Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • RACS 2017 - Presentation

    Enviado por

    appleofff
    9 visualizações15 páginas
    Presentation

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    Presentation

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    9 visualizações15 páginas

    RACS 2017 - Presentation

    Enviado por

    appleofff
    Presentation

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 15

    OCPP security

    Neural network for detecting malicious traffic

    Author: Supervisor:
    Adrian Gabriel Morosan Conf.dr.ing. Florin Pop

    1 / 15
    Introduction

    I OCPP - Open Charge Point Protocol


    I Standard de facto
    I Released in 2010
    I Current version - 2.0 (2017)
    I Communication between charging stations and central systems

    2 / 15
    OCPP security - shortcomings

    I Recommendations: SSL/TLS, stations authentication


    I Charging stations - unstable systems
    I Neural network for detecting malicious traffic
    I FAULTED
    I RANDOM
    I NORMAL

    3 / 15
    Related work

    I Techniques: Artificial Neural Network (multilayer perceptron,


    backpropagation)
    I Detection of malicious traffic: TCP, UDP, ICMP
    I Advantages: speed, through previous experience learning
    I Disadvantages: it requires big amount of data in learning set

    4 / 15
    Proposed solution - Backpropagation structure

    5 / 15
    Classification process

    I 3 types of traffic are detected:


    I NORMAL - benigm traffic
    I FAULTED
    I repeated traffic
    I OCPP compliant
    I high frequency
    I RANDOM
    I equally distributed
    I non OCPP compliant
    I low frequency
    I 2 types of learning sets

    6 / 15
    Learning sets - FAULT detection

    7 / 15
    Learning sets - FAULT detection(2)

    I Similarity between consecutive pairs of request/response


    I Status of the response: CALLRESULT/CALLERROR
    I Keywords in response: -1, Occupied, Expired, Invalid

    8 / 15
    Learning sets - RAND detection

    9 / 15
    Learning sets - RAND detection(2)

    Tabela: Non OCPP compliant consecutive request types


    First Second
    Authorize MeterValues
    MeterValues StartTransaction
    StopTransaction MeterValues
    BootNotification MeterValues
    StartTransaction StartTransaction
    StopTransaction StopTransaction
    MeterValues MeterValues
    StartTransaction StopTransaction
    StopTransaction StartTransaction
    BootNotification All - StatusNotification

    10 / 15
    Learning curve - FAULTED

    FAULT RAND FAULT + RAND


    98.54% 30.76% 91.29%

    11 / 15
    Learning curve - RANDOM

    FAULT RAND FAULT + RAND


    65.77% 87.16% 90.90%

    12 / 15
    Learning curve - NORMAL

    FAULT RAND FAULT + RAND


    98.58% 97.16% 99.29%

    13 / 15
    Conclusion

    I Composite approach to detect: FAULTED, RANDOM and


    NORMAL traffic
    I Automated classification of learning sets
    I Based exclusively on OCPP messages

    14 / 15
    Future work

    I Integration into existing OCPP architecture


    I Real-time system for detecting malicious traffic
    I Expand the current network to support load-balancing

    15 / 15

    Você também pode gostar