Puppet Attack: Newly Discovered Cyber Threat for Smart Meters

by K.T. Weaver, SkyVision Solutions

Smart Meter Puppet AttackA newly discovered cyber security threat for utility smart meters, called a “puppet attack,” is described in the January 2016 issue of the Journal of Network and Computer Applications.  The paper itself is entitled, “Puppet attack: A denial of service attack in advanced metering infrastructure network.”

The new “puppet attack” results in what is called a denial of service for smart meters using wireless mesh network technology.  As described in the Abstract for the article:

“The intruder can select any normal node as a puppet node and send attack packets to this puppet node.  When the puppet node receives these attack packets, this node will be controlled by the attacker and flood more packets so as to exhaust the network communication bandwidth and node energy.”

More generally, as described in the article:

“The addition of a communication infrastructure and the new computational capabilities of smart grid devices add a significant attack surface to traditional energy delivery systems.  For example, cyber intrusions that would previously have required physical access to the utility network may now be possible through a remote exploit.”

“In the context of AMIs, the fact that smart meters are not only connected to the utility network but also directly accessible by customers enables new attack vectors.  Indeed, field area networks in which meters are deployed appear to be an attractive target for adversaries, because they consist of large numbers of physically accessible devices and have limited or no security monitoring capabilities.”

Security threats grow exponentially, from inside and outside of the AMI network system.”

The puppet attack is described as exhibiting two features: “secrecy and efficiency.”  These features make the puppet attack a “severe” form of denial of service for smart meters as compared with other known attack mechanisms.  More specifically:

“Acting like a normal node, the malicious node only sends attack packets that have specific routes when the malicious node starts to attack.  The attack packets are the same as normal data packets except that they contain error routes.  Other nodes cannot distinguish between correct and error routes in the attack packets since the source node (i.e. malicious node) creates the error route.  Malicious nodes need not send many attack packets to control their puppets.”

As described by the authors, this newly discovered puppet attack has the ability to cause a “collapse of the network,” and it is “very difficult to detect the malicious node.”

The authors conclude the paper by discussing a possible mechanism to detect and help mitigate puppet attacks and where “neighbor nodes cut off the routes to the attacker as they detect the puppet attack.”

The more obvious solution is to stop deploying smart meters that utilize the flawed technology, since as the authors stated, “security threats grow exponentially” when using networked smart meters.

Source Material for this Article

“Puppet attack: A denial of service attack in advanced metering infrastructure network,” by Ping Yi, et.al., Journal of Network and Computer Applications; 59 (2016) 325 – 332; available at http://www.sciencedirect.com/science/article/pii/S1084804515000880

Copyright Notice © SkyVision Solutions and Smart Grid Awareness, 2013 – 2016.  Unauthorized use and/or duplication of original material from this site without express and written permission from this site’s author and/or owner is strictly prohibited.  Excerpts and links may be used, provided that full and clear credit is given to SkyVision Solutions and Smart Grid Awareness with appropriate and specific direction to the original content.

About SkyVision Solutions

Raising public awareness and finding solutions for smart grid issues related to invasions of privacy, data security, cyber threats, health and societal impacts, as well as hazards related to radiofrequency (RF) radiation emissions from all wireless devices, including smart meters.
This entry was posted in Smart Grid, Smart Meters, and RF Emissions and tagged , , , . Bookmark the permalink.

8 Responses to Puppet Attack: Newly Discovered Cyber Threat for Smart Meters

  1. Info Netindy says:

    No concrete discussion about the construct of the network being tested. The definition of what a “Normal Node” is or what the “the flawed technology” tested was? Where did it come from, what were the test conditions, etc..

    • At this website we frequently highlight published documents and studies that reveal that smart grid technology has risks to society and not just benefits.

      As the published paper in this case is copyrighted, we only summarize the main points of the study and offer a few selected quotes.

      In reviewing the actual published paper that I purchased, you are right in the sense I do not see a specific definition for “normal node.” However, there is discussion of normal nodes and malicious nodes within an AMI network, … and how a normal node can act as a malicious node.

