research-article

Developing a power measurement framework for cyber defense

Authors:

Jarilyn M. Hernández,

Line Pouchard,

Jeffrey McDonald,

Stacy ProwellAuthors Info & Claims

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Article No.: 28, Pages 1 - 4

https://doi.org/10.1145/2459976.2460008

Published: 08 January 2013 Publication History

Get Access

Abstract

Energy Delivery Systems (EDS) have become smarter by incorporating chips and data communication capabilities. As a result, they have become more vulnerable to cyber-attacks as well. As part of a systems health monitoring approach, we investigate whether cyber-events targeting EDS can be detected by monitoring component-level data such as temperature, voltage, power, and process indicative variables---collectively referred to as component health indicators. We report our experiences with developing a measurement framework for power consumption in different EDS components such as Cabinet Distribution Units (CDU), Power Distribution Units (PDU), and standard enterprise desktops. Our plan for gathering and analyzing power consumption data involves establishing a baseline execution profile and then capturing the effect of perturbations in the state from injecting various malware. As a contribution, we report on initial experiments with power measurement techniques and outline future work for evaluating components under normal and anomalous operating regimes.

References

[1]

Prowell, S., Pleszkoch, M., and Linger, R. Automated Vulnerability Detection for Compiled Smart Grid Software. In 2012 IEEE Innovative Smart Grid Technologies (ISGT).

Digital Library

Google Scholar

[2]

TenHoopen, P. Rootkits. Presentation to West Michigan Linux Users Group. http://www.wmlug.org/pdf/Rootkits.pdf, 2009.

Google Scholar

[3]

Lewis, J. The Electrical Grid as a Target for Cyber Attack. Center for Strategic and International Studies, March 2010.

Google Scholar

[4]

Thabet, A. Stuxnet Malware Analysis Paper.

Google Scholar

[5]

Pouchard, L., Dobson, J., and Poole, S. Collecting sensor data for high-performance computing: a case-study. In Proc. of the Parallel and Distributed Parallel Processing Techniques and Applications, 2010.

Google Scholar

[6]

Cappello, F. Fault Tolerance in Petascale/Exascale Systems: current knowledge, challenges and research opportunities. Intl Jour of HPC Applications, Vol. 23, No. 3, Fall 2009.

Digital Library

Google Scholar

[7]

Schroeder, B. and Gibson, G. Understanding failures in petascale computers. Journal of Physics: Conference Series, Vol. 78, (SciDAC 2007).

Crossref

Google Scholar

[8]

Pinheiro, E., Weber, W. D., and Barroso, L. A. Failure Trends in a Large Disk Drive Population. In Proc. of the 5th USENIX Conference on File and Storage Technologies (FAST), 2007.

Digital Library

Google Scholar

[9]

Brandt, J., et al. Resource Monitoring and Management with OVIS to Enable HPC in Cloud Computing Environments. In IEEE Intl Sym on Parallel & Distributed Procsng, 1--8, 2009.

Digital Library

Google Scholar

[10]

Brandt, J., et al. Using Probabilistic Characterization to Reduce Runtime Faults in HPC Systems. In Proc 8th IEEE Intl Symp on Cluster Computing and the Grid, 759--764, 2009.

Digital Library

Google Scholar

[11]

Hsu, C. and Poole, S. W. Power measurement for high performance computing: State of the art. In Third International Green Computing Conference, Orlando, FL, July 2011.

Digital Library

Google Scholar

[12]

Cui, Z., Zhu, Y., Bao, Y., Chen, M. A Fine-grained Component-level Power Measurement Method. In Third International Green Computing Conference, Orlando, FL, July 2011.

Digital Library

Google Scholar

[13]

Buennemeyer, T., et al. Battery-Sensing Intrusion Protection for Wireless Handheld Computers using a Dynamic Threshold Calculation Algorithm for Attack Detection. In Proc. of the 40^th Hawaii Intl Conference on Systems Sciences, 2007.

