Home > Research > Publications & Outputs > MPTCP-H
View graph of relations

MPTCP-H: A DDoS attack resilient transport protocol to secure wide area measurement systems

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Published

Standard

MPTCP-H: A DDoS attack resilient transport protocol to secure wide area measurement systems. / Demir, K.; Nayyer, F.; Suri, Neeraj.
In: International Journal of Critical Infrastructure Protection, Vol. 25, 01.06.2019, p. 84-101.

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Harvard

Demir, K, Nayyer, F & Suri, N 2019, 'MPTCP-H: A DDoS attack resilient transport protocol to secure wide area measurement systems', International Journal of Critical Infrastructure Protection, vol. 25, pp. 84-101. https://doi.org/10.1016/j.ijcip.2019.02.003

APA

Demir, K., Nayyer, F., & Suri, N. (2019). MPTCP-H: A DDoS attack resilient transport protocol to secure wide area measurement systems. International Journal of Critical Infrastructure Protection, 25, 84-101. https://doi.org/10.1016/j.ijcip.2019.02.003

Vancouver

Demir K, Nayyer F, Suri N. MPTCP-H: A DDoS attack resilient transport protocol to secure wide area measurement systems. International Journal of Critical Infrastructure Protection. 2019 Jun 1;25:84-101. Epub 2019 Feb 19. doi: 10.1016/j.ijcip.2019.02.003

Author

Demir, K. ; Nayyer, F. ; Suri, Neeraj. / MPTCP-H : A DDoS attack resilient transport protocol to secure wide area measurement systems. In: International Journal of Critical Infrastructure Protection. 2019 ; Vol. 25. pp. 84-101.

Bibtex

@article{4e6e2d2dcca44148ba98f7c75555fb22,
title = "MPTCP-H: A DDoS attack resilient transport protocol to secure wide area measurement systems",
abstract = "The penetration of distributed generators into the power distribution grid requires real-time control of the grid by monitoring the state of the power distribution grid. Such a large-scale monitoring cannot be performed by using traditional Supervisory Control and Data Acquisition (SCADA) systems due to its lack of the scalability. To address this issue, contemporary Wide Area Measurement Systems (WAMS) are deployed, which provide the dynamic snapshots of the power system. However, WAMS's more open structure versus SCADA poses a risk of WAMS being vulnerable to cyberattacks. In particular, due to high responsiveness and availability requirements of WAMS applications, attacks i.e., Denial-of-Service (DoS) and Distributed DoS (DDoS) are of primary concern for WAMS. In this paper, we focus on internal DoS/DDoS attacks launched against the WAMS devices by exploiting the vulnerabilities. To counter such attacks, we propose a proactive and robust extension of the Multipath-TCP (MPTCP) transportation protocol, termed as MPTCP-H. The proposed extension mitigates the internal attacks by using a novel stream hopping mechanism, which periodically renews the subflows to hide the open port numbers of the connection. By doing so, MPTCP-H significantly increases the attacker's cost for a successful attack without perturbing the WAMS data traffic. The experimental results show that the proposed MPTCP-H provides a significant DoS/DDoS attack mitigation for WAMS at the expense of reasonable overheads, i.e., additional latency and message.",
keywords = "Availability, DDoS attack, Multipath TCP, Security, Smart Grid, Denial-of-service attack, Electric power system control, Electric power transmission networks, Geodesy, Network security, Real time control, SCADA systems, Surveying, Transmission control protocol, DDoS Attack, Distributed generators, Power distribution grids, Smart grid, Supervisory control and dataacquisition systems (SCADA), Wide- area measurement systems (WAMS), Electric power system measurement",
author = "K. Demir and F. Nayyer and Neeraj Suri",
year = "2019",
month = jun,
day = "1",
doi = "10.1016/j.ijcip.2019.02.003",
language = "English",
volume = "25",
pages = "84--101",
journal = "International Journal of Critical Infrastructure Protection",
issn = "1874-5482",
publisher = "Elsevier",

}

RIS

TY - JOUR

T1 - MPTCP-H

T2 - A DDoS attack resilient transport protocol to secure wide area measurement systems

AU - Demir, K.

