AMI threats, intrusion detection requirements and deployment recommendations

David Grochocki, Jun Ho Huh, Robin Berthier, Rakesh Bobba, William H. Sanders, Alvaro A. Cardenas, Jorjeta G. Jetcheva

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Advanced Metering Infrastructures (AMI) facilitate bidirectional communication between smart meters and utilities, allowing information about consumption, outages, and electricity rates to be shared reliably and efficiently. However, the numerous smart meters being connected through mesh networks open new opportunities for attackers to interfere with communications and compromise utilities' assets or steal customers' private information. The goal of this paper is to survey the various threats facing AMIs and the common attack techniques used to realize them in order to identify and understand the requirements for a comprehensive intrusion detection solution. The threat analysis leads to an extensive 'attack tree' that captures the attackers' key objectives (e.g., energy theft) and the individual attack steps (e.g., eavesdropping on the network) that would be involved in achieving them. With reference to the attack tree, we show the type of information that would be required to effectively detect attacks. We also suggest that the widest coverage in monitoring the attacks can be provided by a hybrid sensing infrastructure that uses both a centralized intrusion detection system and embedded meter sensors.

Original languageEnglish (US)
Title of host publication2012 IEEE 3rd International Conference on Smart Grid Communications, SmartGridComm 2012
Pages395-400
Number of pages6
DOIs
StatePublished - 2012
Externally publishedYes
Event2012 IEEE 3rd International Conference on Smart Grid Communications, SmartGridComm 2012 - Tainan, Taiwan, Province of China
Duration: Nov 5 2012Nov 8 2012

Publication series

Name2012 IEEE 3rd International Conference on Smart Grid Communications, SmartGridComm 2012

Other

Other2012 IEEE 3rd International Conference on Smart Grid Communications, SmartGridComm 2012
Country/TerritoryTaiwan, Province of China
CityTainan
Period11/5/1211/8/12

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Communication

Fingerprint

Dive into the research topics of 'AMI threats, intrusion detection requirements and deployment recommendations'. Together they form a unique fingerprint.

Cite this