A hybrid anomaly-based intrusion detection system to improve time complexity in the Internet of Energy environment

Abstract

The technological evolution of the smart grids is going to take its shape in the form of a new paradigm called the Internet of Energy (IoE); which is considered to be the convergence of internet, communication, and energy. Like other evolved technologies, the IoE inherits security vulnerabilities from its constituents that need to be addressed. Intrusion Detection Systems (IDS) have been used to counteract malicious attacks. Among the types of IDS, anomaly-based IDS that employ mostly machine learning algorithms are considered to be the promising one, owing to their capability of detecting zero-day attacks. However, using complex algorithms to detect attacks, the existing anomaly-based IDS designed for IoE require considerable amount of time. It is tempting to reduce the training and testing time in order to make the IDS feasible for the IoE architecture. In this paper, we propose a hybrid anomaly-based IDS that can be installed at any networked site of the IoE architecture, such as Advanced Metering Infrastructure (AMI), to counteract security attacks. Our proposed system reduces the overall classification time of detection compared to the existing hybrid methods. The proposed solution uses a combination of K-means and Support Vector Machine, where the K-means centroids are used in a unique training method that reduces the training and testing times of the Support Vector Machine without compromising classification performance. We choose the best value of “k” and fine-tuned the SVM for best anomaly detection. Our approach achieves the highest accuracy of 99.9% in comparison with the existing approaches.