Targeted cyber attacks are on the rise, and the power industry is an attractive target. Espionage and causing physical damage are likely goals of these targeted attacks. In the case of the power industry, the worst possible consequences are severe: large areas, including critical societal infrastructures, can suffer from power outages. In this paper, we try to measure the preparedness of the power industry against targeted attacks. To this end, we have studied well-known targeted attacks and created a taxonomy for them. Furthermore, we conduct a study, in which we interview six power distribution system operators (DSOs), to assess the level of cyber situation awareness among DSOs and to evaluate the efficiency and effectiveness of their currently deployed systems and practices for detecting and responding to targeted attacks. Our findings indicate that the power industry is very well prepared for traditional threats, such as physical attacks. However, cyber attacks, and especially sophisticated targeted attacks, where social engineering is one of the strategies used, have not been addressed appropriately so far. Finally, by understanding previous attacks and learning from them, we try to provide the industry with guidelines for improving their situation awareness and defense (both detection and response) capabilities.
{"title":"Targeted Attacks against Industrial Control Systems: Is the Power Industry Prepared?","authors":"M. B. Line, Ali Zand, G. Stringhini, R. Kemmerer","doi":"10.1145/2667190.2667192","DOIUrl":"https://doi.org/10.1145/2667190.2667192","url":null,"abstract":"Targeted cyber attacks are on the rise, and the power industry is an attractive target. Espionage and causing physical damage are likely goals of these targeted attacks. In the case of the power industry, the worst possible consequences are severe: large areas, including critical societal infrastructures, can suffer from power outages. In this paper, we try to measure the preparedness of the power industry against targeted attacks. To this end, we have studied well-known targeted attacks and created a taxonomy for them. Furthermore, we conduct a study, in which we interview six power distribution system operators (DSOs), to assess the level of cyber situation awareness among DSOs and to evaluate the efficiency and effectiveness of their currently deployed systems and practices for detecting and responding to targeted attacks. Our findings indicate that the power industry is very well prepared for traditional threats, such as physical attacks. However, cyber attacks, and especially sophisticated targeted attacks, where social engineering is one of the strategies used, have not been addressed appropriately so far. Finally, by understanding previous attacks and learning from them, we try to provide the industry with guidelines for improving their situation awareness and defense (both detection and response) capabilities.","PeriodicalId":292964,"journal":{"name":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125818050","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
David Formby, Sangjoon Jung, J. Copeland, R. Beyah
Implementations of the TCP/IP protocol suite have been patched for decades to reduce the threat of TCP sequence number prediction attacks. TCP, in particular, has been adopted to many devices in the power grid as a transport layer for their applications since it provides reliability. Even though this threat has been well-known for almost three decades, this does not hold true in power grid networks; weak TCP sequence number generation can still be found in many devices used throughout the power grid. Although our analysis only covers one substation, we believe that this is without loss of generality given: 1) the pervasiveness of the flaws throughout the substation devices; and 2) the prominence of the vendors. In this paper, we show how much TCP initial sequence numbers (ISNs) are still predictable and how time is strongly correlated with TCP ISN generation. We collected power grid network traffic from a live substation for six months, and we measured TCP ISN differences and their time differences between TCP connection establishments. In the live substation, we found three unique vendors (135 devices, 68%) from a total of eight vendors (196 devices) running TCP that show strongly predictable patterns of TCP ISN generation.
