Smart grid cyberattack types classification: A fine tree bagging-based ensemble learning approach with feature selection

Abstract

This paper focuses on the detection and classification of the cyberattack types in smart grid substation automation systems. The previous work in the literature focuses only on the detection of the attacks without providing any information regarding the attack’s type, which is a key in identifying the appropriate countermeasures. In this paper, a novel approach that uses a fine tree bagging ensemble learning technique is developed to detect and classify the cyberattack types from normal and power quality disturbances. Furthermore, the relevant features of different cyber-attack types such as message suppression, denial-of-service and data manipulation have been identified. The proposed approach is tested on a publicly available dataset and the results are compared to three other machine learning algorithms, namely decision tree, nearest neighbor, and support vector machine. The results have shown that the proposed approach is very effective in the detection and the classification of the attack types as well as it is insensitive to the selection of the training and the testing datasets unlike other existing approaches in the literature.