Title: Transactions On Emerging Telecommunications TechnologiesImported from Authenticus Search for Journal Publications

Vol. 35

ISSN: 2161-5748

Publisher: Wiley-Blackwell

ISI Web of Knowledge - 0 Citations

Scopus - 0 Citations

Authenticus ID: P-010-CDK

DOI: 10.1002/ett.4986

Abstract (EN): Recent device-level cyber-attacks have targeted IoT critical applications in power distribution systems integrated with the Internet communications infrastructure. These systems utilize group domain of interpretation (GDOI) as designated by International Electrotechnical Commission (IEC) power utility standards IEC 61850 and IEC 62351. However, GDOI cannot protect against novel threats, such as IoT device-level attacks that can modify device firmware and configuration files to create command and control malicious communication. As a consequence, the attacks can compromise substations with potentially catastrophic consequences. With this in mind, this article proposes a permissioned/private blockchain-based authentication framework that provides a solution to current security threats such as the IoT device-level attacks. Our work improves the GDOI protocol applied in critical IoT applications by achieving decentralized and distributed device authentication. The security of our proposal is demonstrated against known attacks as well as through formal mechanisms via the joint use of the AVISPA and SPAN tools. The proposed approach adds negligible authentication latency, thus ensuring appropriate scalability as the number of nodes increases. Our work addresses the problem of device-level cyber-attacks such as device identity theft and introduction of fake nodes in GDOI-enabled smart grids. It introduces a permissioned blockchain based device authentication management in the GDOI phase 1 and periodic device integrity check in phase 2 to achieve decentralized authentication and device-level security. image

Language: English

Type (Professor's evaluation): Scientific

No. of pages: 20