MPTCP-H: A DDoS Attack Resilient Transport Protocol to Secure Wide Area Measurement Systems.

International Journal of Critical Infrastructure Protection, 2019

Abstract

The penetration of distributed generators into the power distribution grid requires real-time control of the grid by monitoring the state of the power distribution grid. Such a large-scale monitoring cannot be performed by using traditional Supervisory Control and Data Acquisition (SCADA) systems due to its lack of the scalability. To address this issue, contemporary Wide Area Measurement Systems (WAMS) are deployed, which provide the dynamic snapshots of the power system. However,WAMS's more open structure versus SCADA poses a risk ofWAMS being vulnerable to cyberattacks. In particular, due to high responsiveness and availability requirements ofWAMS applications, attacks i.e, Denial-of-Service (DoS) and Distributed DoS (DDoS) are of primary concern for WAMS.

In this paper, we focus on internal DoS/DDoS attacks launched against the WAMS devices by exploiting the vulnerabilities.
To counter such attacks, we propose a proactive and robust extension of the Multipath-TCP (MPTCP) transportation protocol, termed as MPTCP-H. The proposed extension mitigates the internal attacks by using a novel stream hopping mechanism, which periodically renews the subflows to hide the open port numbers of the connection.

By doing so, MPTCP-H significantly increases the attacker's cost for a successful attack without perturbing the WAMS data tra
c. The experimental results show that the proposed MPTCP-H provides a significant DoS/DDoS attack mitigation for WAMS at the expense of reasonable overheads, i.e., additional latency and message.

Authors: 
Kubilay Demir
Ferdaus Nayyer
Neeraj Suri