Home > Research > Publications & Outputs > Towards DDoS attack resilient wide area monitor...

Links

Text available via DOI:

View graph of relations

Towards DDoS attack resilient wide area monitoring systems

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published
Publication date29/08/2017
Host publicationARES '17 Proceedings of the 12th International Conference on Availability, Reliability and Security
PublisherACM
Number of pages7
ISBN (print)9781450352574
<mark>Original language</mark>English

Abstract

The traditional physical power grid is evolving into a cyber-physical Smart Grid (SG) that links the cyber communication and computational elements with the physical control functions to dynamically integrate varied and geographically distributed energy producers/ consumers. In the SG, the cyber elements of Wide Area Measurement Systems (WAMS) are deployed to provide the critical monitoring of the state of power transmission and distribution to accomplish real-time control of the grid. Unfortunately, the increasing adoption of such computing/communication cyber-technologies essential to providing the SG operations also opens the risk of the SG being vulnerable to cyberattacks. In particular, attacks such as Denial-of-Service (DoS) and Distributed DoS (DDoS) are of primary concern for WAMS where such attacks can compromise its safety-critical accuracy and responsiveness characteristics. To prevent DoS/DDoS attacks at the transport and application layer from affecting the WAMS operations, we propose a proactive and robust extension of the Multipath-TCP (MPTCP) transportation protocol that mitigates such attacks by using a novel stream hopping MPTCP mechanism, termed as MPTCP-H. The proposed MPTCP-H hides the open port numbers of the connection from an attacker by renewing (over time) the subflows over new port numbers without perturbing the WAMS data traffic. Our results demonstrate MPTCP-H to be both effective and efficient (for reduced latency and congestion), and also applicable to the communication frameworks of other similar Critical Infrastructures. © 2017 Association for Computing Machinery.