Smart grids are a type of complex cyber–physical system (CPS) that integrates the communication capabilities of smart devices into the grid to facilitate remote operation and control of power systems. However, this integration exposes many existing vulnerabilities of conventional supervisory control and data acquisition (SCADA) systems, resulting in severe cyber threats to the smart grid and potential violation of security objectives. Stealing sensitive information, modifying firmware, or injecting function codes through compromised devices are examples of possible attacks on the smart grid. Therefore, early detection of cyberattacks on the grid is crucial to protect it from sabotage. Machine learning (ML) methods are conventional approaches for detecting cyberattacks that use features of smart grid networks. However, developing an effective, highly accurate detection method with reduced computational overload, is still a challenging research problem. In this work, an efficient and effective security control approach is proposed to detect cyberattacks on the smart grid. The proposed approach combines both feature reduction and detection techniques to reduce the extremely large number of features and achieve an improved detection rate. A correlation-based feature selection (CFS) method is used to remove irrelevant features, improving detection efficiency. An instance-based learning (IBL) algorithm classifies normal and cyberattack events using the selected optimal features. This study describes a set of experiments conducted on public datasets from a SCADA power system based on a 10-fold cross-validation technique. Experimental results show that the proposed approach achieves a high detection rate based on a small number of features drawn from SCADA power system measurements.

A robust cyberattack detection approach using optimal features of SCADA power systems in smart grids

Fortino G.
2020

Abstract

Smart grids are a type of complex cyber–physical system (CPS) that integrates the communication capabilities of smart devices into the grid to facilitate remote operation and control of power systems. However, this integration exposes many existing vulnerabilities of conventional supervisory control and data acquisition (SCADA) systems, resulting in severe cyber threats to the smart grid and potential violation of security objectives. Stealing sensitive information, modifying firmware, or injecting function codes through compromised devices are examples of possible attacks on the smart grid. Therefore, early detection of cyberattacks on the grid is crucial to protect it from sabotage. Machine learning (ML) methods are conventional approaches for detecting cyberattacks that use features of smart grid networks. However, developing an effective, highly accurate detection method with reduced computational overload, is still a challenging research problem. In this work, an efficient and effective security control approach is proposed to detect cyberattacks on the smart grid. The proposed approach combines both feature reduction and detection techniques to reduce the extremely large number of features and achieve an improved detection rate. A correlation-based feature selection (CFS) method is used to remove irrelevant features, improving detection efficiency. An instance-based learning (IBL) algorithm classifies normal and cyberattack events using the selected optimal features. This study describes a set of experiments conducted on public datasets from a SCADA power system based on a 10-fold cross-validation technique. Experimental results show that the proposed approach achieves a high detection rate based on a small number of features drawn from SCADA power system measurements.
Cyberattack
Optimal features
Optimization
SCADA power system
Smart grid
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/20.500.11770/307327
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 20
  • ???jsp.display-item.citation.isi??? 12
social impact