Tez No İndirme Tez Künye Durumu
508170
A secure and reliable communication platform for the smart grid /
Yazar:KUBİLAY DEMİR
Danışman: Prof. NEERAJ SURI
Yer Bilgisi: Technische Universität Darmstadt / Yurtdışı Enstitü
Konu:Bilgisayar Mühendisliği Bilimleri-Bilgisayar ve Kontrol = Computer Engineering and Computer Science and Control
Dizin: 		Onaylandı
Doktora
İngilizce
2017
137 s.
The increasing penetration of distributed power generation into the power distribution domain necessitates reliable and QoS-aware communication in order to safely manage the grid. The management of this complex cyber-physical system, called the Smart Grid (SG), requires responsive, scalable and high-bandwidth communication, which is often beyond the capabilities of the classical closed communication networks of the power grid. Consequently, the use of scalable public IP-based networks is increasingly being advocated. However, a direct consequence of the use of public networks is the exposure of the SG to varied reliability/security risks. In particular, the current Internet infrastructure does not support end-to-end (E2E) QoS-guaranteed communication. Furthermore, public networks' more open structure versus proprietary networks potentially exposes the SG to cyberattacks such as Denial-of-Service (DoS) and Distributed DoS (DDoS) which can compromise the high availability and responsiveness of the SG applications. Thus, there is need for new lightweight mechanisms that can provide both E2E communication guarantees along with strong DoS/DDoS attack protection. To address this requirement, we first propose an overlay network based approach. This approach provides a QoS guarantee across the network with a dedicated QoS routing mechanism taking into account three parameters: reliability, latency and bandwidth for SG applications. To achieve the QoS guarantee, we also develop two additional mechanisms: (a) a multipath routing scheme that satisfies the critical applications' high reliability requirements by employing E2E physically-disjoint paths, and (b) an altruistic resource allocation scheme with the QoS routing mechanism targeting QoS-guaranteed communication for applications having strict QoS requirements. Second, we propose a novel DDoS defense mechanism which leverages: (1) a semitrusted P2P-based publish-subscribe (pub-sub) system providing a proactive countermeasure for DoS/DDoS attacks and secure group communications by aid of a group key management system, (2) a data diffusion mechanism that spreads the data packets over all the servers versus a single server to provide a robust protection against volume-based DDoS attacks that would affect some of the servers, and (3) a multi-homing-based fast recovery mechanism for detecting and requesting the dropped packets, thus paving the way for meeting the stringent latency requirements of SG applications. Third, we develop a cloud-assisted DDoS attack resilient communication platform, built on the proposed defense mechanism discussed above. To prevent transport or application layer DDoS attacks, this platform implements a port hopping approach, switching the open port of a server over a function of both time and a secret (shared between authorized clients and server), thus efficiently dropping packets with invalid port number. By leveraging the rapid-elasticity characteristic of the cloud, we can instantiate replica servers to take over the attacked servers without blocking the all traffic due to the data diffusion mechanism. Moreover, we propose a shuffling-based containment mechanism in order to quarantine malicious clients, which can mount a DDoS attack, exploiting the shared secret in a remarkably short time. Accordingly, the effect of a DDoS attack based on the compromised secret of the malicious clients is minimized. Finally, to counter the transport and application layer DoS/DDoS attacks which are launched by compromised SG devices, we propose a proactive and robust extension of the Multipath-TCP (MPTCP) that mitigates such attacks by using a novel stream hopping MPTCP mechanism, termed MPTCP-H. Unlike the port hopping mechanism, MPTCP-H does not need a shared secret and time-sync between the clients. The proposed MPTCP-H hides the open port numbers of the connection from an attacker by renewing (over time) the subflows over new port numbers without perturbing the SG data traffic. Our results demonstrate that both in the attack and attack-free scenarios, the proposed mechanisms provide a significant availability degree. The results also indicate a reasonable overhead in terms of additional latency and message for the proposed approaches.