Detection of rogue nodes in AMI networks Conference Paper uri icon

abstract

  • 2017 IEEE. Advanced Metering Infrastructure (AMI) is an integral part of smart power grids. With advanced computing and communications, cybersecurity has emerged to be a critical issue for AMI networks, which demand confidentiality and integrity. Cyber attackers can employ unauthorized devices, also known as rogue nodes, to steal customers' private information, modify or create wrong data that can financially impact customers, utilities, and the electricity market. To detect rogue nodes in AMI networks, we propose and simulate two Intrusion Detection Systems (IDS). Their goal is to detect man-in-the-middle attacks (MiTM), where the rogue node steals information using Address Resolution Protocol (ARP) cache poisoning. A host-based simplistic IDS for the smart meters and a network-based IDS for the data concentrator, which has a larger computing power, were implemented to detect and stop such MiTM attacks. The proposed IDS system uses a Bayesian-based machine learning technique so that the IDS learns the behavior of the attack and detects future attacks.

name of conference

  • 2017 19th International Conference on Intelligent System Application to Power Systems (ISAP)

published proceedings

  • 2017 19TH INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEM APPLICATION TO POWER SYSTEMS (ISAP)

author list (cited authors)

  • Sahu, A., Tippanaboyana, H., Hefton, L., & Goulart, A.

citation count

  • 8

complete list of authors

  • Sahu, Abhijeet||Tippanaboyana, HNR Karthik||Hefton, Lindsay||Goulart, Ana

publication date

  • January 2017