{"title":"An Empirical Study of TCP Vulnerabilities in Critical Power System Devices","authors":"David Formby, Sangjoon Jung, J. Copeland, R. Beyah","doi":"10.1145/2667190.2667196","DOIUrl":"https://doi.org/10.1145/2667190.2667196","url":null,"abstract":"Implementations of the TCP/IP protocol suite have been patched for decades to reduce the threat of TCP sequence number prediction attacks. TCP, in particular, has been adopted to many devices in the power grid as a transport layer for their applications since it provides reliability. Even though this threat has been well-known for almost three decades, this does not hold true in power grid networks; weak TCP sequence number generation can still be found in many devices used throughout the power grid. Although our analysis only covers one substation, we believe that this is without loss of generality given: 1) the pervasiveness of the flaws throughout the substation devices; and 2) the prominence of the vendors. In this paper, we show how much TCP initial sequence numbers (ISNs) are still predictable and how time is strongly correlated with TCP ISN generation. We collected power grid network traffic from a live substation for six months, and we measured TCP ISN differences and their time differences between TCP connection establishments. In the live substation, we found three unique vendors (135 devices, 68%) from a total of eight vendors (196 devices) running TCP that show strongly predictable patterns of TCP ISN generation.","PeriodicalId":292964,"journal":{"name":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","volume":"05 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127347979","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
One active area of research in smart grid security focuses on applying game-theoretic frameworks to analyze interactions between a system and an attacker and formulate effective defense strategies. In previous work, a Nash equilibrium (NE) solution is chosen as the optimal defense strategy, which [7, 9] implies that the attacker has complete knowledge of the system and would also employ the corresponding NE strategy. In practice, however, the attacker may have limited knowledge and resources, and thus employ an attack which is less than optimal, allowing the defender to devise more efficient strategies. We propose a novel approach called an adaptive Markov Strategy (AMS) for defending a system against attackers with unknown, dynamic behaviors. The algorithm for computing an AMS is theoretically guaranteed to converge to a best response strategy against any stationary attacker, and also converge to a Nash equilibrium if the attacker is sufficiently intelligent to employ the AMS to launch the attack. To evaluate the effectiveness of an AMS in smart grid systems, we study a class of data integrity attacks that involve injecting false voltage information into a substation, with the goal of causing load shedding (and potentially a blackout). Our preliminary results show that the amount of load shedding costs can be significantly reduced by employing an AMS over a NE strategy.
{"title":"Adaptive Defending Strategy for Smart Grid Attacks","authors":"Jianye Hao, Eunsuk Kang, D. Jackson, Jun Sun","doi":"10.1145/2667190.2667195","DOIUrl":"https://doi.org/10.1145/2667190.2667195","url":null,"abstract":"One active area of research in smart grid security focuses on applying game-theoretic frameworks to analyze interactions between a system and an attacker and formulate effective defense strategies. In previous work, a Nash equilibrium (NE) solution is chosen as the optimal defense strategy, which [7, 9] implies that the attacker has complete knowledge of the system and would also employ the corresponding NE strategy. In practice, however, the attacker may have limited knowledge and resources, and thus employ an attack which is less than optimal, allowing the defender to devise more efficient strategies. We propose a novel approach called an adaptive Markov Strategy (AMS) for defending a system against attackers with unknown, dynamic behaviors. The algorithm for computing an AMS is theoretically guaranteed to converge to a best response strategy against any stationary attacker, and also converge to a Nash equilibrium if the attacker is sufficiently intelligent to employ the AMS to launch the attack. To evaluate the effectiveness of an AMS in smart grid systems, we study a class of data integrity attacks that involve injecting false voltage information into a substation, with the goal of causing load shedding (and potentially a blackout). Our preliminary results show that the amount of load shedding costs can be significantly reduced by employing an AMS over a NE strategy.","PeriodicalId":292964,"journal":{"name":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","volume":"81 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129255571","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
H. Dantas, Z. Erkin, C. Doerr, Raymond Hallie, Gerrit van der Bij
Smart grids enable new functionalities like remote and micro management and consequently, provide increased efficiency, easy management and effectiveness of the entire power grid infrastructure. In order to achieve this, smart meters are attached to the communication network, collecting fine granular data. Unfortunately, as the smart meters are limited devices connected to the network and running software, they also make the whole smart grid more vulnerable than the traditional grids in term of software problems and even possible cyber attacks. In this paper, we work towards an increased software security of smart metering devices and propose a fuzzing framework, eFuzz, built on the generic fuzzing framework Peach to detect software problems. eFuzz tests smart metering devices based on the communication protocol DLMS/COSEM, the standard protocol used in Europe, for possible faults. Our experiments prove the effectiveness of using an automated fuzzing framework compared to resource demanding, human made software protocol inspections. As an example, eFuzz detected between 10 and 40 bugs in different configurations in less than 3 hours while a manual inspection takes weeks. We also investigate the quality of the eFuzz results by comparing with the traditional non-automated evaluation of the same device with respect to scope and efficiency. Our analysis shows that eFuzz is a powerful tool for security inspections for smart meters, and embedded systems in general.
