Ensemble learning methods for power system cyber-attack detection
ABSTRACT
Power system is one of the most important industrial control systems in today’s society. In recent years, power systems have been well researched and developed extensively with a high rate. In order to optimally integrate systems and reduce costs, lots of advanced information technologies are involved into power systems. Traditional power system is changing to the smart power grid rapidly. Therefore, modern power systems are now exposing to the public network and information security is becoming a new threat to resilience. In this work, we explore the suitability of ensemble learning methods as a means of detecting power system cyber-attack. We evaluate various ensemble learning methods as cyberattack detectors and discuss the practical implications for deploying ensemble learning methods as an enhancement to existing power system architectures.
EXISTING SYSTEM :
Nowadays, the using of intelligent data mining approaches to predict intrusion in local area networks has been increasing rapidly. In this paper, an improved approach for Intrusion Detection System (IDS) based on combining data mining and expert system is presented and implemented in WEKA. The taxonomy consists of a classification of the detection principle as well as certain WEKA aspects of the intrusion detection system such as open-source data mining. Power system is one of the most important industrial control systems in today’s society. In recent years, power systems have been well researched and developed extensively with a high rate.
PROPOSED SYSTEM :
In this work, we explore the suitability of ensemble learning methods as a means of detecting power system cyber-attack. We evaluate the classification performance of various ensemble learning methods. They are evaluated in the terms of classification accuracy, precision, recall and Fmeasure. 15 power system attack datasets are used in this paper to evaluate those ensemble learning methods. These datasets are collected from a model power system constructed by Mississippi State University and Oak Ridge National Laboratory . Each dataset has about five thousand instances. The datasets contains 129 features. These features consist of 116 columns for phasor measurements of electrical waves, 12 columns for control panel logs, Snort alerts and relay logs and the one column for label. In total, 6 kinds of event scenarios are recorded in the datasets. To simple the experiment, we grouped these event scenarios as either an attack or normal operations. The remainder of this paper is organized as follows. Section 2 is related work. Section 3 discusses our methodology of ensemble learning methods.
CONCLUSION
`The classification approaches to machine learning are still not widely used in ICS as an intrusion detection system . Especially, using ensemble learning methods in an ICS environment is a relatively new topic. According to the results of applying ensemble learning methods to these power system datasets, it can be concluded that ensemble learning is available approach to providing reliable decision support to power system operators on whether the system is under attack. Despite these results, we consider that further work is necessary to make ensemble learning systems deployable in an operation environment. It is necessary for these results to be tested on a broader set of power system data with a wider variety of classification schemes, learning approaches, and amounts of labeled data. This work can be treated as an initial set of evidence for the application of ensemble learning methods in ICS environment and motivation for further research.