指導教授：陳健輝臺灣大學：資訊網路與多媒體研究所葉顏偉Yeap, Gan WeiGan WeiYeap2014-11-292018-07-052014-11-292018-07-052014http://ntur.lib.ntu.edu.tw//handle/246246/263458智慧電網的發展備受注目，通過增加感測器與智慧裝置，既可提升管理上的效率與可靠性。透過雙向通訊的特性，智慧電網輕易的構建出高分佈且完全自動化的能源輸送網路。智慧電錶基礎建設爲智慧電網中的一個重要系統，負責蒐集與分析客戶用電量，並與智慧電網上的智慧電錶進行溝通連線。近年來，針對智慧電網的資訊安全攻擊層出不窮，智慧電網的安全性備受考驗。爲了確保智慧電網的安全性與可靠性，建立一個有效的攻擊防範技術與入侵偵測系統是刻不容緩的。本論文提出了一個混合式入侵偵測系統，此入侵偵測系統是規範偵測技術與特徵偵測技術的結合體。結合了兩種偵測技術的優點，不僅可以有效的偵測現有的資訊安全攻擊，對於未來與未知的惡意攻擊也具備一定程度的偵測能力。實驗測試結果顯示，此混合式入侵偵測系統有效的偵測出所有實驗設計的模擬攻擊。相信本論文提出的混合式入侵偵測系統可以達到並滿足在智慧電錶基礎建設上所需的資訊安全防護機制之要件與限制。Smart grid has recently been introduced to provide a smarter power grid with enhanced efficiency and reliability of new energy management via adding sensors and intelligent devices. Using bidirectional communication flow of electricity and information, smart grid builds an fully automated and highly distributed energy delivery network. Advanced metering infrastructure (AMI) is the sensor network of the smart grid. It is an essential system in the smart grid responsible for measuring, collecting, analyzing usage and metering devices communication either on request or on a schedule. In recent years, cyber security issue has attracted more and more attention in smart grid development. In order to ensure the security and reliability of a modernized electric grid, it is critical to develop an effective attack prevention techniques and intrusion detection systems to protect advanced metering infrastructure. In this thesis, we proposed a hybrid-based detection intrusion detection system with combination of specification-based and signature-based detection technologies. Our proposed hybrid-based IDS are capable of detecting not only existing attacks but also new and unknown malicious activities. We have shown that the proposed IDS has successfully detected several known threats and we expect the same for unknown attacks. Furthermore, we believe that the proposed IDS has potential to meet the industry-strength requirements and constraints of an AMI system.誌謝 . i 摘要 . ii Abstract . iii 1 Introduction . pg1 1.1 Smart Grid Characteristics . pg2 1.2 Motivation . pg3 1.3 Contributions . pg4 1.4 Organization . pg4 2 Background . pg5 2.1 Smart Grid . pg5 2.2 Advanced Metering Infrastructure . pg7 2.3 Smart Grid Communication Networks . pg8 2.3.1 Wide Area Network . pg8 2.3.2 Neighborhood Area Network . pg8 2.3.3 Home Area Network . pg9 2.4 Smart Grid Security Challenge . pg10 2.5 Intrusion Detection System . pg12 3 Related Work . pg14 4 Methodology . pg16 4.1 Problem Definition . pg16 4.2 The Hybrid-based Detection . pg17 4.2.1 IDS Architecture . pg17 4.2.2 Phases of Work . pg19 5 Experimental Result . pg20 5.1 Simulation Setup . pg20 5.1.1 Traffic Model . pg21 5.2 Attack Model . pg22 5.3 Detection Mechanism . pg23 5.3.1 Attacks signature . pg23 5.3.2 Specifications . pg25 5.4 Result . pg26 5.5 Future Work . pg28 6 Conclusion . pg29 Bibliography . pg29 Appendices . pg33 A Specification . pg33 B Signature Patterns . pg571656397 bytesapplication/pdf論文公開時間：2019/09/18論文使用權限：同意有償授權(權利金給回饋學校)智慧電網智慧電錶基礎建設資訊安全入侵偵測系統規範偵測技術[SDGs]SDG7thesishttp://ntur.lib.ntu.edu.tw/bitstream/246246/263458/1/ntu-103-R01944043-1.pdf