Preventing Cyber Attacks Against Smart Grids Using UTM Devices With A Mutual Efficient Authentication Protocol

Abstract
Authors
Keywords
Conclusion
References

Smart grids are bilateral interconnected networks in which, data and information play a crucial role in the process of energy distribution. Thus, according to increasing development and complexity, they are mentioned as the cyber-physical systems. Obviously, the security and economic situation of countries are largely dependent on performance stability and safety of these systems. According to the high dependence of the smart grids to measurement sensors and communication technologies, these networks are very vulnerable to cyber attacks. Load reduction (LR) attacks that lead to false data injection (FDI) on Advanced Metering Infrastructure (AMI) sensors and produce the misleading operational decision of the power system are too important among all cyber attacks. So we proposed an efficient authentication protocol with identity protection for smart grids based on elliptic curve cryptography in which the substations and smart appliances realized mutual authentication and key agreement via a tamper-resistant smart card so that the adversary cannot obtain the real identities of them. As a result, the attacker cannot begin a cyber attack with impersonation and false data injection.

Published In : IJCSN Journal Volume 6, Issue 3

Date of Publication : June 2017

Pages : 336-345

Figures :--

Tables : 02

Fattaneh Pasand : Department of Engineering Computer, Islamic Azad University, Bushehr Bushehr, Iran

Ali Marjanian : Department of Engineering Computer, Islamic Azad University, Bushehr Bushehr, Iran

smart grids; cyber attacks; load reduction (LR) attack; Unified Threat Management (UTM); mutual authentication protocol

In this paper, an efficient authentication protocol based on elliptic curve cryptography with identity protection for smart grids has been proposed which can deploy in UTM systems. In the proposed protocol, the substations and smart appliances realized mutual authentication and key agreement via a tamper-resistant smart card. The identities of the substation and the appliance are encrypted and transmitted in our protocol. So the adversary cannot access to the real identities of the substation and the appliance. Furthermore, the adversary cannot establish an impersonation attack to inject false data into the system. Thus, it can prevent the LR attacks in smart appliance side.

[1] ARC Advisory Group, SCADA Systems for Smart Grid, Available: http://www.arcweb.com/Research/Studies/Pages/SCADAPower. aspx. [2] Salem AA. Electricity agents in smart grid markets. Computers Industry. 2013; 64(3):235– 241.Compind.2012.10.009. doi: 10.1016/j. [3] Chim TW, Yiu SM, Hui LCK, Li VOK. PASS: Privacypreserving Authentication Scheme for Smart Grids Network. Proceedings of Cyber & Physical Security & Privacy. 2011; 196–201. 6102316 [4] Mostafa M, Fadlulah ZM, Kato N, Lu , Shen . A Lightweight Message Authentication Scheme for Smart Grids Communications. IEEE Transaction on Smart Grid. 2011; 2(4): 675–685. [5] Liping Zhang, Shanyu Tang, He Luo, Elliptic Curve Cryptography-Based Authentication with Identity Protection for Smart Grids, PLOS 2016, http://journals.plos.org/plosone. [6] Li QH, Cao GH. Multicast Authentication in the Smart Grid with One-Time Signature. IEEE Transaction on Smart Grid. 2012; 2(4) 686–696. [7] Oh S, Kwak J. Mutual Authentication & Key Establishment mechanism using DCU certificate in Smart Grid. Applied Mathematics & Information Sciences. 2012; 6(1S): 257S– 264S. [8] Nam J, Choo KKR, Han S, Kim M, Paik J, Won D. Efficient & Anonymous Two-Factor User Authentication in Wireless Sensor Network: Achieving User Anonymity with Lightweight Sensors Computation. Plos one, 2015; 10(4): 1–21. [9] He D, Kumar N, Chilamkurti N. A secure temporalcredential- based mutual authentication & key agreement scheme with identity for wireless sensor networks. Information Sciences. 2015; 321: 263–277. [10] Gao QH. Biometric Authentication in Smart Grid. Proceedings of Energy & Sustainability Conference. 2012; pp.1–5. [11] He D, Zeadally S. Authentication protocol for ambient assisted living system. IEEE Communications Magazine, 2015; 53(1):71–77. [12] Wang CQ, Zhang X, Zheng ZM. Cryptanalysis & Improvement of a Biometric-Based Multi-Server Authentication & Key Agreement Scheme. Plos one, 2016; 11(12):1–25. [13] Vaidya B, Markakis D, Mouftah HT. Authentication & Authorization Mechanisms for Substation Automation in Smart Grid Networks. IEEE Network. 2013; 5–11. [14] Liu H, Ning HS, Zhang Y, Guizani M. Battery Status-aware Authentication Scheme for V2G Networks in Smart Grid. IEEE Transactions on Smart Grids. 2013; (4) (1):99–110. [15] Nicanfar H, Leung VCM. Password authenticated cluster based group key agreement for smart grid communication. Security & Communication Network. 2014; 7(1): 221–233. [16] Zhang L, Tang S, Jiang Y, Ma Z. Robust & Efficient Authentication Protocol Based on ECC for Smart Grids. 2013 IEEE International Conference on Green Computing & Communications & IEEE Internet of Things & IEEE Cyber, Physical & Social Computing, 201; 2089–2093. [17] Nicanfar H, Leung VCM. Multilayer Consensus ECCBased Password Authenticated Key-Exchange Protocol for Smart Grid System. IEEE Transaction on Smart Grid. 2013; 4(1): 253–264. [18] He D, Kumar N, Lee JH. An efficient & privacy preserving data aggregation scheme for the smart grids against internal attackers. Wireless Network. 2016; 22(2): 491–502. [19] Li D, Aung Z, Williams JR, Sanchez A. Efficient & faultdiagnosable authentication architecture for AMI in the smart grid. Security & Communication Networks. 2015; 8(4):598–616. [20] Burrows M, Abadi M, Needham R. Logic of authentication. ACM Transaction on Computer Systems. 1990; (8): 18–36. [21] Nessett DM. A critique of the Burrows, Abadi, & Needham logic. ACM SIGOPS Operating Systems Review. 1990; 24(2):35–38. [22] Li Gong, Needham R, Yahalom R. Reasoning about belief in cryptographic protocol. Proceedings of IEEE Computer Society Symp. Research in Security & Privacy. 1990; 234– 248. [23] Fan CI, Lin YH. Provably Secure Remote Authentication Scheme with Privacy Protection on Biometrics. IEEE Transactions on Information Forensics & Security. 2009; 4(4):933–945. [24] Darrel H, Alfred M, Scott Vanstone. Guide to elliptic curve cryptography. 2004; Springer-Verlag, Berlin. [25] Kilinc HH, Yanik T. A Survey of SIP Authentication & Key Agreement Schemes. IEEE Communications Surveys& Tutorials. 2013; 1–19. [26] Adnan A, Abdul N.M, Zahir T, Identification of vulnerable node clusters against false data injection attack in an AMI based Smart Grid, Elsevier-Science Direct, Information Systems, Volume 53, October–November 2015, Pages 201–212.