Abstract

The advent of the Smart Grid (SG) raises severe cybersecurity risks that can lead to devastating consequences. In this paper, we present a novel anomaly-based Intrusion Detection System (IDS), called ARIES (smArt gRid Intrusion dEtection System), which is capable of protecting efficiently SG communications. ARIES combines three detection layers that are devoted to recognising possible cyberattacks and anomalies against (a) network flows, (b) Modbus/Transmission Control Protocol (TCP) packets and (c) operational data. Each detection layer relies on a Machine Learning (ML) model trained using data originating from a power plant. In particular, the first layer (network flow-based detection) performs a supervised multiclass classification, recognising Denial of Service (DoS), brute force attacks, port scanning attacks and bots. The second layer (packet-based detection) detects possible anomalies related to the Modbus packets, while the third layer (operational data based detection) monitors and identifies anomalies upon operational data (i.e., time series electricity measurements). By emphasising on the third layer, the ARIES Generative Adversarial Network (ARIES GAN) with novel error minimisation functions was developed, considering mainly the reconstruction difference. Moreover, a novel reformed conditional input was suggested, consisting of random noise and the signal features at any given time instance. Based on the evaluation analysis, the proposed GAN network overcomes the efficacy of conventional ML methods in terms of Accuracy and the F1 score.

Highlights

  • The Smart Grid (SG) as the convergence of the electrical system engineering with the Information and Communication Technology (ICT) is expected to eliminate the significant limitations and shortcomings of the existing electrical grid, such as the energy conversation, the demand response and the optimal utilisation of the various assets

  • It should be noted that ARIES is a Network Intrusion Detection System (IDS) (NIDS) capable of receiving the network traffic data generated in a subnet (i.e., ARIES is installed in a centralised server, which aggregates the network traffic generated by all devices utilising a Switched Port Analyser (SPAN) port)

  • It is noteworthy that regarding the first detection layer of ARIES, the following metrics were calculated by measuring entirely True Positives (TP), True Negatives (TN), FP and False Negatives (FN) for each class

Read more

Summary

Introduction

The Smart Grid (SG) as the convergence of the electrical system engineering with the Information and Communication Technology (ICT) is expected to eliminate the significant limitations and shortcomings of the existing electrical grid, such as the energy conversation, the demand response and the optimal utilisation of the various assets. The autonomous nature of the IoT devices to communicate with each other without human intervention increases significantly the cybersecurity concerns Both academia and industry have identified novel authentication and access control mechanisms that can enhance the overall security and safety of SG [6,7,8]. The IEC 62351 standard [9] defines appropriate solutions aiming to meet the security gaps of the vulnerable SCADA communication protocols These solutions may be efficient, their implementation and validation in real conditions is a challenging step since the procedures of the electrical grid should operate continuously. Concerning the operational data-based detection (third detection layer), a novel Generative Adversarial Network (GAN) [10,11] called ARIES GAN was implemented, which overcomes the detection performance of conventional ML methods.

Related Work and Contributions
Related Work
Contributions
ARIES Architecture
Data Collection Module
ARIES Analysis Engine
Response Module
ARIES GAN
Evaluation Environment
Datasets
Evaluation Results
ML Method
Conclusions
Full Text

Published Version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Graph neural networks classify molecular geometry and design novel order parameters of crystal and liquid.
Satoki Ishiai ... Kenji Yasuoka
The Journal of Chemical Physics | VOL. 159
Satoki Ishiai, et. al.Satoki Ishiai ... Kenji Yasuoka
08 Aug 2023
Automated diagnosis of myositis from muscle ultrasound: Exploring the use of machine learning and deep learning methods.
Philippe Burlina ... Neil Joshi
PLOS ONE | VOL. 12
Philippe Burlina, et. al.Philippe Burlina ... Neil Joshi
30 Aug 2017
Deep Learning Algorithms for Bearing Fault Diagnostics—A Comprehensive Review
Shen Zhang ... Bingnan Wang
IEEE Access | VOL. 8
Shen Zhang, et. al.Shen Zhang ... Bingnan Wang
01 Jan 2020
A Comparative Study of Convolutional Neural Networks and Conventional Machine Learning Models for Lithological Mapping Using Remote Sensing Data
Hojat Shirmard ... Rohitash Chandra
Remote Sensing | VOL. 14
Hojat Shirmard, et. al.Hojat Shirmard ... Rohitash Chandra
09 Feb 2022
View more papers

More From: Sensors

Paper Title
Journal
Date
Author
An Investigation into High-Accuracy and Energy-Efficient Novel Capacitive MEMS for Tire Pressure Sensor Application
Liang Luo ... Changde He
Sensors | VOL. 24
Liang Luo, et. al.Liang Luo ... Changde He
17 Dec 2024
MR Elastography Using the Gravitational Transducer
Omar Isam Darwish ... Ralph Sinkus
Sensors | VOL. 24
Omar Isam Darwish, et. al.Omar Isam Darwish ... Ralph Sinkus
17 Dec 2024
Mind the Step: An Artificial Intelligence-Based Monitoring Platform for Animal Welfare
Andrea Michielon ... Cesare Furlanello
Sensors | VOL. 24
Andrea Michielon, et. al.Andrea Michielon ... Cesare Furlanello
17 Dec 2024
Arrhythmia Detection by Data Fusion of ECG Scalograms and Phasograms
Michele Scarpiniti
Sensors | VOL. 24
Michele ScarpinitiMichele Scarpiniti
17 Dec 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.