Anomaly Detection for Cybersecurity of the Substations

被引：166

作者：

Ten, Chee-Wooi ^{[1
]}

Hong, Junho ^{[2
]}

Liu, Chen-Ching ^{[2
]}

机构：

[1] Michigan Technol Univ, Dept Elect & Comp Engn, Houghton, MI 49931 USA

[2] Univ Coll Dublin, Sch Elect Elect & Mech Engn, Dublin 4, Ireland

来源：

IEEE TRANSACTIONS ON SMART GRID | 2011年 / 2卷 / 04期

基金：

爱尔兰科学基金会;

关键词：

Anomaly detection; cybersecurity of substations; defense system; network security; CONTROL CENTERS; SECURITY; COMMUNICATION; SYSTEM;

D O I：

10.1109/TSG.2011.2159406

中图分类号：

TM [电工技术]; TN [电子技术、通信技术];

学科分类号：

0808 ; 0809 ;

摘要：

Cybersecurity of the substations in a power system is a major issue as the substations become increasingly dependent on computer and communication networks. This paper is concerned with anomaly detection in the computer network environment of a substation. An anomaly inference algorithm is proposed for early detection of cyber-intrusions at the substations. The potential scenario of simultaneous intrusions launched over multiple substations is considered. The proposed detection method considers temporal anomalies. Potential intrusion events are ranked based on the credibility impact on the power system. Snapshots of anomaly entities at substations are described. Simulation results using the modified IEEE 118-bus system have shown the effectiveness of the proposed method for systematic identification. The result of this research is a tool to detect cyber-intrusions that are likely to cause significant damages to the power grid.

引用

页码：865 / 873

页数：9

共 29 条

[11] Wi-Fi protected access for protection and automation a work in progress by CIGRE Working Group B5.22 [J].

Holstein, Dennis K. .

2006 IEEE/PES Power Systems Conference and Exposition. Vols 1-5, 2006, :2004-2011

[12] Engineering perspectives on IEC 61850 [J].

Hossenlopp, Luc .

IEEE POWER & ENERGY MAGAZINE, 2007, 5 (03) :45-50

[13] INTELLIGENT ALARM PROCESSING IN POWER-SYSTEMS [J].

KIRSCHEN, DS ;

WOLLENBERG, BF .

PROCEEDINGS OF THE IEEE, 1992, 80 (05) :663-672

[14] A security mechanism of web services-based communication for wind power plants [J].

Liu, Nian ;

Zhang, Jianhua ;

Liu, Wenxia .

IEEE TRANSACTIONS ON POWER DELIVERY, 2008, 23 (04) :1930-1938

[15] Security Assessment for Communication Networks of Power Control Systems Using Attack Graph and MCDM [J].

Liu, Nian ;

Zhang, Jianhua ;

Zhang, Hao ;

Liu, Wenxia .

IEEE TRANSACTIONS ON POWER DELIVERY, 2010, 25 (03) :1492-1500

[16]

Logical Security Architecture Key Concepts and Assumptions on Intrusion Detection for Power Equipment-The Smart Grid Interoperability Panel-Cybersecurity Working Group, 2010, 7628 NIST US DEP COM, V1

[17]

Matrosov A., 2010, STUXNET MICROSCOPE E

[18]

McAfee Foundstone Professional Services and McAfee Labs, 2011, GLOB EN CYB ATT NIGH

[19]

North American Electric Reliability Corporation (NERC) Standards, 2009, CYB SEC CRIT CYB ASS

[20] The real-time publisher/subscriber communication model for distributed substation systems [J].

Ozansoy, Cagil R. ;

Zayegh, Aladin ;

Kalam, Akhtar .

IEEE TRANSACTIONS ON POWER DELIVERY, 2007, 22 (03) :1411-1423

← 1 2 3 →