A Review of Anomalies Detection Schemes for Smart Grids

A Review of Anomalies Detection Schemes for Smart

Grids

Andrés Felipe Murillo Piedrahita

Agenda

• Smart Grids Arquitecture

• Informatic attacks in Smart Grids

• Anomalies detection schemes for Smart Grids

• Conclusions

Smart Grids Architecture

• Goals and strategies in Smart Grids

• Reliability

• Efficiency

• Security

• Traditional Perspective (Power Electronic Grid)

• Generation

• Transmition

• Distribution

• Consume

• Communications Network Perspective

• Home Area Networks (HAN)

• Neighborhood Area Networks (NAN)

• Wide Area Networks (WAN)

Smart Grids Architecture

Informatic attacks in Smart Grids

• General attacks

• Device attack

• Data attack

• Privacy attack

• Network attack

• Elaborated attacks

• Data Integrity attacks

• Denial of Service

• Replay attacks

• Timing attacks

• Sniffing attacks

• Reconfigure attacks

Intrusion detection Schemes

• Autentication Mecanisms

• Activity analysis mechanisms

Authentication Mechanisms

Trust and key management model

• Agents:

• Electrical utility

• Service Provider

• Users

• Law authority

• None of the parties is considered to be trustworthy

Authentication Mechanisms

Trust and key management model

Authentication Mechanisms

A lightweight two-step mutual authentication protocol

• Aims to reduce the message complexity in the autentication process

• Does not use a CA Authority

Authentication Mechanisms

A lightweight two-step mutual authentication protocol

Authentication Mechanisms

Zero configuration identity based Signcryption scheme for Smart Grid

• Aims to get rid of a CA Authority in a PKI Scheme

• Public keys based on the Equipments IDs

• Uses a Key Generation Server

• Key Revocation

Authentication Mechanisms

Zero configuration identity based Signcryption scheme for Smart Grid

• Aims to get rid of a CA Authority in a PKI Scheme

• Public keys based on the Equipments IDs

• Uses a Key Generation Server

• Key Revocation

Activity analysis mechanisms

• Autentication Mecanisms

• Activity analysis mechanisms

Activity analysis mechanisms

Codification technique to protect and Distributed Storage System from Malicious Nodes

• α Node Storage Capacity

• d Replacement nodes

• ϒ Recover bandwidth

• β = ϒ / d

Activity analysis mechanisms

• Upper bound of the resilience capacity

• Use of RSKR-repetition codification to protect the information

• With the use of proposed decodification scheme and a tracker a list of malicious nodes could be obtained

Activity analysis mechanisms

Malicious activity Detection using traffic analysis

• Legitimate traffic has certain defined patterns

• Proposes regresion algorithms for clasification

• Dos attack using authentication requests

Activity analysis mechanisms

Distributed Intrusion Detection System in a Multi-Layer Network Architecture of Smart Grids

• Identification Systems for each Smart Grid Layer

• Hierarchical classification scheme

• Use of State Vector Machines and Artificial Immune Systems

Activity analysis mechanisms

Distributed Intrusion Detection System in a Multi-Layer Network Architecture of Smart Grids

Activity analysis mechanisms

Home Area Network Identification System

Upper layer Identification System

Conclusions

• Lack of a well defined Smart Grid Infrastructure

• Reviewed proposals only were validated using simulations

• CA authority are still necessary in Smart Grid Systems

• Use of classificators contribute to the Maintenance of Smart Grid Systems

A Review of Anomalies Detection Schemes for Smart

Grids

Andrés Felipe Murillo Piedrahita