CTN Issue: April 2014

Communications and network security deal with the operations undertaken to protect and defend networked communication systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. Availability implies that networks, end systems like databases, and applications must be survivable and fault tolerant. Networked systems should have sufficient working and spare capacity to operate under attacks, and should be designed with alarms, restoration protocols, and management configurations to detect a problem and automatically diagnose and respond to the attacks. Communications and network security also include integrity, authentication, confidentiality, and non-repudiation of both user and management information. The continually increasing reliance on networked communication technology by businesses, the general public and government services and their role in the critical infrastructure makes it imperative to have security technologies built into them.

The topics on communications and network security have attracted much attention from industry, government, and academia all over the world. In this special issue of IEEE ComSoc Technology News, we introduce three of the recent papers in IEEE ComSoc publications.

1. On Effective Localization Attacks Against Internet Threat Monitors

An Internet Threat Monitoring (ITM) system consists of one centralized data center and a number of monitors (or sensors), which are distributed across the Internet. Each monitor records the traffic addressed to a range of IP addresses and periodically sends the traffic logs to the data center.

In this paper, the authors analyze the threat of localizing ITM systems so that the defense can better camouflage and protect ITM systems, which have been widely deployed to detect and characterize dangerous Internet global threats such as worm propagation. To protect the privacy of traffic contributors and characterize the threats, the data center normally analyzes the collected traffic logs from contributors and publishes the aggregated traffic mixture (e.g., statistics of monitored traffic in a given range of IP addresses and ports). Obviously, the effectiveness of ITM systems largely relies on the confidentiality of the IP addresses covered by the monitors (i.e., the monitor locations). To address this issue, in this paper the authors investigate localization attacks aiming to identify ITM monitor location and propose the formal model of such attacks using communication channel theory.

Title and author(s) of the original paper in IEEE Xplore:

Title: On Effective Localization Attacks against Internet Threat Monitors
Author: W. Yu, S. Wei, G. Ma, X. Fu, and N. Zhang
This paper appears in: Proceedings of IEEE ICC 2013 - Communication and Information Systems Security Symposium (CISS) (Best Paper Award)
Issue Date: June 2013

2. A Key Management Framework for AMI Networks in Smart Grid

Meeting the global challenge of electricity demand with rising fuel cost, climate change and new power generation technologies require more intelligent system to manage and operate the electric grid.  The use of information technologies and communication networks are paving the road towards this transformation under the umbrella of smart grid initiatives in different countries.

While intelligent communication networks can meet these challenges, they must also provide high levels of reliability, availability and security covering a broad range of networks and device requirements. For example, Advanced Metering Infrastructure (AMI), as part of the customer premises networks, typically uses low-power, low-capability wireless devices utilizing personal area wireless network technologies.  It is also critical to increase the transparency between different stakeholders of the entire grid via interoperability between devices, technologies, applications, and agents (energy producers, consumers, and operators).

In this paper, the authors addressed smart grid security requirements with direct application to AMI networks keeping in mind the availability of low cost and low-power devices and networks. In particular, they proposed a unified key management framework with two models appropriate for smart grid and then show how the framework can be realized using existing open standards-based protocols. This work is motivated by two guiding principles: i) avoid multi-layer authentication; and ii) adapt to multi-layer and multi-protocol environment.

Title and author(s) of the original paper in IEEE Xplore:

Title: A Key Management Framework for AMI Networks in Smart Grid
Author: S. Das, Y. Ohba, M. Kanda, D. Famolari, S. K. Das
This paper appears in: IEEE Communications Magazine
Issue Date: August 2012

3. Non-Repudiation in Neighborhood Area Networks for Smart Grid

In current power systems, bills are generated based on the amount of service consumed by residential or commercial users. However, meter readings may not be trustworthy due to malicious behavior (e.g., energy theft), misconfiguration, or external attacks. The root cause is that power providers have no means to obtain the reading value other than receiving it from the users, and this leads to the main challenge of smart meter non-repudiation.

A mutual inspection strategy, which enables non-repudiation on meter readings by identifying problematic meters that report inaccurate values, is presented in this paper to reduce a major barrier of building a trustworthy smart grid. The proposed approach (i.e., mutual inspection) enables two distrusted parties to inspect each other by installing two smart meters for one electric wire connecting the provider and the user. In other words, both energy provider and end user keep track of their own readings that they can trust. Following the setting, bills are generated based on reading values from both ends. A remarkable difference between the readings indicates anomaly or suspicious behavior. The authors conducted both numeric evaluation and simulation to verify the effectiveness of the proposed scheme.

Title and author(s) of the original paper in IEEE Xplore:

Title: Non-Repudiation in Neighborhood Area Networks for Smart Grid
Author: Z. Xiao, Y. Xiao, D. H.-C. Du
This paper appears in: IEEE Communications Magazine
Issue Date: January 2013

Statements and opinions given in a work published by the IEEE or the IEEE Communications Society are the expressions of the author(s). Responsibility for the content of published articles rests upon the authors(s), not IEEE nor the IEEE Communications Society.