Defending against multifaceted attacks in wireless networks and power grid networks.

摘要

It is well known that cyber security plays a critical role in ensuring functionality and reliability of increasingly ubiquitous communication systems and critical infrastructures. Compared with the traditional attacks that target individual users, protocols, or components in the complicated systems, the emerging attacks can 1) exploit collaboration among multiple users or network nodes, 2) exploit vulnerabilities in multiple protocols, which can be in different protocol layers, simultaneous and coordinately, and 3) exploit relationship among multiple network components aiming to cause cascading failures, in which the failure of one or several components propagates to other components.;In this dissertation, we investigate attacks that exploit multiple user, multiple protocols, or multiple components, referred to as multifaceted attacks, in networking systems. We focus on studying two systems: the cognitive radio networks and the power grid networks. In particular, this dissertation has four parts.;Secure Collaborative Spectrum Sensing;Cognitive radio is a revolutionary paradigm to migrate the spectrum scarcity problem in wireless networks. The basic idea is to allow secondary users to use the spectrum that is allocated to the primary user when the primary user is absent. For example, when a TV transmitter (primary user) is not using the allocated spectrum, some mobile users (secondary users) can use this spectrum to exchange data among themselves such as in the mobile ad hoc networks. Therefore, an important task in cognitive radio networks is to detect whether the primary user exists or not. In cognitive radio networks, collaborative spectrum sensing is considered as an effective method to improve the performance of primary user detection through multiple user collaboration. For current collaborative spectrum sensing schemes, secondary users are usually assumed to report their sensing information honestly. However, it is known that wireless devices can be compromised by malicious parties. Compromised nodes can send false sensing information to mislead the system and undermine the collaboration. In this part, we propose defense methods that can detect untrustworthy secondary users in cognitive radio networks. Compared with existing defense methods, the proposed scheme can effectively differentiate malicious nodes and honest nodes. As a result, it can significantly improve the performance of collaborative spectrum sensing. For example, when there are 10 secondary users, with the primary user detection rate equals to 0.99, one malicious user can make the false alarm rate (Pf) increase to 72%. The proposed scheme can reduces it to 5%. Two malicious users can make Pf increase to 85%, the proposed scheme reduces it to 8%.;Cross Layer Attack and Defense in Cognitive Radio Networks;The existing research on security issues in cognitive radio networks mainly focuses on attack and defense in individual network layers. However, the attackers do not necessarily restrict themselves within the boundaries of network layers. In this work, we design cross-layer attack strategies that can largely increase the attackers' power or reducing their risk of being detected. As a case study, we investigate the coordinated report-false-sensing-data attack (PHY layer) and smallback- off-window attack (MAC layer). Furthermore, we propose a trust-based crosslayer defense framework that relies on abnormal detection in individual layers and cross-layer trust fusion. Simulation results demonstrate that the proposed defense framework can significantly reduce the maximum damage caused by attackers.;Modeling of Cascading Failures in Power Systems --- Part I: Foundations, Models, and Assessment Metrics;With the continuous growing energy demand and environmental concerns, it has recently attracted significant attention of academia, industry, and governments in the development of a smart electric power grid to provide affordable, reliable, efficient, and secure supply of electricity. Among many enabling technologies toward such a smart grid, security has been widely identified as one of the key components for such a complex system. In Part I of this two-part series study, we present a comprehensive analysis of the foundations, system models, and assessment metrics for power system cascading failures. The proposed models and metrics carefully consider the relationship among multiple components (e.g. substations) in the power grid systems and how such relationship affects the propagation of failures from one component to other parts of the network. The objective in this part is to understand the limitations of traditional largest-load based attack strategies and provide critical insights to understand the power grid behavior subject to complex attacks.;Modeling of Cascading Failures in Power Systems --- Part II: Attack Strategies and Simulation Analysis;This is the second part of a two-part study addressing topology-based modeling of cascading failures in power systems. Part I presents a comprehensive analysis of the foundations, system models, and assessment metrics to understand this problem. In Part II, we study specific attack strategies and analyze their simulation results based on the Western North American power grid benchmark under two representative topology based models. The goal is to analyze the power grid behavior and find effective attack strategies when the attacker can take down one or multiple nodes. The first model we investigated is the non-recoverable model, in which overloaded nodes fail to operate, and the second network model is recoverable model, in which overloaded nodes are still in function but their performance in power delivery is reduced. In both network models, the proposed attack strategies, which represent novel ways for joint consideration of load and topology, are much more destructive than the traditional load based strategies.