A two-stage cyber attack detection and classification system for smart grids

被引:10
作者
Alani, Mohammed M. [1 ]
Mauri, Lara [2 ]
Damiani, Ernesto [3 ]
机构
[1] Toronto Metropolitan Univ, Cybersecur Res Lab, Toronto, ON M5B 2K3, Canada
[2] Univ Milan, Comp Sci Dept, Milan, Italy
[3] Khalifa Univ, Ctr Cyber Phys Syst C2PS, Abu Dhabi, U Arab Emirates
来源
INTERNET OF THINGS | 2023年 / 24卷
关键词
Attack; Intrusion; Detection; Machine learning; Smart grid; DNP3; DATA INJECTION ATTACK; SECURITY;
D O I
10.1016/j.iot.2023.100926
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
As the adoption of Internet of Things (IoT) devices increases rapidly, industrial applications of IoT devices gain further popularity. Some of these applications, such as smart grids, are considered high-risk applications. In the past few years, smart grids became the target of many cyber attacks. In this paper, we present a two-stage system for the detection and classification of cyber attacks based on machine learning. The first stage of the proposed system focuses on detecting attacks efficiently and accurately. The second stage analyzes available data and predicts the specific attack class. The proposed system was tested using the DNP3 intrusion detection dataset, and delivered an F1 score of 0.9976 at the detection stage, and 0.9883 at the attack type classification stage.
引用
收藏
页数:14
相关论文
共 51 条
[21]   Attacking and Defending DNP3 ICS/SCADA Systems [J].
Kelli, Vasiliki ;
Radoglou-Grammatikis, Panagiotis ;
Sesis, Achilleas ;
Lagkas, Thomas ;
Fountoukidis, Eleftherios ;
Kafetzakis, Emmanouil ;
Giannoulakis, Ioannis ;
Sarigiannidis, Panagiotis .
18TH ANNUAL INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING IN SENSOR SYSTEMS (DCOSS 2022), 2022, :183-190
[22]  
Khoei TT, 2022, Arxiv, DOI [arXiv:2207.07738, 10.48550/arxiv.2207.07738, DOI 10.48550/ARXIV.2207.07738]
[23]   Ensemble Learning Methods for Anomaly Intrusion Detection System in Smart Grid [J].
Khoei, Tala Talaei ;
Aissou, Ghilas ;
Hu, When Chen ;
Kaabouch, Naima .
2021 IEEE INTERNATIONAL CONFERENCE ON ELECTRO INFORMATION TECHNOLOGY (EIT), 2021, :129-135
[24]   Real-Time Detection of Hybrid and Stealthy Cyber-Attacks in Smart Grid [J].
Kurt, Mehmet Necip ;
Yilmaz, Yasin ;
Wang, Xiaodong .
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2019, 14 (02) :498-513
[25]  
Kwon Y, 2015, 2015 IEEE EINDHOVEN POWERTECH
[26]   Using Data Mining Methods to Detect Simulated Intrusions on a Modbus Network [J].
Li, Szu-Chuang ;
Huang, Yennun ;
Tai, Bo-Chen ;
Lin, Chi-Ta .
2017 IEEE 7TH INTERNATIONAL SYMPOSIUM ON CLOUD AND SERVICE COMPUTING (SC2 2017), 2017, :143-148
[27]   Online Generative Adversary Network Based Measurement Recovery in False Data Injection Attacks: A Cyber-Physical Approach [J].
Li, Yuancheng ;
Wang, Yuanyuan ;
Hu, Shiyan .
IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, 2020, 16 (03) :2031-2043
[28]   Collaborative Feature Maps of Networks and Hosts for AI-driven Intrusion Detection [J].
Liu, Jinxin ;
Simsek, Murat ;
Kantarci, Burak ;
Bagheri, Mehran ;
Djukic, Petar .
2022 IEEE GLOBAL COMMUNICATIONS CONFERENCE (GLOBECOM 2022), 2022, :2662-2667
[29]   Estimating Degradation of Machine Learning Data Assets [J].
Mauri, Lara ;
Damiani, Ernesto .
ACM JOURNAL OF DATA AND INFORMATION QUALITY, 2022, 14 (02)
[30]   Cyber-Resilient Smart Cities: Detection of Malicious Attacks in Smart Grids [J].
Mohammadpourfard, Mostafa ;
Khalili, Abdullah ;
Genc, Istemihan ;
Konstantinou, Charalambos .
SUSTAINABLE CITIES AND SOCIETY, 2021, 75
123456