University of Illinois Urbana-Champaign

Deployment considerations for intrusion detection systems in advanced metering infrastructure

Grochocki, David

Content Files
David_Grochocki.pdf

Permalink

https://hdl.handle.net/2142/44106

Description

Title
Deployment considerations for intrusion detection systems in advanced metering infrastructure
Author(s)
Grochocki, David
Issue Date
2013-05-24T21:50:54Z
Director of Research (if dissertation) or Advisor (if thesis)
Sanders, William H.
Department of Study
Electrical & Computer Eng
Discipline
Electrical & Computer Engr
Degree Granting Institution
University of Illinois at Urbana-Champaign
Degree Name
M.S.
Degree Level
Thesis
Date of Ingest
2013-05-24T21:50:54Z
Keyword(s)
  • Intrusion Detection Systems (IDS)
  • Advanced Metering Infrastructure
  • Smart Grid
  • Key management
  • SAN Model
  • Adversary View Security Evaluation (ADVISE)
  • Failure Scenarios
  • Threat Survey
Abstract
Advanced Metering Infrastructures (AMIs) enable advanced bidirectional communication between utilities and smart meters deployed in the field, allowing consumption, outage, and price information to be shared efficiently and reliably. The addition of this new infrastructure, connected through mesh networks, has given rise to new opportunities for adversaries to interfere with communications and possibly compromise utilities' assets or steal customers' private information. The goal of this thesis is to survey the various threats facing AMIs in order to identify and understand the requirements for a comprehensive intrusion detection solution. The threat analysis leads to an extensive set of failure scenarios that captures the attackers' key objectives and is used to extract the information required to effectively detect attacks. Using the information taken from the failure scenarios and knowledge of how encrypted communications can affect detection reliability, we explore possible intrusion detection system (IDS) infrastructures and discuss deployment considerations for each of them, paying particular attention to how well they can detect attacks. We also suggest that the widest coverage of monitoring for attacks can be provided by a hybrid sensing infrastructure that uses both a centralized intrusion detection system and embedded meter or dedicated standalone sensors.
Graduation Semester
2013-05
Permalink
http://hdl.handle.net/2142/44106
Copyright and License Information
Copyright 2013 David Raymond Grochocki Jr

Owning Collections

Graduate Dissertations and Theses at Illinois PRIMARY
Graduate Theses and Dissertations at Illinois
Dissertations and Theses - Electrical and Computer Engineering
Dissertations and Theses in Electrical and Computer Engineering