AU - Nayyer, F.

AU - Suri, Neeraj

PY - 2019/6/1

Y1 - 2019/6/1

N2 - The penetration of distributed generators into the power distribution grid requires real-time control of the grid by monitoring the state of the power distribution grid. Such a large-scale monitoring cannot be performed by using traditional Supervisory Control and Data Acquisition (SCADA) systems due to its lack of the scalability. To address this issue, contemporary Wide Area Measurement Systems (WAMS) are deployed, which provide the dynamic snapshots of the power system. However, WAMS's more open structure versus SCADA poses a risk of WAMS being vulnerable to cyberattacks. In particular, due to high responsiveness and availability requirements of WAMS applications, attacks i.e., Denial-of-Service (DoS) and Distributed DoS (DDoS) are of primary concern for WAMS. In this paper, we focus on internal DoS/DDoS attacks launched against the WAMS devices by exploiting the vulnerabilities. To counter such attacks, we propose a proactive and robust extension of the Multipath-TCP (MPTCP) transportation protocol, termed as MPTCP-H. The proposed extension mitigates the internal attacks by using a novel stream hopping mechanism, which periodically renews the subflows to hide the open port numbers of the connection. By doing so, MPTCP-H significantly increases the attacker's cost for a successful attack without perturbing the WAMS data traffic. The experimental results show that the proposed MPTCP-H provides a significant DoS/DDoS attack mitigation for WAMS at the expense of reasonable overheads, i.e., additional latency and message.

AB - The penetration of distributed generators into the power distribution grid requires real-time control of the grid by monitoring the state of the power distribution grid. Such a large-scale monitoring cannot be performed by using traditional Supervisory Control and Data Acquisition (SCADA) systems due to its lack of the scalability. To address this issue, contemporary Wide Area Measurement Systems (WAMS) are deployed, which provide the dynamic snapshots of the power system. However, WAMS's more open structure versus SCADA poses a risk of WAMS being vulnerable to cyberattacks. In particular, due to high responsiveness and availability requirements of WAMS applications, attacks i.e., Denial-of-Service (DoS) and Distributed DoS (DDoS) are of primary concern for WAMS. In this paper, we focus on internal DoS/DDoS attacks launched against the WAMS devices by exploiting the vulnerabilities. To counter such attacks, we propose a proactive and robust extension of the Multipath-TCP (MPTCP) transportation protocol, termed as MPTCP-H. The proposed extension mitigates the internal attacks by using a novel stream hopping mechanism, which periodically renews the subflows to hide the open port numbers of the connection. By doing so, MPTCP-H significantly increases the attacker's cost for a successful attack without perturbing the WAMS data traffic. The experimental results show that the proposed MPTCP-H provides a significant DoS/DDoS attack mitigation for WAMS at the expense of reasonable overheads, i.e., additional latency and message.

KW - Availability

KW - DDoS attack

KW - Multipath TCP

KW - Security

KW - Smart Grid

KW - Denial-of-service attack

KW - Electric power system control

KW - Electric power transmission networks

KW - Geodesy

KW - Network security

KW - Real time control

KW - SCADA systems

KW - Surveying

KW - Transmission control protocol

KW - DDoS Attack

KW - Distributed generators

KW - Power distribution grids

KW - Smart grid

KW - Supervisory control and dataacquisition systems (SCADA)

KW - Wide- area measurement systems (WAMS)

KW - Electric power system measurement

U2 - 10.1016/j.ijcip.2019.02.003

DO - 10.1016/j.ijcip.2019.02.003

M3 - Journal article

VL - 25

SP - 84

EP - 101

JO - International Journal of Critical Infrastructure Protection

JF - International Journal of Critical Infrastructure Protection

SN - 1874-5482

ER -