Skip to main content

Smart Grids and Energy Storage Systems

Smart Grids and Energy Storage Systems: Powering the Future of Energy In today’s rapidly evolving energy landscape, the push towards sustainability, efficiency, and reliability is stronger than ever. Traditional power grids, though robust in their time, are no longer sufficient to meet the demands of a modern, digital, and environmentally conscious society. This is where smart grids and energy storage systems (ESS) come into play — revolutionizing how electricity is generated, distributed, and consumed. What is a Smart Grid? A smart grid is an advanced electrical network that uses digital communication, automation, and real-time monitoring to optimize the production, delivery, and consumption of electricity. Unlike conventional grids, which operate in a one-way flow (from generation to end-user), smart grids enable a two-way flow of information and energy. Key Features of Smart Grids: Real-time monitoring of power usage and quality. Automated fault detection and rapid restoration. Int...

Implementing Security Defenses

Implementing Security Defenses
Security Policy
* A security policy should be well thought-out, agreed upon, and restrained in a living 
document that everyone adheres to and is updated as required.
* Examples of contents adds how often port scans are run,password requirements, virus detectors, etc.

Vulnerability Assessment
* Periodically examine the system to detect vulnerabilities.
• Port scanning.
• Check for bad passwords.
• Look for suid programs.
• Unauthorized programs in system directories.
• Incorrect permission bits set.
• Program checksums / digital signatures which have modified.
• Unexpected or hidden network daemons.
• New entries in start-up scripts, shutdown scripts, cron tables, or other system scripts or configuration files.
• New unauthorized accounts.
* The government considers a system to be only as guard as its most far-reaching 
component. Any system linked to the Internet is inherently less secure than one that is in a sealed room with no external communications.
* Some administrators advocate "security through obscurity", focusing to keep as much data about their systems hidden as possible, and not announcing any security concerns they come across. Others announce security concerns from the rooftops, under the theory that the hackers are going to find out anyway, and the only one kept in the dark by obscurity are honest administrators who need to get the word.

Intrusion Detection
* Intrusion detection attempts to find attacks, both successful and unsuccessful attempts. Different techniques vary along several axes:
• The time that detection occurs, either at the time of the attack or after the fact.
• The types of information verified to find the attack(s). Some attacks can only be find by analyzing multiple sources of information.
• The reply to the attack, which may range from alerting an administrator to automatically stopping the attack (e.g. killing an offending process), to tracing back the attack in order to find the 
attacker.
  -> Another approach is to divert the attacker to a honey pot, on a honey net. The idea beyond a honey pot is a computer running normal services, but which no one uses to do any real work. Such a system should not see any network traffic under normal circumstances, so any traffic going to or from such a system is by definition suspicious. Honey pots are normally kept on a honey net protected by a reverse firewall, which will let potential attackers in to the honey pot, but will not allow any outgoing traffic. (So that if the honey pot is compromised, the attacker cannot take it as a base of operations for attacking other systems.) Honey pots are closely watched, and any suspicious activity carefully logged and investigated.
* Intrusion Detection Systems, IDSs, raise the alarm when they find an intrusion. 
Intrusion Detection and Prevention Systems, IDPs, act as filtering routers, shutting down doubtful traffic when it is find.
* There are two major methods to finding problems:
Signature-Based Detection scans network packets, system files, etc. 
looking for findable characteristics of known attacks, such as text strings for messages or the binary code for "exec /bin/sh". The problem with this is that it can only detect previously encountered problems for which the signature is known, requiring the frequent update of signature lists.
• Anomaly Detection searches for "unusual" structures of traffic or operation, such as unusually heavy load or an unusual number of logins late at night.
* The benefit of this method is that it can detect previously unknown attacks, so called zero-day attacks.
* One problem with this method is grouping what is "normal" for a given system. One method is to benchmark the system, but if the attacker is already present when the benchmarks are made, 
then the "unusual" activity is recorded as "the norm."
* Another problem is that not all changes in system execution are the result of security attacks. If the system is bogged down and really slow late on a Thursday night, does that mean that a hacker has gotten in and is having the system to send out SPAM, or does it simply mean that a CS 385 assignment is due on Friday? :-)
* To be effective, anomaly detectors must have a very low false alarm (false positive) rate, lest the warnings get deleted, as well as a low false negative rate in which attacks are missed.

Virus Protection
* Modern anti-virus programs are normally signature-based detection systems, which also have the ability (in some cases) of disinfecting the affected files and returning them back to their original condition.
* Both viruses and anti-virus programs are fastly evolving. For example viruses now 
commonly mutate every time they produce, and so anti-virus programs look for families of related signatures rather than specific ones.
* Some antivirus programs look for anomalies, such as an implementation program being opened for writing (other than by a compiler.)
* Avoiding bootleg, free, and divided software can help reduce the chance of catching a virus, but even shrink-wrapped official software has on occasion been infected by disgruntled factory workers.
* Some virus detectors will run doubtful programs in a sandbox, an isolated and secure area of the system which mimics the real system.
* Rich Text Format, RTF, files can't carry macros, and hence can't carry Word macro viruses.
* Known safe programs (e.g. right after a fresh install or after a thorough examination) can be digitally signed, and frequently the files can be re-verified against the stored digital signatures. (Which should be kept secure, such as on off-line write-only medium?)

Auditing, Accounting, and Logging
* Auditing, accounting, and logging records can also be used to find anomalous behavior.
* Some of the kinds of things that can be logged adds authentication failures and 
successes, logins, running of suid or sgid programs, network processes, system calls, etc. In rare cases almost every keystroke and electron that moves can be logged for future analysis. (Note that on the flip side, all this detailed logging can also be used to analyze system performance. The down side is that the logging also affects system performance 
(negatively!), and so a Heisenberg effect applies. )
* "The Cuckoo's Egg" tells the story of how Cliff Stoll find one of the early UNIX 
break ins when he noticed anomalies in the accounting records on a computer system being used by physics researchers.

Tripwire File system (New Sidebar)
* The tripwire file system monitors files and directories for changes, on the assumption that most intrusions eventually result in some sort of undesired or unexpected file changes.
* The two config file indicates what directories are to be monitored, as well as what properties of each file are to be recorded. (E.g. one may choose to monitor authorization and content changes, but not worry about read access times.)
* When first run, the choosed properties for all monitored files are recorded in a database. Hash codes are used to monitor file contents for changes.
* Subsequent runs report any changes to the recorded data, adding hash code changes, and any newly created or missing files in the monitored directories.
* For full security it is necessary to also guard the tripwire system itself, most importantly the database of recorded file properties. This could be saved on some external or write-only location, but that makes it harder to change the database when legitimate changes are made.
* It is hard to monitor files that are supposed to change, such as log files. The best tripwire can do in this case is to watch for anomalies, such as a log file that shrinks in size.
* Free and commercial versions are available at http://tripwire.org and http://tripwire.com.

Labels:

Popular posts from this blog

Abbreviations

No :1 Q. ECOSOC (UN) Ans. Economic and Social Commission No: 2 Q. ECM Ans. European Comman Market No : 3 Q. ECLA (UN) Ans. Economic Commission for Latin America No: 4 Q. ECE (UN) Ans. Economic Commission of Europe No: 5 Q. ECAFE (UN)  Ans. Economic Commission for Asia and the Far East No: 6 Q. CITU Ans. Centre of Indian Trade Union No: 7 Q. CIA Ans. Central Intelligence Agency No: 8 Q. CENTO Ans. Central Treaty Organization No: 9 Q. CBI Ans. Central Bureau of Investigation No: 10 Q. ASEAN Ans. Association of South - East Asian Nations No: 11 Q. AITUC Ans. All India Trade Union Congress No: 12 Q. AICC Ans. All India Congress Committee No: 13 Q. ADB Ans. Asian Development Bank No: 14 Q. EDC Ans. European Defence Community No: 15 Q. EEC Ans. European Economic Community No: 16 Q. FAO Ans. Food and Agriculture Organization No: 17 Q. FBI Ans. Federal Bureau of Investigation No: 18 Q. GATT Ans. General Agreement on Tariff and Trade No: 19 Q. GNLF Ans. Gorkha National Liberation Front No: ...
Read more

Operations on data structures

OPERATIONS ON DATA STRUCTURES This section discusses the different operations that can be execute on the different data structures before mentioned. Traversing It means to process each data item exactly once so that it can be processed. For example, to print the names of all the employees in a office. Searching It is used to detect the location of one or more data items that satisfy the given constraint. Such a data item may or may not be present in the given group of data items. For example, to find the names of all the students who secured 100 marks in mathematics. Inserting It is used to add new data items to the given list of data items. For example, to add the details of a new student who has lately joined the course. Deleting It means to delete a particular data item from the given collection of data items. For example, to delete the name of a employee who has left the office. Sorting Data items can be ordered in some order like ascending order or descending order depending ...
Read more

Points to Remember

• A data structure is a particular way of storing and organizing data either in computer’s memory or on the disk storage so that it can be used efficiently. • There are two types of data structures: primitive and non-primitive data structures. Primitive data structures are the fundamental data types which  are supported by a programming language. Non-primitive data structures are those data structures which are created using primitive data structures. • Non-primitive data structures can further be classified into two categories: linear and non-linear data structures.  • If the elements of a data structure are stored in a linear or sequential order, then it is a linear data structure. However, if the elements of a data structure are not stored in sequential order, then it is a non-linear data structure.  • An array is a collection of similar data elements which are stored in consecutive memory locations. • A linked list is a linear data structure consisting of a grou...
Read more