TY - GEN
T1 - Detecting Cyber-Attacks in Modern Power Systems Using an Unsupervised Monitoring Technique
AU - Bouyeddou, Benamar
AU - Harrou, Fouzi
AU - Sun, Ying
N1 - KAUST Repository Item: Exported on 2021-11-20
Acknowledged KAUST grant number(s): OSR-2019-CRG7-3800
Acknowledgements: This publication is based upon word supported by King Abdullah University of Science and Technology (KAUST), Office of Sponsored Research (OSR) under Award No: OSR-2019-CRG7-3800.
PY - 2021/8/13
Y1 - 2021/8/13
N2 - Cyber-attacks detection in modern power systems is undoubtedly indispensable to enhance their resilience and guarantee the continuous production of electricity. As the number of attacks is very small compared to normal events, and attacks are unpredictable, it is not obvious to build a model for attacks. Here, only anomaly-free measurements are utilized to build a reference model for intrusion detection. Specifically, this study presents an unsupervised intrusion detection approach using the k-nearest neighbor algorithm and exponential smoothing monitoring scheme for uncovering attacks in modern power systems. Essentially, the k-nearest neighbor algorithm is implemented to compute the deviation between actual measurements and the faultless (training) data. Then, the exponential smoothing method is used to set up a detection decision-based kNN metric for anomaly detection. The proposed procedure has been tested to detect cyber-attacks in a two-line three-bus power transmission system. The proposed approach has been shown good detection performance.
AB - Cyber-attacks detection in modern power systems is undoubtedly indispensable to enhance their resilience and guarantee the continuous production of electricity. As the number of attacks is very small compared to normal events, and attacks are unpredictable, it is not obvious to build a model for attacks. Here, only anomaly-free measurements are utilized to build a reference model for intrusion detection. Specifically, this study presents an unsupervised intrusion detection approach using the k-nearest neighbor algorithm and exponential smoothing monitoring scheme for uncovering attacks in modern power systems. Essentially, the k-nearest neighbor algorithm is implemented to compute the deviation between actual measurements and the faultless (training) data. Then, the exponential smoothing method is used to set up a detection decision-based kNN metric for anomaly detection. The proposed procedure has been tested to detect cyber-attacks in a two-line three-bus power transmission system. The proposed approach has been shown good detection performance.
UR - http://hdl.handle.net/10754/670628
UR - https://ieeexplore.ieee.org/document/9510510/
U2 - 10.1109/ECBIOS51820.2021.9510510
DO - 10.1109/ECBIOS51820.2021.9510510
M3 - Conference contribution
SN - 978-1-7281-9305-2
BT - 2021 IEEE 3rd Eurasia Conference on Biomedical Engineering, Healthcare and Sustainability (ECBIOS)
PB - IEEE
ER -