A Decentralized Intrusion Detection System for Security of Generation Control

Abstract

Recently, several incidents have been reported relating to security breaches in the power system network. As the operation of the automatic generation control (AGC) system fully depends on communication technologies, any compromise in its functionality could lead to total system collapse. For example, the intruders may target the communication network of the legacy grid by launching deception and data-availability attacks, which have the potential to manipulate the crucial telemetered quantities, such as wide-area sensor measurements and (or) the control signals. Despite significant work on AGC security, most of the past studies were limited to the detection of intrusions in sensor measurements, and less emphasis is given to addressing the impact of attacks on control signals. To this end, this article proposes a decentralized intrusion detection system (IDS) that jointly identifies data anomalies in the sensor measurement and the control signals. The IDS is powered by a novel machine learning (ML) classifier, which we call cluster-driven ensemble learning (CDEL) algorithm. The proposed CDEL is based on the ensemble principle that combines the predictive power of multiple support vector machines and the <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$K$ </tex-math></inline-formula> -means clustering algorithm. Experimental results reveal the supremacy of CDEL over existing state-of-the-art ML techniques.