Machine Learning-Enriched Cybersecurity in Smart Grids

Machine Learning-Enriched Cybersecurity in Smart Grids

A smart grid is one of the critical infrastructures that, when targeted by a cyber-attack, could have disastrous effects on the economy and disrupt the lives of the population. Firewalls and Intrusion detection systems, the conventional protective schemes and cyber threat mitigation systems in smart...

Full description

Saved in:
Bibliographic Details
Main Authors: G. Amritha, Manjula G. Nair, Fabrizio Granelli
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Industrial control systems
autoencoders
smart grids
intrusion detection systems
Online Access:https://ieeexplore.ieee.org/document/11027059/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:A smart grid is one of the critical infrastructures that, when targeted by a cyber-attack, could have disastrous effects on the economy and disrupt the lives of the population. Firewalls and Intrusion detection systems, the conventional protective schemes and cyber threat mitigation systems in smart grids, are usually deployed to analyse incoming and outgoing traffic. Although these approaches are capable of detecting external attacks, they are ill-suited to detect threats originating from a compromised device [internal to the grid] infected with malware or malicious software. To mitigate such threats, Industrial Control System (ICS) traffic monitoring and the implementation of anomaly detection systems based on the traffic data are crucial. We propose an anomaly detection system for monitoring the ICS traffic data based on IP traffic flows extended with application layer data obtained from the ICS packet headers. Unlike conventional methods that utilise statistical properties of the communication profiles of the dataflows to identify unknown threats, this study proposes an Autoencoder-based threat detection model. The dataset considered for the scope of this research was generated for the project at Brno University of Technology: Security monitoring of Industrial Control System (ICS) communication in the smart grid (Bonnet), 2019–2022, funded by the Ministry of Interior of the Czech Republic. The proposed solution was validated on diverse cyber-attack datasets, in conformance with IEC (International Electrotechnical Commission) 104 and IEC 61850 standards. The proposed model is efficient with an average anomaly detection rate of 99% in IEC 104 dataset and 97% in IEC 61850 dataset.
ISSN:2169-3536

Similar Items