{"title":"Intrusion detection system for smart meters","authors":"Hussain Almakrami","doi":"10.1109/SASG.2016.7849674","DOIUrl":null,"url":null,"abstract":"Smart meters allow data acquisition from the customers to be conducted frequently and enable customer participation through various demand side response mechanisms. With support of information and communications technology, smart meters can be controlled and monitored remotely over the wireless broadband public network. Therefore, smart meters are vulnerable to cyber attacks due to connectivity and communication through the open space. In the worst case, intrusions into multiple meters can lead to severe cascading events, causing catastrophic dysfunction and wrong data generated by the meter. In this paper, an Intrusion Detection System (IDS) is proposed which contains host-based and network-based anomaly detection systems for the smart grid. The host-based anomaly detection considers temporal anomalies in the grid facilities, e.g., user-interfaces, access point to smart meters. The malicious behaviors of multicast messages, e.g., Sampled Measured Value (SMV), are incorporated in the proposed network-based anomaly detection. The proposed simultaneous intrusion detection method is able to identify the same type of attacks at multiple devices and their locations. The result is a new integrated tool for detection and mitigation of cyber intrusions at a single meter or multiple meters of a power grid.","PeriodicalId":343189,"journal":{"name":"2016 Saudi Arabia Smart Grid (SASG)","volume":"57 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 Saudi Arabia Smart Grid (SASG)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SASG.2016.7849674","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Smart meters allow data acquisition from the customers to be conducted frequently and enable customer participation through various demand side response mechanisms. With support of information and communications technology, smart meters can be controlled and monitored remotely over the wireless broadband public network. Therefore, smart meters are vulnerable to cyber attacks due to connectivity and communication through the open space. In the worst case, intrusions into multiple meters can lead to severe cascading events, causing catastrophic dysfunction and wrong data generated by the meter. In this paper, an Intrusion Detection System (IDS) is proposed which contains host-based and network-based anomaly detection systems for the smart grid. The host-based anomaly detection considers temporal anomalies in the grid facilities, e.g., user-interfaces, access point to smart meters. The malicious behaviors of multicast messages, e.g., Sampled Measured Value (SMV), are incorporated in the proposed network-based anomaly detection. The proposed simultaneous intrusion detection method is able to identify the same type of attacks at multiple devices and their locations. The result is a new integrated tool for detection and mitigation of cyber intrusions at a single meter or multiple meters of a power grid.