      For purposes of my normal audience (the public), I did not want to get too technical, but a main point of the article was to conclude that the discovered puppet attack is “more serious than that of a flooding attack.”

      The reference to the technology being “flawed” is my own as the authors of the paper state that the “security threats grow exponentially” when using networked smart meters, particularly for wireless networks. There is not much hope of ensuring security under such circumstances, and thus I consider such technology as fundamentally flawed. Why would anyone want to deploy technology where the security threats grow exponentially?

  2. Chris S. says:

    The Utility industry is poisoning us all however possible, not diff than like PGE poisoning via chemical contamination in CA. CA officials are making this poisoning of planet poss. in multiple ways including electrical poisoning via Smart Meters (and other directed energy tech). Where is the CA Attorney General? Campaigning for Senate, to be part of the corrupt American Congress that lets the US DOJ use the law against innocent humans and animals. . Speak out or it will only get worse. We are b/c we were targeted for our expertise too. Please see FB:Greenhouse Refugees

  3. Craig Dible says:

    Oh, boy…a DoS attack…that could potentially crash the whole network.

    Wonder if analog meters would still get juice?

  4. Sarah Mitchell (@fundeals4u) says:

    We are in a very dangerous state of affairs.. The Government has failed to recognize the failures of the implementation of these device’s in the end will show to be covert and serve a greater purposed for deception to what extent we don’t know but with every passing day it is being revealed.I personally believe these device’s will be used to target every citizen in the USA. We are no longer living private lives we are under surveillance 24 hours a day. We can only hope pray our government will come to it’s sences and halt this evil plan.

  5. Warren says:

    Of course the other “puppet attack” is the seemingly endless one against customers by the utility puppets that seem to hold office in just about every state’s public utilities commission.

    • I have another published paper from last year that summarizes other Denial of Service (DOS) attacks:

      – Denial of Sleep Attack
      – Path Based DOS attack
      – Jamming Attack
      – Wormhole Attack
      – Vampire Attack

      The paper concludes that “after developing many prevention techniques, wireless ad-hoc sensor networks are still vulnerable to DOS attacks.” I suppose these guys have fun dreaming up new names for their discoveries.

    • 1vimana1 says:

      Warren,
      This what’s turning out to be insidious poisoning of all humans and animals and plants such as trees leaves and trees bark protective coating as now verified by Holland’s top foresters has been going on for years now from the totally out of control Microwave Industry and Electric Power Company C.E.O’s and seemingly Earth’s governments with their Rapine Greed for ever more taxes, or monetary profit. As well as the steady poisoning of animals = people’s pets and farm animals and insects such as honey and bumble bees and lady-birds that usefully kill aphids the sap-sucking insects etc. It’s DEATH to all LIFE on Planet Earth my son, and the dopy and selfish and money crazy governments of Planet Earth don’t give a tinker’s CUSS.

      It’s now time to rip out all dopy Electric Microwave A.M.I broadcasting and receiving machines such as the dopy and poisonous and far from Smart Meters. This also calls for cutting of the powerful Electric feeder lines to the control boxes on the very high Towered Microwave sending and receiving machines for dopy and also poisonous hand held Mobile Stupid Microwave Mobile Phones.

      Next we all need to get these filthy poisonous towers pulled down and the same sending and receiving machines on tall buildings. I say pull down these tall towers and all of the Microwave machines atop of them and melt them down in industrial furnaces.

      Get rid of Wi-Fi in all schools world-wide, just as the French Education Department have been now doing for a long time as Wi-Fi in Schools or at home or at work and in trains and buses and in large passenger aircraft and large ships is poisoning humans and all of life.
      Last of all get more Safe and Passive Analog Electric Meters manufactured to replace the stinking filthy poisonous and far from Smart Microwave A.M.I broadcasting machines still on and in ever more peoples homes or on their outside walls of their homes.
      Also bring back the Electric and Gas and Water Meter Reader Men.
      Government and Electric Power Company’s Greed for ever more monetary profit has gone completely off the rails and is the height of Wickedness.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s