Documente Academic
Documente Profesional
Documente Cultură
raziq-yaqub@utc.edu
dr.raziq@gmail.com
1 of 53
by Dr. Raziq Yaqub
Warning !
This Material MUST NOT BE
Copied, Reproduced or Forwarded
Chapter 03-A
AMI and Security Aspects at
Subscriber End and Network
2 of 53
by Dr. Raziq Yaqub
1
Contents
3 of 53
by Dr. Raziq Yaqub
4
by Dr. Raziq Yaqub
2
Why Security is Needed?
5 of 53
by Dr. Raziq Yaqub
Who is Vulnerable?
Government, Citizen
6 of 53
by Dr. Raziq Yaqub
3
What to Secure?
Physical Security
Protect
Facilities
Buildings
Properties
Houses
7
by Dr. Raziq Yaqub
What to Secure?
Hardware Security
Protect hardware e.g.
Computers
Networks
Routers
Channels (to prevent eavesdroppers)
8
by Dr. Raziq Yaqub
4
What to Secure?
Software
Protect soft wares, e.g.
Operating systems
Server protocols
Application Software
9
by Dr. Raziq Yaqub
Initially most of the smart grid would not be on the Internet, BUT
Attack may be started from
Hacked Meter
Hacked Concentrator
Hacked sub-station
10
by Dr. Raziq Yaqub
5
What to Secure in Smart Grid?
Strong interdependence
Electric Grid RIGHT NOW!! of these Infrastructures
can produce
Telecommunications
cascading effect
11
by Dr. Raziq Yaqub
Why?
Secure Infrastructure
SECURITY is an ISSUE
No longer an add-on
or a feature
12
by Dr. Raziq Yaqub
6
Why?
Secure Infrastructure
Industry Reshaping
Mergers, Acquisition, Privatization
Competition increasing
13
by Dr. Raziq Yaqub
Why?
Secure Infrastructure
14
by Dr. Raziq Yaqub
7
US Federal Government Efforts for Cyber Security
Government Steps
Several Programs
Protecting Information
For Example:
8
US Federal Government Efforts for Cyber Security
Government Steps
Initiatives
17
by Dr. Raziq Yaqub
Government Steps
Initiatives
Establishment of CIN/SI
Complex Interactive Network/Systems Initiative)
A joint program of
Department of Defense
Electric Power Research Institute
Objectives CIN/SI
Develop techniques
To face threats and failures
To avoid cascading effect
For Self-healing infrastructure
18 of 53
by Dr. Raziq Yaqub
9
Security Definition
19
by Dr. Raziq Yaqub
Security Definition
Information
But still allowing
Protecting Services access to users
Protecting ICS/CI
It includes securing
Network and allied infrastructure,
Applications and databases,
20
by Dr. Raziq Yaqub
10
Threats Attacks Vulnerabilities
21
by Dr. Raziq Yaqub
Threat
Expressed potential for occurrence of
harmful event (such as an attack)
22
by Dr. Raziq Yaqub
11
Security Threats, Attacks, Vulnerabilities
23
by Dr. Raziq Yaqub
Vulnerability Points
24
by Dr. Raziq Yaqub
12
Vulnerability Points
25
by Dr. Raziq Yaqub
Attack
Action with the intention of doing harm
Action that compromises the security
26
by Dr. Raziq Yaqub
13
Virus/Worm Attack
Hacked for
ENERGY
THEFT
27
by Dr. Raziq Yaqub
Virus/Worm Attack
GRID
ATTACK
LAUNCHED
28
by Dr. Raziq Yaqub
14
Attack from HAN
Will a trusted Utility-controllable, or
logical entity
network be used? EMS-controllable, or
managing all devices Self-controllable
Energy Management
System
Registered devices
Non-registered devices
29 of 53
by Dr. Raziq Yaqub
Types of attacks
Attacks
Virus Attack (virus arrives via internet & resides in computer system
30
by Dr. Raziq Yaqub
15
Types of attacks (contd.)
Attacks
31
by Dr. Raziq Yaqub
Packet sniffing
TCP hijacking
32 of 53
by Dr. Raziq Yaqub
16
Denial Of Service
Flooding
Send packets with bogus source address.
