Development of Intrusion Detection System Using Deep Learning for Classifying Attacks in Power Systems

Abstract

Interconnected devices have increased rapidly, and smart power grids have adapted this technology for increased reliability and fault tolerance. Due to exposure of power grid devices to the Internet, it is highly vulnerable to unauthorized access and susceptible to unsettling, inexorable cyberattacks. Power grid is a critical component of infrastructure, whose unimpaired survivability is an irrevocable requirement in recent times. This paper investigates the applicability of machine learning (ML) algorithms, to detect and identify attacks on power grids, as these algorithms can identify subtle variations in data caused by cyberattacks in the power grid networks. A standard power system dataset, from Mississippi State University and Oak Ridge National Laboratories (MSU-ONL dataset) were employed in this study. A deep neural network (DNN) model was built to classify the power system data as attacks, normal, and no-events classes. Conventional ML models such as OneR, K Nearest Neighbour (KNN), Random Forest, Support Vector Machines (SVM) and Naive Bayes were compared with DNN, to gauge DNN’s efficacy in the detection of cyberattack. Principal Component Analysis (PCA) was applied to reduce the dimensionality of the acquired data, and its effects on performance measures were studied. The empirical results show that the Random Forest model, which is an ensemble classifier, identifies attacks with highest accuracy compared to the other ML and deep learning options. SVM and DNN show improved performance when combined with PCA. Test results substantiate that SVM, Random Forest and DNN algorithms are apropos to deployment of Intrusion Detection System (IDS) appliances on power grid systems.