A comparison of different intrusion detection approaches in an advanced metering infrastructure network using ADVISE

Michael Rausch, Brett Feddersen, Ken Keefe, William H. Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Utilities responsible for Advanced Metering Infrastructure (AMI) networks must be able to defend themselves from a variety of potential attacks so they may achieve the goals of delivering power to consumers and maintaining the integrity of their equipment and data. Intrusion detection systems (IDSes) can play an important part in the defense of such networks. Utilities should carefully consider the strengths and weaknesses of different IDS deployment strategies to choose the most cost-effective solution. Models of adversary behavior in the presence of different IDS deployments can help with making this decision as we demonstrate through a case study that uses a model created in the ADversary VIew Security Evaluation (ADVISE) formalism (which calculates metrics used to compare different IDSes). We show how these metrics give valuable insight into the selection of the appropriate IDS architecture for an AMI network.

Original languageEnglish (US)
Title of host publicationQuantitative Evaluation of Systems - 13th International Conference, QEST 2016, Proceedings
EditorsBenny Van Houdt, Gul Agha
PublisherSpringer-Verlag
Pages279-294
Number of pages16
ISBN (Print)9783319434247
DOIs
StatePublished - Jan 1 2016
Event13th International Conference on Quantitative Evaluation of Systems, QEST 2016 - Quebec City, Canada
Duration: Aug 23 2016Aug 25 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9826 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other13th International Conference on Quantitative Evaluation of Systems, QEST 2016
CountryCanada
CityQuebec City
Period8/23/168/25/16

Fingerprint

Advanced metering infrastructures
Intrusion detection
Intrusion Detection
Infrastructure
Evaluation
Metric
Decision making
Integrity
Choose
Attack
Costs
Calculate
Model
Demonstrate

Keywords

  • ADversary VIew Security Evaluation (ADVISE)
  • Advanced Metering Infrastructure (AMI)
  • Intrusion Detection Systems (IDS)
  • Security modeling
  • Smart grid

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Rausch, M., Feddersen, B., Keefe, K., & Sanders, W. H. (2016). A comparison of different intrusion detection approaches in an advanced metering infrastructure network using ADVISE. In B. Van Houdt, & G. Agha (Eds.), Quantitative Evaluation of Systems - 13th International Conference, QEST 2016, Proceedings (pp. 279-294). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9826 LNCS). Springer-Verlag. https://doi.org/10.1007/978-3-319-43425-4_19

A comparison of different intrusion detection approaches in an advanced metering infrastructure network using ADVISE. / Rausch, Michael; Feddersen, Brett; Keefe, Ken; Sanders, William H.

