Podkuiko, and P. McDaniel, "Energy theft in the advanced metering infrastructure," Critical Information Infrastructures Security, pp. 176-187, 2010.
3. S. McLaughlin, D. Podkuiko, S. Miadzvezhanka, A. Delozier, and P. McDaniel, "Multi-vendor penetration testing in the advanced metering infrastructure," in Proceedings of the 26th Annual Computer Security Applications Conference. ACM, 2010, pp. 107-116.
4. T. Song, C. Ko, J. Alves-Foss, C. Zhang, and K. Levitt, "Formal reasoning about intrusion detection systems," in Recent Advances in Intrusion Detection. Springer, 2004, pp. 278-295. (Pubitemid 39741899)
5. C. Ko, M. Ruschitzka, and K. Levitt, "Execution monitoring of securitycritical programs in distributed systems: A specification-based approach,"sp, p. 0175, 1997.
6. R. Sekar and P. Uppuluri, "Synthesizing fast intrusion prevention/detection systems from high-level specifications," in USENIX Security Symposium. Citeseer, 1999, pp. 63-78.
7. P. Uppuluri and R. Sekar, "Experiences with specification-based intrusion detection," in Recent Advances in Intrusion Detection. Springer, 2001, pp. 172-189.
8. M. Raihan and M. Zulkernine, "Detecting intrusions specified in a software specification language," in Computer Software and Applications Conference, 2005. COMPSAC 2005. 29th Annual International, vol. 1. IEEE, 2005, pp. 143-148.
9. C. Ko, "Logic induction of valid behavior specifications for intrusion detection," in Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE Symposium on. IEEE, 2002, pp. 142-153.
10. G. Helmer, J. Wong, M. Slagell, V. Honavar, L. Miller, Y. Wang, X. Wang, and N. Stakhanova, "Software fault tree and coloured Petri net-based specification, design and implementation of agent-based intrusion detection systems," International Journal of Information and Computer Security, vol. 1, no. 1, pp. 109-142, 2007.
11. I. Balepin, S. Maltsev, J. Rowe, and K. Levitt, "Using specificationbased intrusion detection for automated response," in Recent Advances in Intrusion Detection. Springer, 2003, pp. 136-154.
12. R. Sekar, A. Gupta, J. Frullo, T. Shanbhag, A. Tiwari, H. Yang, and S. Zhou, "Specification-based anomaly detection: a new approach for detecting network intrusions," in Proceedings of the 9th ACM conference on Computer and communications security. ACM, 2002, pp. 265-274.
13. N. Stakhanova, S. Basu, and J. Wong, "On the symbiosis of specification-based and anomaly-based detection," computers & security, vol. 29, no. 2, pp. 253-268, 2010.
14. C. Tseng, P. Balasubramanyam, C. Ko, R. Limprasittiporn, J. Rowe, and K. Levitt, "A specification-based intrusion detection system for AODV,"in Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks. ACM, 2003, pp. 125-134.
15. E. Hansson, J. Groenkvist, K. Persson, and D. Nordqvist, "Specification- Based Intrusion Detection Combined with Cryptography Methods for Mobile Ad Hoc Networks(Policy-Baserad Intrangsdetektering foer Mobila Ad Hoc-Naet)," NASA Center for AeroSpace Information, 7121 Standard Dr, Hanover, Maryland, 21076-1320, USA, Tech. Rep., 2005.
16. H. Hassan, M. Mahmoud, and S. El-Kassas, "Securing the AODV protocol using specification-based intrusion detection," in Proceedings of the 2nd ACM international workshop on Quality of service & security for wireless and mobile networks. ACM, 2006, pp. 33-36.
17. C. Tseng, T. Song, P. Balasubramanyam, C. Ko, and K. Levitt, "A specification-based intrusion detection model for olsr," in Recent Advances in Intrusion Detection. Springer, 2006, pp. 330-350. (Pubitemid 43973735)
18. P. Truong, D. Nieh, and M. Moh, "Specification-based intrusion detection for H. 323-based voice over IP," in Signal Processing and Information Technology, 2005. Proceedings of the Fifth IEEE International Symposium on. IEEE, 2005, pp. 387-392.
19. H. Sengar, D. Wijesekera, H. Wang, and S. Jajodia, "VoIP intrusion detection through interacting protocol state machines," 2006.
20. T. Phit and K. Abe, "A Protocol Specification-Based Intrusion Detection System for VoIP and Its Evaluation," IEICE Transactions on Communications, vol. 91, no. 12, pp. 3956-3965, 2008.
21. P. Jieke, J. Redol, and M. Correia, "Specification-Based Intrusion Detection System for Carrier Ethernet," in Proceedings of the International Conference on Web Information Systems and Technologies (WEBIST). Citeseer, 2007.
22. R. Gill, J. Smith, and A. Clark, "Specification-based intrusion detection in WLANs," 2006.
23. T. Song, J. Alves-Foss, C. Ko, C. Zhang, and K. Levitt, "Using acl2 to verify security properties of specification-based intrusion detection systems," in Fourth International Workshop on the ACL2 Theorem Prover and Its Applications (ACL2-2003). Citeseer, 2003.
24. T. Song, C. Ko, C. Tseng, P. Balasubramanyam, A. Chaudhary, and K. Levitt, "Formal reasoning about a specification-based intrusion detection for dynamic auto-configuration protocols in ad hoc networks,"Formal Aspects in Security and Trust, pp. 16-33, 2006.
25. F. Cleveland, "Cyber security issues for advanced metering infrastructure (AMI)," in Power and Energy Society General Meeting-Conversion and Delivery of Electrical Energy in the 21st Century, 2008 IEEE. IEEE, 2008, pp. 1-5.
26. R. Berthier, W. Sanders, and H. Khurana, "Intrusion Detection for Advanced Metering Infrastructures: Requirements and Architectural Directions," in Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on. IEEE, 2010, pp. 350-355.
27. M. LeMay and C. Gunter, "Cumulative attestation kernels for embedded systems," Computer Security-ESORICS 2009, pp. 655-670, 2010.
28. T. Roosta, D. Nilsson, U. Lindqvist, and A. Valdes, "An intrusion detection system for wireless process control systems," in Mobile Ad Hoc and Sensor Systems, 2008. MASS 2008. 5th IEEE International Conference on. IEEE, 2008, pp. 866-872.
29. C. Ko, P. Brutch, J. Rowe, G. Tsafnat, and K. Levitt, "System health and intrusion monitoring using a hierarchy of constraints," in Recent Advances in Intrusion Detection. Springer, 2001, pp. 190-203.
30. ANSI C12.22: Protocol specification for interfacing to data communication networks. National Electrical Manufacturers Association, 2008.
31. ANSI C12.19: Utility industry end device data tables. National Electrical Manufacturers Association, 2005.
32. O. S. G. user group (OpenSGug) Smart Grid Network Task Force, "Smart grid network system requirements specifications v5.0-draft1,"http://osgug. ucaiug.org/UtiliComm, 2011.
33. D. Nicol, W. Sanders, S. Singh, and M. Seri, "Usable global network access policy for process control systems," Security & Privacy, IEEE, vol. 6, no. 6, pp. 30-36, 2008.
34. M. Kaufmann, P. Manolios, and J. Moore, Computer-aided reasoning: an approach. Springer Netherlands, 2000.