{"title":"eFuzz: A Fuzzer for DLMS/COSEM Electricity Meters","authors":"H. Dantas, Z. Erkin, C. Doerr, Raymond Hallie, Gerrit van der Bij","doi":"10.1145/2667190.2667194","DOIUrl":"https://doi.org/10.1145/2667190.2667194","url":null,"abstract":"Smart grids enable new functionalities like remote and micro management and consequently, provide increased efficiency, easy management and effectiveness of the entire power grid infrastructure. In order to achieve this, smart meters are attached to the communication network, collecting fine granular data. Unfortunately, as the smart meters are limited devices connected to the network and running software, they also make the whole smart grid more vulnerable than the traditional grids in term of software problems and even possible cyber attacks. In this paper, we work towards an increased software security of smart metering devices and propose a fuzzing framework, eFuzz, built on the generic fuzzing framework Peach to detect software problems. eFuzz tests smart metering devices based on the communication protocol DLMS/COSEM, the standard protocol used in Europe, for possible faults. Our experiments prove the effectiveness of using an automated fuzzing framework compared to resource demanding, human made software protocol inspections. As an example, eFuzz detected between 10 and 40 bugs in different configurations in less than 3 hours while a manual inspection takes weeks. We also investigate the quality of the eFuzz results by comparing with the traditional non-automated evaluation of the same device with respect to scope and efficiency. Our analysis shows that eFuzz is a powerful tool for security inspections for smart meters, and embedded systems in general.","PeriodicalId":292964,"journal":{"name":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116608187","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The smart-grid is gaining increasing attention nowadays, owing to its premise to offer increased reliability, performance, and a balanced utilization of energy. However, the current design of smart-grids raises serious concerns with respect to the privacy and anonymity of users. Thus far, the literature has solely focused on the problem of privately aggregating energy reports and has not addressed the privacy threats that can occur through other intelligent operations which take place in the smart grid, such as planning the energy distribution. In this paper, we propose a novel solution that enables the planning of energy distribution in the grid without leaking any information about the energy requests of individual smart meters. We also implement a prototype based on our proposal and we evaluate its performance in realistic deployment settings.
{"title":"Privacy-Friendly Planning of Energy Distribution in Smart Grids","authors":"T. Dimitriou, Ghassan O. Karame","doi":"10.1145/2667190.2667191","DOIUrl":"https://doi.org/10.1145/2667190.2667191","url":null,"abstract":"The smart-grid is gaining increasing attention nowadays, owing to its premise to offer increased reliability, performance, and a balanced utilization of energy. However, the current design of smart-grids raises serious concerns with respect to the privacy and anonymity of users. Thus far, the literature has solely focused on the problem of privately aggregating energy reports and has not addressed the privacy threats that can occur through other intelligent operations which take place in the smart grid, such as planning the energy distribution. In this paper, we propose a novel solution that enables the planning of energy distribution in the grid without leaking any information about the energy requests of individual smart meters. We also implement a prototype based on our proposal and we evaluate its performance in realistic deployment settings.","PeriodicalId":292964,"journal":{"name":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117155153","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Millions of people are now increasingly using smart devices at home to improve the quality of their lives. Unfortunately, the smart devices that we use at home for comfort and simplicity make our lives more complicated in terms of management due to several issues like mismatching interfaces and complexity of the micro-management. One approach to manage smart homes is to enable the utility provider, which has direct access to electrical devices via smart meters. It is expected that the data collected for the management can also be utilized for other personalized services using other business partners. In this paper, we address these personalized services and argue that privacy is a serious consideration for the deployment of the new business ideas. We provide a scientific method to provide new services for smart homes while protecting the privacy-sensitive data. To the best of our knowledge, privacy enhanced new services based on the utilization of smart meter data have not been considered by the research community.
