ABSTRACT
While power grid systems benefit from utilizing communication network through networked control and protection, the addition of communication exposes the power system to new security vulnerabilities and potential attacks. To mitigate these attacks, such as denial of service, intrusion detection systems (IDS) are often employed. In this paper we investigate the relationship of IDS accuracy performance to the stability of power systems via its impact on communication latency. Several IDS machine learning algorithms are implemented on the NSL-KDD dataset to obtain accuracy performance, and a mathematical model for computing the latency when incorporating IDS detection information during network routing is introduced. Simulation results on the New England 39-bus power system suggest that during a cyber-physical attack, a practical IDS can achieve similar stability as an ideal IDS with perfect detection. In addition, false positive rate has been found to have a larger impact than false negative rate under the simulation conditions studied. These observations can contribute to the design requirements of future embedded IDS solutions for power systems.
- Udp-based amplification attacks, 2016.Google Scholar
- J. P. Anderson. Computer security threat monitoring and surveillance. Technical report, James P. Anderson Co., 1980.Google Scholar
- S. Baker and S. Waterman. In the Crossfire: Critical Infrastructure in the Age of Cyber War. Technical report, McAfee, 2009.Google Scholar
- C. Bennett and D. Highfill. Networking ami smart meters. In Energy 2030 Conference, 2008. ENERGY 2008. IEEE, pages 1--8, Nov 2008.Google ScholarCross Ref
- C. M. Bishop. Pattern Recognition and Machine Learning. Springer-Verlag New York, Inc., Secaucus, NJ, 2006. Google ScholarDigital Library
- C. Cortes and V. Vapnik. Support-vector networks. Machine Learning, 20(3): 273--297. Google ScholarDigital Library
- A. K. Farraj, E. M. Hammad, and D. Kundur. A cyber-enabled stabilizing controller for resilient smart grid systems. In Innovative Smart Grid Technologies Conference (ISGT), 2015 IEEE Power Energy Society, pages 1--5, Feb 2015.Google ScholarCross Ref
- E. M. Hammad, A. K. Farraj, and D. Kundur. A resilient feedback linearization control scheme for smart grids under cyber-physical disturbances. In Innovative Smart Grid Technologies Conference (ISGT), 2015 IEEE Power Energy Society, pages 1--5, Feb 2015.Google ScholarCross Ref
- E. Lee. Cps foundations. In Design Automation Conference (DAC), 2010 47th ACM/IEEE, pages 737--742, June 2010. Google ScholarDigital Library
- Y. Liu, P. Ning, and M. K. Reiter. False data injection attacks against state estimation in electric power grids. ACM Trans. Inf. Syst. Secur., 14(1): 13:1--13:33, June 2011. Google ScholarDigital Library
- M. McGranaghan, D. Von Dollen, P. Myrda, and E. Gunther. Utility experience with developing a smart grid roadmap. In Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century, 2008 IEEE, pages 1--5, July 2008.Google ScholarCross Ref
- R. Mitchell and I.-R. CHhen. A survey of intrusion detection techniques for cyber-physical systems. ACM Computing Surveys, 46(4): 55:1--55:29, 2014. Google ScholarDigital Library
- R. C. Nabendu Chaki. Intrusion Detection in Wireless Ad-Hoc Networks. CRC Press, 2014.Google Scholar
- V. Namboodiri, V. Aravinthan, S. Mohapatra, B. Karimi, and W. Jewell. Toward a secure wireless-based home area network for metering in smart grids. Systems Journal, IEEE, 8(2): 509--520, June 2014.Google ScholarCross Ref
- N. Saputro, K. Akkaya, and S. Uludag. A survey of routing protocols for smart grid communications. Computer Networks, 56(11): 2742--2771, jul 2012. Google ScholarDigital Library
- M. Tavallaee, E. Bagheri, W. Lu, and A. Ghorbani. A detailed analysis of the kdd cup 99 data set. In Computational Intelligence for Security and Defense Applications, 2009. CISDA 2009. IEEE Symposium on, pages 1--6, July 2009. Google ScholarDigital Library
- N. Tsikoudis, A. Papadogiannakis, and E. P. Markatos. Leonids: A low-latency and energy-efficient network-level intrusion detection system. IEEE Transactions on Emerging Topics in Computing, 4(1): 142--155, Jan 2016. Google ScholarDigital Library
- M. E. Whitman and H. J. Mattord. Principles of Information Security. Course Technology, 2011. Google ScholarDigital Library
- A. Wood and J. Stankovic. Denial of service in sensor networks. Computer, 35(10): 54--62, Oct 2002. Google ScholarDigital Library
- Y. Zhang, L. Wang, W. Sun, R. Green, and M. Alam. Distributed intrusion detection system in a multi-layer network architecture of smart grids. Smart Grid, IEEE Transactions on, 2(4): 796--808, Dec 2011.Google Scholar
Recommendations
Enhancing Intrusion Detection System with proximity information
Intrusion Detection Systems (IDSes) proposed to identify or prevent the wide spread of worms can be largely classified as signature-based or anomaly-based. Modern worms are often sufficiently intelligent to hide their activities and evade anomaly ...
Overview of intrusion detection and intrusion prevention
InfoSecCD '08: Proceedings of the 5th annual conference on Information security curriculum developmentThis report provides an overview of IPS systems. In the first section a comparison of IDS and IPS is made, where an IPS system is defined as an integration of IDS and a firewall. The second section describes what is needed to set up an IPS system. In ...
Intrusion Detection System: A Comparative Study of Machine Learning-Based IDS
The use of encrypted data, the diversity of new protocols, and the surge in the number of malicious activities worldwide have posed new challenges for intrusion detection systems (IDS). In this scenario, existing signature-based IDS are not performing ...
Comments