Quantitative Evaluation of Systems - 13th International Conference, QEST 2016, Proceedings. ed. / Benny Van Houdt; Gul Agha. Springer-Verlag, 2016. p. 279-294 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9826 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Rausch, M, Feddersen, B, Keefe, K & Sanders, WH 2016, A comparison of different intrusion detection approaches in an advanced metering infrastructure network using ADVISE. in B Van Houdt & G Agha (eds), Quantitative Evaluation of Systems - 13th International Conference, QEST 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9826 LNCS, Springer-Verlag, pp. 279-294, 13th International Conference on Quantitative Evaluation of Systems, QEST 2016, Quebec City, Canada, 8/23/16. https://doi.org/10.1007/978-3-319-43425-4_19
Rausch M, Feddersen B, Keefe K, Sanders WH. A comparison of different intrusion detection approaches in an advanced metering infrastructure network using ADVISE. In Van Houdt B, Agha G, editors, Quantitative Evaluation of Systems - 13th International Conference, QEST 2016, Proceedings. Springer-Verlag. 2016. p. 279-294. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-43425-4_19
Rausch, Michael ; Feddersen, Brett ; Keefe, Ken ; Sanders, William H. / A comparison of different intrusion detection approaches in an advanced metering infrastructure network using ADVISE. Quantitative Evaluation of Systems - 13th International Conference, QEST 2016, Proceedings. editor / Benny Van Houdt ; Gul Agha. Springer-Verlag, 2016. pp. 279-294 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{a00bba094dc34613a6f3065ded549dd6,
title = "A comparison of different intrusion detection approaches in an advanced metering infrastructure network using ADVISE",
abstract = "Utilities responsible for Advanced Metering Infrastructure (AMI) networks must be able to defend themselves from a variety of potential attacks so they may achieve the goals of delivering power to consumers and maintaining the integrity of their equipment and data. Intrusion detection systems (IDSes) can play an important part in the defense of such networks. Utilities should carefully consider the strengths and weaknesses of different IDS deployment strategies to choose the most cost-effective solution. Models of adversary behavior in the presence of different IDS deployments can help with making this decision as we demonstrate through a case study that uses a model created in the ADversary VIew Security Evaluation (ADVISE) formalism (which calculates metrics used to compare different IDSes). We show how these metrics give valuable insight into the selection of the appropriate IDS architecture for an AMI network.",
keywords = "ADversary VIew Security Evaluation (ADVISE), Advanced Metering Infrastructure (AMI), Intrusion Detection Systems (IDS), Security modeling, Smart grid",
author = "Michael Rausch and Brett Feddersen and Ken Keefe and Sanders, {William H.}",
year = "2016",
month = "1",
day = "1",
doi = "10.1007/978-3-319-43425-4_19",
language = "English (US)",
isbn = "9783319434247",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer-Verlag",
pages = "279--294",
editor = "{Van Houdt}, Benny and Gul Agha",
booktitle = "Quantitative Evaluation of Systems - 13th International Conference, QEST 2016, Proceedings",

}

TY - GEN

T1 - A comparison of different intrusion detection approaches in an advanced metering infrastructure network using ADVISE

AU - Rausch, Michael

AU - Feddersen, Brett

AU - Keefe, Ken

AU - Sanders, William H.

PY - 2016/1/1

Y1 - 2016/1/1

N2 - Utilities responsible for Advanced Metering Infrastructure (AMI) networks must be able to defend themselves from a variety of potential attacks so they may achieve the goals of delivering power to consumers and maintaining the integrity of their equipment and data. Intrusion detection systems (IDSes) can play an important part in the defense of such networks. Utilities should carefully consider the strengths and weaknesses of different IDS deployment strategies to choose the most cost-effective solution. Models of adversary behavior in the presence of different IDS deployments can help with making this decision as we demonstrate through a case study that uses a model created in the ADversary VIew Security Evaluation (ADVISE) formalism (which calculates metrics used to compare different IDSes). We show how these metrics give valuable insight into the selection of the appropriate IDS architecture for an AMI network.

AB - Utilities responsible for Advanced Metering Infrastructure (AMI) networks must be able to defend themselves from a variety of potential attacks so they may achieve the goals of delivering power to consumers and maintaining the integrity of their equipment and data. Intrusion detection systems (IDSes) can play an important part in the defense of such networks. Utilities should carefully consider the strengths and weaknesses of different IDS deployment strategies to choose the most cost-effective solution. Models of adversary behavior in the presence of different IDS deployments can help with making this decision as we demonstrate through a case study that uses a model created in the ADversary VIew Security Evaluation (ADVISE) formalism (which calculates metrics used to compare different IDSes). We show how these metrics give valuable insight into the selection of the appropriate IDS architecture for an AMI network.

KW - ADversary VIew Security Evaluation (ADVISE)

KW - Advanced Metering Infrastructure (AMI)

KW - Intrusion Detection Systems (IDS)

KW - Security modeling

KW - Smart grid

UR - http://www.scopus.com/inward/record.url?scp=84981225616&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84981225616&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-43425-4_19

DO - 10.1007/978-3-319-43425-4_19

M3 - Conference contribution

AN - SCOPUS:84981225616

SN - 9783319434247

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 279

EP - 294

BT - Quantitative Evaluation of Systems - 13th International Conference, QEST 2016, Proceedings

A2 - Van Houdt, Benny

A2 - Agha, Gul

PB - Springer-Verlag

ER -