{"title":"Privacy Enhanced Personal Services for Smart Grids","authors":"Z. Erkin, T. Veugen","doi":"10.1145/2667190.2667193","DOIUrl":"https://doi.org/10.1145/2667190.2667193","url":null,"abstract":"Millions of people are now increasingly using smart devices at home to improve the quality of their lives. Unfortunately, the smart devices that we use at home for comfort and simplicity make our lives more complicated in terms of management due to several issues like mismatching interfaces and complexity of the micro-management. One approach to manage smart homes is to enable the utility provider, which has direct access to electrical devices via smart meters. It is expected that the data collected for the management can also be utilized for other personalized services using other business partners. In this paper, we address these personalized services and argue that privacy is a serious consideration for the deployment of the new business ideas. We provide a scientific method to provide new services for smart homes while protecting the privacy-sensitive data. To the best of our knowledge, privacy enhanced new services based on the utilization of smart meter data have not been considered by the research community.","PeriodicalId":292964,"journal":{"name":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","volume":"329 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115967230","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
It is our great pleasure to welcome you to the 2nd Smart Energy Grid Security (SEGS) Workshop. SEGS 2014 aims to foster innovative research and discussion about smart energy grid security and privacy challenges, approaches, and solutions. SEGS'14 takes places in Scottsdale, Arizona, in conjunction with ACM CCS 2014. � �In the last year, the digitalization of the power grids has been pushed further, with an increasing number of countries engaging in large scale rollouts of smart grid components. While the topic of security is getting more attention, we still face insufficient understanding and communication between the electricity sector and the security community. Given the long lifetime of the systems deployed now, and the fact that the first large scale attacks have already been seen, increasing this communication and working towards applicable solutions is more important than ever before. � �In spite of the growing number of events and conferences focusing on the digital grid, the gap in the security research community specially addressing smart grids is still wide, and many of the systems rolled out now have a wealth of unaddressed security issues. This workshop aims to fill that void and encourage more research into the area of smart grid security by providing a forum for security researchers to present their work. This workshop serves as an opportunity to foster collaboration between the power industry and the ACM CCS research community. � �The scope of the workshop encompasses all aspects of the smart grid, including distribution, transmission, generation, metering, e-mobility, and integration of distributed energy resources. SEGS publications offer perspectives from both academia and industry, and present novel research on theoretical and practical aspects of smart grid security and privacy, including design, analysis, experimentation, and fielded systems. SEGS also aims for the integration of other communities, such as law, economics, and HCI, which present these communities' perspectives on technological issues. We hope that the workshop will provide the participants with the opportunity to share ideas and practical experience, and will result in progress towards more resilient power systems. � �TOPICS OF INTEREST The SEGS Workshop focuses on the following topics: �Smart grid architectures and models �Smart grid networks and communication �Security and dependability in safetycritical, real-time systems �Data protection and privacy �Grid management �Trust and assurance �Intrusion detection and monitoring on smart grids �Algorithms and protocols for critical infrastructures �Risk and threat analysis �Smartgrid standards, testing, andcertification �Testbeds and field trials �Usability and legal issues on grid security �Cloud computing and smart grids
{"title":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","authors":"K. Kursawe, Benessa Defend","doi":"10.1145/2667190","DOIUrl":"https://doi.org/10.1145/2667190","url":null,"abstract":"It is our great pleasure to welcome you to the 2nd Smart Energy Grid Security (SEGS) Workshop. SEGS 2014 aims to foster innovative research and discussion about smart energy grid security and privacy challenges, approaches, and solutions. SEGS'14 takes places in Scottsdale, Arizona, in conjunction with ACM CCS 2014. \u0000 \u0000In the last year, the digitalization of the power grids has been pushed further, with an increasing number of countries engaging in large scale rollouts of smart grid components. While the topic of security is getting more attention, we still face insufficient understanding and communication between the electricity sector and the security community. Given the long lifetime of the systems deployed now, and the fact that the first large scale attacks have already been seen, increasing this communication and working towards applicable solutions is more important than ever before. \u0000 \u0000In spite of the growing number of events and conferences focusing on the digital grid, the gap in the security research community specially addressing smart grids is still wide, and many of the systems rolled out now have a wealth of unaddressed security issues. This workshop aims to fill that void and encourage more research into the area of smart grid security by providing a forum for security researchers to present their work. This workshop serves as an opportunity to foster collaboration between the power industry and the ACM CCS research