Specification-based Intrusion Detection for home area networks in smart grids
- 1 October 2011
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Achievement of the goals of smart grid such as resilience, high power quality, and consumer participation strongly depends on the security of this system. Along with the security measures that should be built into the smart grid from the beginning, appropriate Intrusion Detection Systems (IDSs) should also be designed. Home area network (HAN) is one of the most vulnerable subsystems within the smart grid, mostly because of its physically insecure environment. In this paper, we present a layered specification-based IDS for HAN. Considering that ZigBee is the dominant technology in future HAN, our IDS is designed to target ZigBee technology; specifically we address the physical and medium access control (MAC) layers. In our IDS the normal behavior of the network is defined through selected specifications that we extract from the IEEE 802.15.4 standard. Deviations from the defined normal behavior can be a sign of some malicious activities. We further investigate the physical and MAC layer attacks in ZigBee networks and evaluate the performance of our proposed IDS against them. Our IDS provides a good detection capability against known attacks, and since this is an IDS based on anomalous event detection, we expect the same for unknown attacks.Keywords
This publication has 7 references indexed in Scilit:
- Message Denial and Alteration on IEEE 802.15.4 Low-Power Radio NetworksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- Intrusion Detection for Advanced Metering Infrastructures: Requirements and Architectural DirectionsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- Attacks with Steganography in PHY and MAC Layers of 802.15.4 ProtocolPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- Security Measures for Advanced Metering Infrastructure ComponentsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- An intrusion detection system for wireless process control systemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2008
- On the IEEE 802.15.4 MAC Layer Attacks: GTS AttackPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2008
- Evaluating the Feasibility of Traffic-Based Intrusion Detection in an 802.15.4 Sensor Cluster21st International Conference on Advanced Networking and Applications (AINA '07), 2007