Detecting and Isolating Distributed Denial of Service attack in Smart Grid Systems

Abstract

Smart grid, which is considered as next generation power grid is an two way connected power system framework which enables easy monitoring and maintenance of power systems when compared to the existing power systems. Smart grid is also called as electrical grid or intelligent grid is an enhancement of 20th century power grid. Smart grid technically depends upon the network protocol and the topology over which it is constructed. Hence like the conventional connected systems, smart grid is also prone to number of security threats like Eavesdropping attack, data alteration attack, identity spoofing attack, compromised key attack, replay attack and distributed denial of service (DDOS) attack. In-spite of providing good technology to all the connected systems, there are frequent security breaches like DDOS attack which will extremely influence the availability of smart grid framework. Attacks targeting the availability like DDOS attack are the interruption of access or use of information which may further disrupt the power delivery. This thesis discusses detection and isolation of DDOS attack on Smart Grid. We have proposed three techniques to protect the framework against DDOS attack utilizing Marking system, TTL Value investigation and MAC value examination. The analysis of marking scheme has been carried out on Network Simulator Version 2. The identification of fake packets has been carried out using TTL value with help of Cisco packet tracer, cola soft packet builder and Snort Intrusion detection tool. The uniqueness of the MAC address and IP address are matched with the help of Arpwatch tool and Snort Intrusion detection tool to detect the fake MAC and IP address pair. With these schemes it is possible to pro-actively prevent the DDOS attack.