Visible to the public Quantitative analysis of firewall security under DDoS attacks in smart grid AMI networks

TitleQuantitative analysis of firewall security under DDoS attacks in smart grid AMI networks
Publication TypeConference Paper
Year of Publication2017
AuthorsDiovu, R. C., Agee, J. T.
Conference Name2017 IEEE 3rd International Conference on Electro-Technology for National Development (NIGERCON)
Date Publishednov
Keywordsadvanced metering infrastructure, Analytical models, Computer crime, distributed denial of service, Firewalls (computing), Markov Decision Process, Markov processes, Mathematical model, Metrics, Openflow firewall, Probabilistic logic, probabilistic model checking, pubcrawl, resilience, Resiliency, Scalability, Smart grid, smart grid security, Smart grids

One of the key objectives of distributed denial of service (DDoS) attack on the smart grid advanced metering infrastructure is to threaten the availability of end user's metering data. This will surely disrupt the smooth operations of the grid and third party operators who need this data for billing and other grid control purposes. In previous work, we proposed a cloud-based Openflow firewall for mitigation against DDoS attack in a smart grid AMI. In this paper, PRISM model checker is used to perform a probabilistic best-and worst-case analysis of the firewall with regard to DDoS attack success under different firewall detection probabilities ranging from zero to 1. The results from this quantitative analysis can be useful in determining the extent the DDoS attack can undermine the correctness and performance of the firewall. In addition, the study can also be helpful in knowing the extent the firewall can be improved by applying the knowledge derived from the worst-case performance of the firewall.

Citation Keydiovu_quantitative_2017