Towards feature engineering for intrusion detection in IEC-61850 communication networks

被引：2

作者：

Quincozes, Vagner E. ^{[1
]}

Quincozes, Silvio E. ^{[2
,3
]}

Passos, Diego ^{[1
,4
]}

Albuquerque, Celio ^{[1
]}

Mosse, Daniel ^{[5
]}

机构：

[1] Univ Fed Fluminense, Comp Sci Dept, Niteroi, Brazil

[2] Univ Fed Pampa, Campus Alegrete, Alegrete, Brazil

[3] Univ Uberlandia, Programa Posgrad Computacao PPGCO, Uberlandia, Brazil

[4] DEETC, Inst Super Engn Lisboa ISEL, Lisbon, Portugal

[5] Univ Pittsburgh, Comp Sci, Pittsburgh, PA 15260 USA

来源：

ANNALS OF TELECOMMUNICATIONS | 2024年 / 79卷 / 7-8期

基金：

巴西圣保罗研究基金会;

关键词：

Feature extraction; Intrusion detection systems (IDSs); Machine learning (ML); Digital substations; IEC-61850; ANOMALY DETECTION;

D O I：

10.1007/s12243-024-01011-x

中图分类号：

TN [电子技术、通信技术];

学科分类号：

0809 ;

摘要：

Digital electrical substations are fundamental in providing a reliable basis for smart grids. However, the deployment of the IEC-61850 standards for communication between intelligent electronic devices (IEDs) brings new security challenges. Intrusion detection systems (IDSs) play a vital role in ensuring the proper function of digital substations services. However, the current literature lacks efficient IDS solutions for certain classes of attacks, such as the masquerade attack. In this work, we propose the extraction and correlation of relevant multi-layer information through a feature engineering process to enable the deployment of machine learning-based IDSs in digital substations. Our results demonstrate that the proposed solution can detect attacks that are considered challenging in the literature, attaining an F1-score of up to 95.6% in the evaluated scenarios.

引用

页码：537 / 551

页数：15

共 36 条

[1] LoRAS: an oversampling approach for imbalanced datasets [J].

Bej, Saptarshi ;

Davtyan, Narek ;

Wolfien, Markus ;

Nassar, Mariam ;

Wolkenhauer, Olaf .

MACHINE LEARNING, 2021, 110 (02) :279-301

[2] Hybrid of anomaly-based and specification-based IDS for Internet of Things using unsupervised OPF based on MapReduce approach [J].

Bostani, Hamid ;

Sheikhan, Mansour .

COMPUTER COMMUNICATIONS, 2017, 98 :52-71

[3] An introduction to ROC analysis [J].

Fawcett, Tom .

PATTERN RECOGNITION LETTERS, 2006, 27 (08) :861-874

[4]

Hong JH, 2014, 2014 IEEE PES INNOVATIVE SMART GRID TECHNOLOGIES CONFERENCE (ISGT)

[5] Intelligent Electronic Devices With Collaborative Intrusion Detection Systems [J].

Hong, Junho ;

Liu, Chen-Ching .

IEEE TRANSACTIONS ON SMART GRID, 2019, 10 (01) :271-281

[6] Integrated Anomaly Detection for Cyber Security of the Substations [J].

Hong, Junho ;

Liu, Chen-Ching ;

Govindarasu, Manimaran .

IEEE TRANSACTIONS ON SMART GRID, 2014, 5 (04) :1643-1653

[7]

Hoyos J, 2012, IEEE GLOBE WORK, P1508, DOI 10.1109/GLOCOMW.2012.6477809

[8]

IEC, 2022, Communication Networks and Systems for Power Utility Automation

[9]

International Electrotechnical Commission, 2010, IEC 62351 security, V1

[10]

International Electrotechnical Commission, 2004, IEC 61850-9-2 Communica- tion networks and systems in substations-Part 9-2: Specific Communica- tion Service Mapping (SCSM)-Sampled values over ISO/IEC 8802-3, V1st

← 1 2 3 4 →