Cyberattacks identification in IEC 61850 based substation using proximal support vector machine

Abstract

Maintaining the reliable, efficient, secure and multifunctional IEC 61850 based substation is an extremely challenging task, especially in the ever-evolving cyberattacks domain. This challenge is also exacerbated with expending the modern power system (MPS) to meet the demand along with growing availability of hacking tools in the hacker community. Few of the most serious threats in the substation automation system (SAS) are DoS (Denial of Services), MS (Message Suppression) and DM (Data Manipulation) attacks, where DoS is due to flood bogus frames. In MS, hacker inject the GOOSE sequence (sqNum) and GOOSE status (stNum) number. In the DM attacks, attacker modify current measurements reported by the merging units, inject modified boolean value of circuit breaker and replay a previously valid message. In this paper, an intelligent cyberattacks identification approach in IEC 61850 based SAS using PSVM (proximal support vector machine) is proposed. The performance of the proposed approach is demonstrated using experimental dataset of recorded signatures. The obtained results of the demonstrated study shows the effectiveness and high level of acceptability for real side implementation to protect the SAS from the cyberattacks in different scenarios.