Server keeps connection open, eventually its memory is exhausted
SMURF 33 of 53
Source IP address of a broadcast ping is forged
Large number of machines respond back to victim, overloading it
Attack (Example-1)
1. Covert Channel
Pretends to be an applications that most firewalls permit through. While in
fact it carries immoral data in control fields in the TCP and IP headers
HTTP Tunnel
Hidden Message
inside HTTP Firewall
17
Attack (Example-2)
2. DNS Anomalies
THINK: 2
If DNS is
compromised
3
1
4
Attack (Example-3)
3. Code injections
18
Attack (Example-4)
Attack (Example-5)
19
Dictionary Attack (Example-6)
39 of 53
by Dr. Raziq Yaqub
TCP Attack
40 of 53
by Dr. Raziq Yaqub
20
TCP Attack
Attacker Sniffs the packets and learns about the associated TCP state
for the connection
41 of 53
by Dr. Raziq Yaqub
TCP Attack
42 of 53
by Dr. Raziq Yaqub
21
TCP Attack
Attacker lies on the path between Alice and Bob on the network
He intercepts all of their packets
43 of 53
by Dr. Raziq Yaqub
TCP Attack
Packets
The Void
44 of 53
by Dr. Raziq Yaqub
22
TCP Attack
ISN, SRC=Alice
45 of 53
by Dr. Raziq Yaqub
IPSec
Provides source authentication, so attacker cannot pretend to be Alice
Encrypts data before transport, so attacker cannot talk to Bob without
knowing what the session key is
46 of 53
by Dr. Raziq Yaqub
23
Counter Measures to Attacks
Denial of Service
Counter Measure: Ingress Filtering
Packet sniffing
Counter Measure: Encryption (SSH, SSL, HTTPS)
TCP hijacking
Counter Measure: IPSec
47 of 53
by Dr. Raziq Yaqub
Firewalls
48 of 53
by Dr. Raziq Yaqub
24
Firewalls
DMZ
Web server, email server, Unauthorized
web proxy, etc. Traffic is Rejected
49 of 53
by Dr. Raziq Yaqub
Firewalls
50 of 53
by Dr. Raziq Yaqub
25
Intrusion Detection
Statistical Ways
Trace out origin of unauthorized user
Keep record of unauthorized user
Initiate Security Alarm, if same intruder tries to re-attack
51 of 53
by Dr. Raziq Yaqub
Ingress filtering
Ingress filtering
Filter the packet if source IP of a packet comes in on an interface which does
not have a route to that packet
RFC 2267 has more information about this
52 of 53
by Dr. Raziq Yaqub
26
Packet Sniffing
Counter Measure:
Cryptography (Art of Encryption and Decryption)
Technique to defend data in transit between systems
Encryption
Plain Text (information) transformed To unreadable Text
Only the intended receiver (who has a key) can read the text
Ciphering
Plain Text Unreadable Text
--------- ---------
--------- ---------
--------- Transformation ---------
--------- ---------
53 of 53
by Dr. Raziq Yaqub
Packet Sniffing
Counter Measure:
Cryptography (Art of Encryption and Decryption)
Technique to defend data in transit between systems
Decryption
Unreadable Text (information) transformed To Plain Text
Only the intended receiver (who has a key) can read the text
De-Ciphering
Unreadable Text Plain Text
--------- ---------
--------- ---------
--------- Transformation ---------
--------- ---------
54 of 53
by Dr. Raziq Yaqub
27
Cryptography
Objectives
Detect attack
Prevent attack Coming
Recover from attack Attraction
Standards
Cryptographic Standards
55 of 53
by Dr. Raziq Yaqub
May have some sort of authenticity Does not have any sort of
authenticity
56
by Dr. Raziq Yaqub
28
Covered-material Review Questions
(CRQ)
CRQ# 03-01
57
by Dr. Raziq Yaqub
CRQ1
58
by Dr. Raziq Yaqub
29
CRQ2
59
by Dr. Raziq Yaqub
CRQ3
60
by Dr. Raziq Yaqub
30
CRQ4
61
by Dr. Raziq Yaqub
CRQ5
62
by Dr. Raziq Yaqub
31
Answers to CRQ
(Covered-material Review Questions)
63
by Dr. Raziq Yaqub
CRQ1
64
by Dr. Raziq Yaqub
32
CRQ2
D: All of above
65
by Dr. Raziq Yaqub
CRQ3
66
by Dr. Raziq Yaqub
33
CRQ4
D: All of above
67
by Dr. Raziq Yaqub
CRQ5
68
by Dr. Raziq Yaqub
34
Home Work No. 03-01
69 of 53
by Dr. Raziq Yaqub
Home Assignment
Submission Assignment
1. What are SCADA Vulnerability points
2. List Common security attacks and the counter measures taken to overcome
these attacks
3. Explain any three of counter measures in detail
70 of 53
by Dr. Raziq Yaqub
35
Knowing is not enough: We must apply
Being willing is not enough: We must do
71 of 53
by Dr. Raziq Yaqub
36