Anomaly Detection for Cybersecurity of the Substations

被引：166

作者：

Ten, Chee-Wooi ^{[1
]}

Hong, Junho ^{[2
]}

Liu, Chen-Ching ^{[2
]}

机构：

[1] Michigan Technol Univ, Dept Elect & Comp Engn, Houghton, MI 49931 USA

[2] Univ Coll Dublin, Sch Elect Elect & Mech Engn, Dublin 4, Ireland

来源：

IEEE TRANSACTIONS ON SMART GRID | 2011年 / 2卷 / 04期

基金：

爱尔兰科学基金会;

关键词：

Anomaly detection; cybersecurity of substations; defense system; network security; CONTROL CENTERS; SECURITY; COMMUNICATION; SYSTEM;

D O I：

10.1109/TSG.2011.2159406

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

Cybersecurity of the substations in a power system is a major issue as the substations become increasingly dependent on computer and communication networks. This paper is concerned with anomaly detection in the computer network environment of a substation. An anomaly inference algorithm is proposed for early detection of cyber-intrusions at the substations. The potential scenario of simultaneous intrusions launched over multiple substations is considered. The proposed detection method considers temporal anomalies. Potential intrusion events are ranked based on the credibility impact on the power system. Snapshots of anomaly entities at substations are described. Simulation results using the modified IEEE 118-bus system have shown the effectiveness of the proposed method for systematic identification. The result of this research is a tool to detect cyber-intrusions that are likely to cause significant damages to the power grid.

引用

页码：865 / 873

页数：9

共 29 条

[1]

[Anonymous], 2004, 618506 IEC

[2]

[Anonymous], 2008, 1686 IEC IEEE

[3]

Baldick R, 2009, 2009 IEEE/PES POWER SYSTEMS CONFERENCE AND EXPOSITION, VOLS 1-3, P83

[4] Matrices, vector spaces, and information retrieval [J].

Berry, MW ;

Drmac, Z ;

Jessup, ER .

SIAM REVIEW, 1999, 41 (02) :335-362

[5] Collaborative, trust-based security mechanisms for a regional Utility Intranet [J].

Coates, Gregory M. ;

Hopkinson, Kenneth M. ;

Graham, Scott R. ;

Kurkowski, Stuart H. .

IEEE TRANSACTIONS ON POWER SYSTEMS, 2008, 23 (03) :831-844

[6]

Cross-Domain Event Detection Analysis and Response-The Smart Grid Interoperability Panel-Cybersecurity Working Group, 2010, 7628 NIST US DEP COM

[7] AN INTRUSION-DETECTION MODEL [J].

DENNING, DE .

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 1987, 13 (02) :222-232

[8] MODERN CONTROL CENTERS AND COMPUTER NETWORKING [J].

DYLIACCO, TE .

IEEE COMPUTER APPLICATIONS IN POWER, 1994, 7 (04) :17-22

[9] Security for industrial communications systems [J].

Dzung, D ;

Naedele, M ;

Von Hoff, TP ;

Crevatin, MC .

PROCEEDINGS OF THE IEEE, 2005, 93 (06) :1152-1177

[10] Fast intrusion detection based on a non-negative matrix factorization model [J].

Guan, Xiaohong ;

Wang, Wei ;

Zhang, Xiangliang .

JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2009, 32 (01) :31-44

← 1 2 3 →