Md. Mahmud Hasan

Resource Discovery and Allocation in Network Virtualization

Network virtualization is considered an important potential solution to the gradual ossification of the Internet. In a network virtualization environment, a set of virtual networks share the resources of a common physical network although each virtual network is isolated from others. Benefits include increased flexibility, diversity, security and manageability. Resource discovery and allocation are fundamental steps in the process of creating new virtual networks. This paper surveys previous work on, and the present status of, resource discovery and allocation in network virtualization. We also describe challenges and suggest future directions for this area of research.

Optimal Trust System Placement in Smart Grid SCADA Networks

The objective of this paper is to propose a trust system placement scheme for smart grid supervisory control and data acquisition (SCADA) networks. The functionalities of a trust system include firewalling and network intrusion detection. It is capable of monitoring both ingress traffic and egress traffic. In order to minimize the capital expenditure (CAPEX) and the operational expenditure (OPEX), only a selected number of nodes are equipped with trust systems. Those nodes are known as the trust nodes. This paper studies the trust system placement problem from a network topological perspective. It develops a scheme that aims to defend SCADA networks, deploying minimal number of trust nodes. It uses a network segmentation approach to distribute the trust nodes. It considers the minimum spanning tree (MST) as a measure of geographic dispersion. In the segmentation approach, size balancing and geographic dispersion are two main concerns. The segment sizes affect the number of required trust nodes. On the other hand, geographic dispersion affects the response time. The proposed scheme computes trust nodes using linear programming problem (LPP) formulations and local search. Numerical analysis is conducted through case studies for the IEEE test system topologies. It reveals the consistency of performance, better quality of protection, and low computational time. The proposed scheme can be a useful cyber security planning tool for smart grid operators.

Network virtualization: Dealing with multiple infrastructure providers

In this paper, we present some interesting issues of resource allocation in network virtualization. We also propose RAiNV, a resource allocation framework to handle those issues. Sharing of resources is in the heart of network virtualization. The key idea of network virtualization is to replace conventional Internet service provider (ISP) with two separate business entities: infrastructure providers (InP) and service providers (SP). The InPs are the owners of resources. They are responsible for maintaining a certain level of quality of service (QoS) at the physical layer. The SPs lease resources from InPs. They offer various services to end users. It is more realistic to think about a scenario with multiple InPs and multiple SPs. A single service provider (SP) can integrate resources from multiple InPs. Similarly, a single InP can distribute resources to multiple SPs. As a result, optimal resource sharing becomes a challenging task. Resource allocation covers all the virtual network (VN) provisioning matters. Major parts include resource advertisement, request, negotiation, etc. The RAiNV aims to ease dealing with multiple InPs. Its performance is evaluated using obtained numerical results through simulations.

Encryption as a service for smart grid advanced metering infrastructure

Smart grid advanced metering infrastructure (AMI) bridges between consumers, utilities, and market. Its operation relies on large scale communication networks. At the lowest level, information are acquired by smart meters and sensors. At the highest level, information are stored and processed by smart grid control centers for various purposes. The AMI conveys a big amount of sensitive information. Prevention of unauthorized access to these information is a major concern for smart grid operators. Encryption is the primary security measure for preventing unauthorized access. It incurs various overheads and deployment costs. In recent times, the security as a service (SECaaS) model has introduced a number cloud-based security solutions such as encryption as a service (EaaS). It promises the speed and cost-effectiveness of cloud computing. In this paper, we propose a framework named encryption service for smart grid AMI (ES4AM). The ES4AM framework focuses on lightweight encryption of in-flight AMI data. We also study the feasibility of the framework using relevant simulation results.

An Expression for Group Velocity in a Transmission Line

In this correspondence, we will derive an expression for group velocity in a transmission line by using its filter-type equivalent circuit. The expression will be an exact formula for group velocity and different from the traditional approximate expressions, which are found in the text books. We will discuss a special case of this expression, where it can be expressed in a simplified manner.