Digital Library

Google Scholar

[14]

Asante Networks, Inc. Simple Network Management Protocol. March 2005. Online: http://goo.gl/Rukx2

Google Scholar

Cited By

View all

Wüstrich LGallenmüller SGünther SCarle GPahl M(2024)Shells Bells: Cyber-Physical Anomaly Detection in Data CentersNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575124(1-10)Online publication date: 6-May-2024
https://doi.org/10.1109/NOMS59830.2024.10575124
Cabral RMcDonald JHively LBenton R(2022)Profiling CPU Behavior for Detection of Android RansomwareSoutheastCon 202210.1109/SoutheastCon48659.2022.9764053(690-697)Online publication date: 26-Mar-2022
https://doi.org/10.1109/SoutheastCon48659.2022.9764053
Gautier AAndel TBenton RMcDonald JBardin SStakhanova N(2018)On-Device Detection via Anomalous Environmental FactorsProceedings of the 8th Software Security, Protection, and Reverse Engineering Workshop10.1145/3289239.3289246(1-8)Online publication date: 3-Dec-2018
https://dl.acm.org/doi/10.1145/3289239.3289246
Show More Cited By

Index Terms

Developing a power measurement framework for cyber defense

Recommendations

Detection of Stealth Process using Hooking
WCI '15: Proceedings of the Third International Symposium on Women in Computing and Informatics

Malware writers adapt multiple methods to make the malware detection process difficult. Hiding the presence of malware during its execution is one of them. Malware written for espionage, data stealing, or rootkits have this key characteristic of ...
Countering cyber threats for industrial applications

The widespread adoption of Internet of Things (IoT) in industrial systems has made malware propagation more voluminous and sophisticated. Detection and prevention against these malware threats rely on automated dynamic analysis techniques. Malware ...
Dissecting SpyEye - Understanding the design of third generation botnets

Botnet malware is improving with the latest (3rd) generation exemplified by the SpyEye and Zeus botnets. These botnets are important to understand because they target online financial transactions, primarily with banks. In this paper, we analyze the ...

Comments

Information & Contributors

Information

Published In

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

January 2013

282 pages

ISBN:9781450316873

DOI:10.1145/2459976

Editors:
Frederick Sheldon
Oak Ridge National Laboratory
,
Annarita Giani
Los Alamos National Laboratory
,
Axel Krings
University of Idaho
,
Robert Abercrombie
Oak Ridge National Laboratory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 January 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CSIIRW '13

Sponsor:

Los Alamos National Labs
Sandia National Labs
DOE
Lawrence Livermore National Lab.
BERKELEYLAB
Argonne Natl Lab
Idaho National Lab.
Nevada National Security Site

CSIIRW '13: Cyber Security and Information Intelligence

January 8 - 10, 2013

Tennessee, Oak Ridge, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
200
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Wüstrich LGallenmüller SGünther SCarle GPahl M(2024)Shells Bells: Cyber-Physical Anomaly Detection in Data CentersNOMS 2024-2024 IEEE Network Operations and Management Symposium10.1109/NOMS59830.2024.10575124(1-10)Online publication date: 6-May-2024
https://doi.org/10.1109/NOMS59830.2024.10575124
Cabral RMcDonald JHively LBenton R(2022)Profiling CPU Behavior for Detection of Android RansomwareSoutheastCon 202210.1109/SoutheastCon48659.2022.9764053(690-697)Online publication date: 26-Mar-2022
https://doi.org/10.1109/SoutheastCon48659.2022.9764053
Gautier AAndel TBenton RMcDonald JBardin SStakhanova N(2018)On-Device Detection via Anomalous Environmental FactorsProceedings of the 8th Software Security, Protection, and Reverse Engineering Workshop10.1145/3289239.3289246(1-8)Online publication date: 3-Dec-2018
https://dl.acm.org/doi/10.1145/3289239.3289246
Dawson JMcDonald JHively LAndel TYampolskiy MHubbard C(2018)Phase Space Detection of Virtual Machine Cyber Events Through Hypervisor-Level System Call Analysis2018 1st International Conference on Data Intelligence and Security (ICDIS)10.1109/ICDIS.2018.00034(159-167)Online publication date: Apr-2018
https://doi.org/10.1109/ICDIS.2018.00034
Moore SYampolskiy MGatlin JMcDonald JAndel TMcDonald JPreda MStakhanova N(2016)Buffer overflow attack's power consumption signaturesProceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering10.1145/3015135.3015141(1-7)Online publication date: 5-Dec-2016
https://dl.acm.org/doi/10.1145/3015135.3015141

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Detection of Stealth Process using Hooking

Countering cyber threats for industrial applications

Dissecting SpyEye - Understanding the design of third generation botnets

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations