Machine Learning in Generation, Detection, and Mitigation of Cyberattacks in Smart Grid: A Survey (original) (raw)
Related papers
Artificial Intelligence Techniques to Prevent Cyber Attacks on Smart Grids
Annals of Disaster Risk Sciences, 2020
Energy is one of the main elements that allows society to maintain its living standards and continue as usual. For this reason, the energy distribution is both one of the most important and targeted by attacks Critical Infrastructure. Many of the other Critical Infrastructures rely on energy to work reliably. Some states are particularly interested in getting stealth access to -and take control of- energy production and distribution of other Nations. This way they can create huge disruption and get a significant advantage in case of conflict. In the recent past, we could observe some real-life demonstrations of this fact. The introduction of smart grids and ICT in the management of energy infrastructures has great benefits but also introduces new attack surfaces and ways for attackers to gain control. As a benefit, we can also collect more data and metrics to better understand the state of the grid. New techniques based on Artificial Intelligence and machine learning can take advant...
Machine Learning Methods for Attack Detection in the Smart Grid
IEEE Transactions on Neural Networks and Learning Systems, 2015
Attack detection problems in the smart grid are posed as statistical learning problems for different attack scenarios in which the measurements are observed in batch or online settings. In this approach, machine learning algorithms are used to classify measurements as being either secure or attacked. An attack detection framework is provided to exploit any available prior knowledge about the system and surmount constraints arising from the sparse structure of the problem in the proposed approach. Well-known batch and online learning algorithms (supervised and semi-supervised) are employed with decision and feature level fusion to model the attack detection problem. The relationships between statistical and geometric properties of attack vectors employed in the attack scenarios and learning algorithms are analyzed to detect unobservable attacks using statistical learning methods. The proposed algorithms are examined on various IEEE test systems. Experimental analyses show that machine learning algorithms can detect attacks with performances higher than the attack detection algorithms which employ state vector estimation methods in the proposed attack detection framework.
A Sequential Supervised Machine Learning Approach for Cyber Attack Detection in a Smart Grid System
2021 North American Power Symposium (NAPS), 2021
Modern smart grid systems are heavily dependent on Information and Communication Technology, and this dependency makes them prone to cyber-attacks. The occurrence of a cyber-attack has increased in recent years resulting in substantial damage to power systems. For a reliable and stable operation, cyber protection, control, and detection techniques are becoming essential. Automated detection of cyberattacks with high accuracy is a challenge. To address this, we propose a two-layer hierarchical machine learning model having an accuracy of 95.44 % to improve the detection of cyberattacks. The first layer of the model is used to distinguish between the two modes of operation-normal state or cyberattack. The second layer is used to classify the state into different types of cyberattacks. The layered approach provides an opportunity for the model to focus its training on the targeted task of the layer, resulting in improvement in model accuracy. To validate the effectiveness of the proposed model, we compared its performance against other recent cyber attack detection models proposed in the literature.
Machine Learning-based Intrusion Detection for Smart Grid Computing: A Survey
ACM Transactions on Cyber-Physical Systems
Machine learning (ML)-based intrusion detection system (IDS) approaches have been significantly applied and advanced the state-of-the-art system security and defense mechanisms. In smart grid computing environments, security threats have been significantly increased as shared networks are commonly used, along with the associated vulnerabilities. However, compared to other network environments, ML-based IDS research in a smart grid is relatively unexplored although the smart grid environment is facing serious security threats due to its unique environmental vulnerabilities. In this paper, we conducted an extensive survey on ML-based IDS in smart grids based on the following key aspects: (1) The applications of the ML-based IDS in transmission and distribution side power components of a smart power grid by addressing its security vulnerabilities; (2) dataset generation process and its usage in applying ML-based IDSs in the smart grid; (3) a wide range of ML-based IDSs used by the surv...
AI-Empowered Attack Detection and Prevention Scheme for Smart Grid System
Mathematics
The existing grid infrastructure has already begun transforming into the next-generation cyber-physical smart grid (SG) system. This transformation has improved the grid’s reliability and efficiency but has exposed severe vulnerabilities due to growing cyberattacks and threats. For example, malicious actors may be able to tamper with system readings, parameters, and energy prices and penetrate to get direct access to the data. Several works exist to handle the aforementioned issues, but they have not been fully explored. Consequently, this paper proposes an AI-ADP scheme for the SG system, which is an artificial intelligence (AI)-based attack-detection and prevention (ADP) mechanism by using a cryptography-driven recommender system to ensure data security and integrity. The proposed AI-ADP scheme is divided into two phases: (i) attack detection and (ii) attack prevention. We employed the extreme gradient-boosting (XGBoost) mechanism for attack detection and classification. It is a n...
Machine Learning in Cybersecurity : Applications, Challenges and Future Directions
International Journal of Scientific Research in Computer Science, Engineering and Information Technology, 2024
Machine learning (ML) is transforming cybersecurity by enabling advanced detection, prevention and response mechanisms. This paper provides a comprehensive review of ML's role in cybersecurity, examining both theoretical frameworks and practical implementations. It outlines the emerging threats targeting ML models, such as adversarial attacks, data poisoning and model inversion attacks and discusses state-of-the-art defense strategies, including adversarial training, robust architectures and differential privacy. Additionally, the paper explores various ML applications in cybersecurity from intrusion detection to malware classification, highlighting their impact on enhancing security measures. An anomaly inference algorithm is proposed for the early detection of cyber-intrusions at the substations. Cybersecurity has become a vital research area. The paper concludes with a discussion on the key research directions and best practices for creating secure and resilient ML systems in a data-driven world. This paper delves into how Machine Learning (ML) revolutionizes cybersecurity, empowering advanced detection, prevention, and response mechanisms. It offers a thorough exploration of ML's pivotal role in cybersecurity, encompassing theoretical frameworks and practical applications. It addresses emerging threats like adversarial attacks and data poisoning, alongside cutting-edge defense strategies such as adversarial training and robust architectures.
A review of machine learning techniques for the cybersecurity of critical infrastructures
9th International Conference Redefining Community in Intercultural Context RCIC’20 European Cultural Community, 2020
An essential component of the National security consists of the protection of its critical infrastructures (CIs), whether they are physical or virtual, as any disruption of their services could have a serious impact on economic well-being, public health or safety, or any combination of these. Any shutdown or delay may determine financial losses and major risks to people and the environment. All modern CIs are controlled by Industrial Control Systems (ICS) being dependent on their correct and continuous undisturbed functioning. Modern ICSs are inherently much less secure and exposed to the majority of cyber-attacks that are becoming more advanced and sophisticated. Consequently, efficient tools for the protection of hardware and software components of ICSs are required. One such class consists of intrusion prevention and detection systems (IPDS). Contemporary IPDSs use machine learning algorithms to detect threats manifested as anomalous behavior of a particular system. To provide robust detection systems with sufficient layers of protection, these must be combined with other methods and extensively tested with good datasets and using appropriate testbeds. Recent research suggests that conventional intrusion detection approaches are unable to cope with the complexity and ever-changing nature of industrial intrusion attacks. Moreover, deep learning methods are achieving state-of-the-art results across a range of difficult problem domains. The objective of our paper is to identify and discuss machine learning-based intrusion detection and protection methods and their implementation in industrial control intrusion detection systems, able to contribute to ensuring national security.
Future Internet
Smart grids are rapidly replacing conventional networks on a worldwide scale. A smart grid has drawbacks, just like any other novel technology. A smart grid cyberattack is one of the most challenging things to stop. The biggest problem is caused by millions of sensors constantly sending and receiving data packets over the network. Cyberattacks can compromise the smart grid’s dependability, availability, and privacy. Users, the communication network of smart devices and sensors, and network administrators are the three layers of an innovative grid network vulnerable to cyberattacks. In this study, we look at the many risks and flaws that can affect the safety of critical, innovative grid network components. Then, to protect against these dangers, we offer security solutions using different methods. We also provide recommendations for reducing the chance that these three categories of cyberattacks may occur.
Sustainability
Smart grids (SG) emerged as a response to the need to modernize the electricity grid. The current security tools are almost perfect when it comes to identifying and preventing known attacks in the smart grid. Still, unfortunately, they do not quite meet the requirements of advanced cybersecurity. Adequate protection against cyber threats requires a whole set of processes and tools. Therefore, a more flexible mechanism is needed to examine data sets holistically and detect otherwise unknown threats. This is possible with big modern data analyses based on deep learning, machine learning, and artificial intelligence. Machine learning, which can rely on adaptive baseline behavior models, effectively detects new, unknown attacks. Combined known and unknown data sets based on predictive analytics and machine intelligence will decisively change the security landscape. This paper identifies the trends, problems, and challenges of cybersecurity in smart grid critical infrastructures in big d...