Optimization of Watchdog Selection in Wireless Sensor Networks

Application areas of wireless sensor networks (WSNs) are rapidly expanding these days. This also intensifies security concerns in extensively deployed WSNs. A watchdog system is one of the security enhancement methods. In such a system, a number of sensor nodes are selected as watchdogs that monitor their single hop neighbors. Thus, sensing operations lose resources to combat distrust. This letter develops models that optimize the selection of watchdogs in WSNs. It focuses on two major facts: 1) overlapping and 2) coverage. Overlapping occurs when a sensor node is monitored by multiple watchdogs. It causes additional consumption of resources. It is inevitable due to the propagation characteristics of wireless signals. The full coverage occurs when each sensor node in a WSN is either monitored by at least one watchdog or working as a watchdog. This letter presents three optimization models for watchdog selection in WSNs. It also evaluates the models through case studies for realistic WSN topologies. The presented models provide a better understanding of resource efficient watchdog deployment strategies.

Cloud-Centric Collaborative Security Service Placement for Advanced Metering Infrastructures

The extensive integration of smart meters to utility communication networks introduces numerous cyber security concerns. Such meters are the primary access points to a smart grid advanced metering infrastructure (AMI). They are physically unprotected devices that are geographically distributed in low-trust environments. Nonetheless, they are expected to transceive vital information regarding consumption, billing, and load management. The security of such information is an important requirement for operational continuity of a power system. Costs, system complexity, and response time are major considerations in designing security solutions for such cases. It is anticipated that future grids will be powered by the advancement of cloud computing. The security-as-a-service is a model that exploits the potential of cloud computing to provide cyber security solutions. Its key offerings include cost reduction, simplicity, and faster response. This paper proposes a cloud-centric collaborative security service architecture for the monitoring of upstream AMI traffic. It also includes a collaboration-aware service placement scheme for the proposed architecture. The placement scheme develops a quadratic assignment problem that minimizes latency. Case studies demonstrate the enhanced performance of the proposed scheme under various scenarios.

A study of resource-constrained cyber security planning for smart grid networks

This paper studies cyber security planning issues in resource-constrained smart grid networks. In particular, it proposes a centrality-based trust system placement scheme for energy SCADA systems. It aims to utilize centrality measurements to improve cyber protection in resource-constrained scenarios. The role of centrality measurements is to rank nodes based on their importance in a network. Trust systems are specialized security devices that are capable of firewalling and network intrusion detection. They monitor both types of traffic, ingress and egress. They are mainly deployed to provide cyber protection to supervisory control and data acquisition (SCADA) systems. Due to budgetary constraints, only a selected number of nodes are equipped with trust systems. Those nodes are known as the trust nodes. The proposed scheme uses linear programming problem (LPP) formulations to select the trust nodes. Numerical results are obtained through case studies for the IEEE BUS 30 and BUS 57 test system topologies. The results reveal that the proposed scheme is capable of improving quality of cyber protection in resource-constrained scenarios.

Latency-aware segmentation and trust system placement in smart grid SCADA networks

This paper proposes a latency-aware trust system placement scheme for smart grid SCADA networks. Trust systems are specialized security devices that are deployed to provide cyber protection to supervisory control and data acquisition (SCADA) systems. Their functionalities include firewalling and intrusion detection. They are capable of monitoring both types of traffic, ingress and egress. Only a selected number of nodes are equipped with trust systems due to budgetary constraints. Those nodes are known as the trust nodes. As trust nodes are responsible for distributing time critical messages, it is important to consider the impact of latency in the selection of trust nodes. Network segmentation is a commonly used way of trust node computations. This paper proposes a latency-aware segmentation approach that exploits the graph theoretic properties of minimum spanning trees (MSTs). Numerical results are obtained through case studies for the IEEE BUS 118 test system topology. The results reveal that the proposed scheme is capable of reducing the impact of latency.