community. \u0000 \u0000The scope of the workshop encompasses all aspects of the smart grid, including distribution, transmission, generation, metering, e-mobility, and integration of distributed energy resources. SEGS publications offer perspectives from both academia and industry, and present novel research on theoretical and practical aspects of smart grid security and privacy, including design, analysis, experimentation, and fielded systems. SEGS also aims for the integration of other communities, such as law, economics, and HCI, which present these communities' perspectives on technological issues. We hope that the workshop will provide the participants with the opportunity to share ideas and practical experience, and will result in progress towards more resilient power systems. \u0000 \u0000TOPICS OF INTEREST The SEGS Workshop focuses on the following topics: \u0000Smart grid architectures and models \u0000Smart grid networks and communication \u0000Security and dependability in safetycritical, real-time systems \u0000Data protection and privacy \u0000Grid management \u0000Trust and assurance \u0000Intrusion detection and monitoring on smart grids \u0000Algorithms and protocols for critical infrastructures \u0000Risk and threat analysis \u0000Smartgrid standards, testing, andcertification \u0000Testbeds and field trials \u0000Usability and legal issues on grid security \u0000Cloud computing and smart grids","PeriodicalId":292964,"journal":{"name":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133671625","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Upul Jayasinghe, Sérgio Barreto Andrade, M. Popovic, T. Tesfay, J. Boudec
We are interested in the security of the MPLS Transport Profile (MPLS-TP), in the context of smart-grid communication networks. The security guidelines of the MPLS-TP standards are written in a complex and indirect way, which led us to pose as hypothesis that vendor solutions might not implement them satisfactorily. To test this hypothesis, we investigated the Cisco implementation of two MPLS-TP OAM (Operations, Administration, and Maintenance) protocols: bidirectional forwarding detection (BFD), used to detect failures in label-switched paths (LSPs) and protection state coordination (PSC), used to coordinate protection switching. Critical smart grid applications, such as protection and control, rely on the protection switching feature controlled by BFD and PSC. We did find security issues with this implementation. We implemented a testbed with eight nodes that run the MPLS-TP enabled Cisco IOS; we demonstrated that an attacker who has access to only one cable (for two attacks) or two cables (for one attack) is able to harm the network at several points (e.g., disabling both working and protection LSPs). This occurred in spite of us implementing the security guidelines that are available from Cisco for IOS and MPLS-TP. The attacks use forged BFD or PSC messages, which induce a label-edge router (LER) into believing false information about an LSP. In one attack, the LER disables the operational LSP; in another attack, the LER continues to believe that a physically destroyed LSP is up and running; in yet another attack, both operational and backup LSPs are brought down. Our findings suggest that the MPLS-TP standard should be more explicit when it comes to security. For example, to thwart the attacks revealed here, it should mandate either hop by hop authentication (such as MACSec) at every node, or an ad-hoc authentication mechanism for BFD and PSC.
{"title":"Security Vulnerabilities of the Cisco IOS Implementation of the MPLS Transport Profile","authors":"Upul Jayasinghe, Sérgio Barreto Andrade, M. Popovic, T. Tesfay, J. Boudec","doi":"10.1145/2667190.2667197","DOIUrl":"https://doi.org/10.1145/2667190.2667197","url":null,"abstract":"We are interested in the security of the MPLS Transport Profile (MPLS-TP), in the context of smart-grid communication networks. The security guidelines of the MPLS-TP standards are written in a complex and indirect way, which led us to pose as hypothesis that vendor solutions might not implement them satisfactorily. To test this hypothesis, we investigated the Cisco implementation of two MPLS-TP OAM (Operations, Administration, and Maintenance) protocols: bidirectional forwarding detection (BFD), used to detect failures in label-switched paths (LSPs) and protection state coordination (PSC), used to coordinate protection switching. Critical smart grid applications, such as protection and control, rely on the protection switching feature controlled by BFD and PSC. We did find security issues with this implementation. We implemented a testbed with eight nodes that run the MPLS-TP enabled Cisco IOS; we demonstrated that an attacker who has access to only one cable (for two attacks) or two cables (for one attack) is able to harm the network at several points (e.g., disabling both working and protection LSPs). This occurred in spite of us implementing the security guidelines that are available from Cisco for IOS and MPLS-TP. The attacks use forged BFD or PSC messages, which induce a label-edge router (LER) into believing false information about an LSP. In one attack, the LER disables the operational LSP; in another attack, the LER continues to believe that a physically destroyed LSP is up and running; in yet another attack, both operational and backup LSPs are brought down. Our findings suggest that the MPLS-TP standard should be more explicit when it comes to security. For example, to thwart the attacks revealed here, it should mandate either hop by hop authentication (such as MACSec) at every node, or an ad-hoc authentication mechanism for BFD and PSC.","PeriodicalId":292964,"journal":{"name":"Proceedings of the 2nd Workshop on Smart Energy Grid Security","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129708146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: