Optimization of Stealthwatch Network Security System for the Detection and Mitigation of Distributed Denial of Service (DDoS) Attack: Application to Smart Grid System
The Smart Grid is an enhancement of the traditional grid system and employs new technologies and sophisticated communication techniques for electrical power transmission and distribution. The Smart Grid’s communication network shares information about status of its several integrated IEDs (Intelligent Electronic Devices). However, the IEDs connected throughout the Smart Grid, open opportunities for attackers to interfere with the communications and utilities resources or take clients’ private data. This development has introduced new cyber-security challenges for the Smart Grid and is a very concerning issue because of emerging cyber-threats and security incidents that have occurred recently all over the world. The purpose of this research is to detect and mitigate Distributed Denial of Service [DDoS] with application to the Electrical Smart Grid System by deploying an optimized Stealthwatch Secure Network analytics tool. In this paper, the DDoS attack in the Smart Grid communication networks was modeled using Stealthwatch tool. The simulated network consisted of Secure Network Analytic tools virtual machines (VMs), electrical Grid network communication topology, attackers and Target VMs. Finally, the experiments and simulations were performed, and the research results showed that Stealthwatch analytic tool is very effective in detecting and mitigating DDoS attacks in the Smart Grid System without causing any blackout or shutdown of any internal systems as compared to other tools such as GNS3, NeSSi2, NISST Framework, OMNeT++, INET Framework, ReaSE, NS2, NS3, M5 Simulator, OPNET, PLC & TIA Portal management Software which do not have the capability to do so. Also, using Stealthwatch tool to create a security baseline for Smart Grid environment, contributes to risk mitigation and sound security hygiene.
References
[1]
Wang, K., Du, M., Maharjan, S. and Sun, Y. (2017) Strategic Honeypot Game Model for Distributed Denial of Service Attacks in the Smart Grid. IEEE Transactions on Smart Grid, 8, 2474-2482. https://doi.org/10.1109/tsg.2017.2670144
[2]
Guo, Y., Ten, C., Hu, S. and Weaver, W.W. (2015) Modeling Distributed Denial of Service Attack in Advanced Metering Infrastructure. 2015 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference, Washington, 18-20 February 2015, 1-5. https://doi.org/10.1109/isgt.2015.7131828
[3]
Asri, S. and Pranggono, B. (2015) Impact of Distributed Denial-of-Service Attack on Advanced Metering Infrastructure. Wireless Personal Communications, 83, 2211-2223. https://doi.org/10.1007/s11277-015-2510-3
[4]
Eddy, J., Miner, N.E. and Stamp, J. (2017) Sandia’s Microgrid Design Toolkit. The Electricity Journal, 30, 62-67. https://doi.org/10.1016/j.tej.2017.04.002
[5]
Sgouras, K.I., Birda, A.D. and Labridis, D.P. (2014) Cyber Attack Impact on Critical Smart Grid Infrastructures. Innovative Smart Grid Technologies 2014, Washington, 19-22 February 2014, 1-5. https://doi.org/10.1109/isgt.2014.6816504
[6]
Yi, P., Zhu, T., Zhang, Q., Wu, Y. and Pan, L. (2016) Puppet Attack: A Denial of Service Attack in Advanced Metering Infrastructure Network. Journal of Network and Computer Applications, 59, 325-332. https://doi.org/10.1016/j.jnca.2015.04.015
[7]
Wei, J. and Kundur, D. (2012) A Flocking-Based Model for DoS-Resilient Communication Routing in Smart Grid. 2012 IEEE Global Communications Conference, Anaheim, 3-7 December 2012, 3519-3524. https://doi.org/10.1109/glocom.2012.6503660
[8]
RF Wireless World (2012) Wireless Vendors and Resources. https://www.rfwireless-world.com/Articles/Smart-Grid-Architecture-basics-and-working.html
[9]
Fang, B., Yin, X., Tan, Y., Li, C., Gao, Y., Cao, Y., et al. (2016) The Contributions of Cloud Technologies to Smart Grid. Renewable and Sustainable Energy Reviews, 59, 1326-1331. https://doi.org/10.1016/j.rser.2016.01.032
[10]
Otuoze, A.O., Mustafa, M.W. and Larik, R.M. (2018) Smart Grids Security Challenges: Classification by Sources of Threats. Journal of Electrical Systems and Information Technology, 5, 468-483. https://doi.org/10.1016/j.jesit.2018.01.001
[11]
Shrestha, M., Johansen, C., Noll, J. and Roverso, D. (2020) A Methodology for Security Classification Applied to Smart Grid Infrastructures. International Journal of Critical Infrastructure Protection, 28, Article 100342. https://doi.org/10.1016/j.ijcip.2020.100342
[12]
Demir, K., Ismail, H., Vateva-Gurova, T. and Suri, N. (2018) Securing the Cloud-Assisted Smart Grid. International Journal of Critical Infrastructure Protection, 23, 100-111. https://doi.org/10.1016/j.ijcip.2018.08.004
[13]
Ylmaz, E.N., Ciylan, B., Gonen, S., Sindiren, E. and Karacayilmaz, G. (2018) Cyber Security in Industrial Control Systems: Analysis of DoS Attacks against PLCs and the Insider Effect. 2018 6thInternational Istanbul Smart Grids and Cities Congress and Fair, Istanbul, 25-26 April 2018, 81-85. https://doi.org/10.1109/sgcf.2018.8408947
[14]
Liu, R., Vellaithurai, C., Biswas, S.S., Gamage, T.T. and Srivastava, A.K. (2015) Analyzing the Cyber-Physical Impact of Cyber Events on the Power Grid. IEEE Transactions on Smart Grid, 6, 2444-2453. https://doi.org/10.1109/tsg.2015.2432013
[15]
Efthymiou, C. and Kalogridis, G. (2010) Smart Grid Privacy via Anonymization of Smart Metering Data. 2010 First IEEE International Conference on Smart Grid Communications, Gaithersburg, 4-6 October 2010, 238-243. https://doi.org/10.1109/smartgrid.2010.5622050
[16]
Pour, M.M., Anzalchi, A. and Sarwat, A. (2017) A Review on Cyber Security Issues and Mitigation Methods in Smart Grid Systems. SoutheastCon 2017, Concord, 30 March-2 April 2017, 1-4. https://doi.org/10.1109/secon.2017.7925278
[17]
Yadav, T. and Rao, A.M. (2015) Technical Aspects of Cyber Kill Chain. In: Abawajy, J.H., Mukherjea, S., Thampi, S.M. and Ruiz-Martínez, A., Eds., Security in Computing and Communications, Springer International Publishing, 438-452. https://doi.org/10.1007/978-3-319-22915-7_40
