David Grochocki, J. Huh, R. Berthier, R. Bobba, W. Sanders, A. Cárdenas, Jorjeta G. Jetcheva
{"title":"AMI威胁、入侵检测需求和部署建议","authors":"David Grochocki, J. Huh, R. Berthier, R. Bobba, W. Sanders, A. Cárdenas, Jorjeta G. Jetcheva","doi":"10.1109/SmartGridComm.2012.6486016","DOIUrl":null,"url":null,"abstract":"Advanced Metering Infrastructures (AMI) facilitate bidirectional communication between smart meters and utilities, allowing information about consumption, outages, and electricity rates to be shared reliably and efficiently. However, the numerous smart meters being connected through mesh networks open new opportunities for attackers to interfere with communications and compromise utilities' assets or steal customers' private information. The goal of this paper is to survey the various threats facing AMIs and the common attack techniques used to realize them in order to identify and understand the requirements for a comprehensive intrusion detection solution. The threat analysis leads to an extensive “attack tree” that captures the attackers' key objectives (e.g., energy theft) and the individual attack steps (e.g., eavesdropping on the network) that would be involved in achieving them. With reference to the attack tree, we show the type of information that would be required to effectively detect attacks. We also suggest that the widest coverage in monitoring the attacks can be provided by a hybrid sensing infrastructure that uses both a centralized intrusion detection system and embedded meter sensors.","PeriodicalId":143915,"journal":{"name":"2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2012-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"106","resultStr":"{\"title\":\"AMI threats, intrusion detection requirements and deployment recommendations\",\"authors\":\"David Grochocki, J. Huh, R. Berthier, R. Bobba, W. Sanders, A. Cárdenas, Jorjeta G. Jetcheva\",\"doi\":\"10.1109/SmartGridComm.2012.6486016\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Advanced Metering Infrastructures (AMI) facilitate bidirectional communication between smart meters and utilities, allowing information about consumption, outages, and electricity rates to be shared reliably and efficiently. However, the numerous smart meters being connected through mesh networks open new opportunities for attackers to interfere with communications and compromise utilities' assets or steal customers' private information. The goal of this paper is to survey the various threats facing AMIs and the common attack techniques used to realize them in order to identify and understand the requirements for a comprehensive intrusion detection solution. The threat analysis leads to an extensive “attack tree” that captures the attackers' key objectives (e.g., energy theft) and the individual attack steps (e.g., eavesdropping on the network) that would be involved in achieving them. With reference to the attack tree, we show the type of information that would be required to effectively detect attacks. We also suggest that the widest coverage in monitoring the attacks can be provided by a hybrid sensing infrastructure that uses both a centralized intrusion detection system and embedded meter sensors.\",\"PeriodicalId\":143915,\"journal\":{\"name\":\"2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"106\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SmartGridComm.2012.6486016\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SmartGridComm.2012.6486016","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
AMI threats, intrusion detection requirements and deployment recommendations
Advanced Metering Infrastructures (AMI) facilitate bidirectional communication between smart meters and utilities, allowing information about consumption, outages, and electricity rates to be shared reliably and efficiently. However, the numerous smart meters being connected through mesh networks open new opportunities for attackers to interfere with communications and compromise utilities' assets or steal customers' private information. The goal of this paper is to survey the various threats facing AMIs and the common attack techniques used to realize them in order to identify and understand the requirements for a comprehensive intrusion detection solution. The threat analysis leads to an extensive “attack tree” that captures the attackers' key objectives (e.g., energy theft) and the individual attack steps (e.g., eavesdropping on the network) that would be involved in achieving them. With reference to the attack tree, we show the type of information that would be required to effectively detect attacks. We also suggest that the widest coverage in monitoring the attacks can be provided by a hybrid sensing infrastructure that uses both a centralized intrusion detection system and embedded meter sensors.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
