Georgia Institute of Technology Georgia Institute of Technology

Research Horizons

Georgia Tech's Research Horizons Magazine
Menu

PROTECTING THE GRID BY LISTENING

Device fingerprinting can reveal attacks

photo - three researchers standing behind computer screens

Georgia Tech researchers are “fingerprinting” devices on the electric grid to improve security. Shown with grid devices and a schematic are graduate student David Formby, Associate Professor Raheem Beyah, and Assistant Professor Jonathan Rogers. Photo: Rob Felt

Human voices are individually recognizable because they’re generated by the unique components of each person’s voice box, pharynx, and other physical structures.

Researchers are using the same principle to identify devices on electrical grid control networks, using their unique electronic “voices” — fingerprints produced by the devices’ individual physical characteristics — to determine which signals are legitimate and which might be from attackers. A similar approach could also be used to protect networked industrial control systems in oil and gas refineries, manufacturing facilities, wastewater treatment plants, and other critical systems.

The research, reported at the Network and Distributed System Security Symposium, was supported in part by the National Science Foundation.

“We have developed fingerprinting techniques that work together to protect various operations of the power grid to prevent or minimize spoofing of packets that could be injected to produce false data or false control commands into the system,” said Raheem Beyah, the Motorola Foundation Professor in Georgia Tech’s School of Electrical and Computer Engineering. “This is the first technique that can passively fingerprint different devices that are part of critical infrastructure networks. We believe it can be used to significantly improve the security of the grid and other networks.”

The networked systems controlling the U.S. electrical grid and other industrial systems often lack the ability to run modern encryption and authentication programs, and the legacy equipment connected to them were never designed for networked security. The grid systems are also difficult to update using the “patching” techniques common in computer networks.

Device fingerprinting takes advantage of the unique physical properties of the grid and the consistent types of operations that take place there. For instance, security devices listening to signals traversing the grid’s control systems can differentiate between these legitimate devices and signals produced by equipment that’s not part of the system. — John Toon

Subscribe to Research Horizons
Get the latest Georgia Tech research news through our free print magazine, monthly electronic newsletter, and Twitter feed.

 

Georgia Tech is home to more than 2,500 faculty members who conduct scientific and engineering research in hundreds of different research areas.

Related Stories

Read More
Read More
Read More

Media Contacts

John Toon

John Toon

Director of Research News
Phone: 404.894.6986
photo - Jason Maderer

Jason Maderer

National Media Relations
Phone: 404.385.2966
photo - Ben Brumfield

Ben Brumfield

Senior Science Writer
Phone: 404.385.1933
Josh Brown

Josh Brown

Senior Science Writer
Phone: 404-385-0500

Subscribe & Connect

Follow Us on Twitter:

@gtresearchnews

RSS Feeds

Subscribe to our RSS Feeds with your favorite reader.

Email Newsletter

Sign up to receive our monthly email newsletter.

Research Horizons Magazine

Sign up for a free subscription to Research Horizons magazine.