skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

Abstract

The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

Authors:
; ;
Publication Date:
Research Org.:
Idaho National Laboratory (INL)
Sponsoring Org.:
DOE - OE
OSTI Identifier:
1055968
Report Number(s):
INL/CON-12-25647
DOE Contract Number:  
DE-AC07-05ID14517
Resource Type:
Conference
Resource Relation:
Conference: 5th International Symposium on Resilient Control Systems,Salt Lake City, UT,08/14/2012,08/16/2012
Country of Publication:
United States
Language:
English
Subject:
97 MATHEMATICS AND COMPUTING; Anomaly Detection; Cyber Sensor; Fuzzy Logic System

Citation Formats

Linda, Ondrej, Vollmer, Todd, and Manic, Milos. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge. United States: N. p., 2012. Web.
Linda, Ondrej, Vollmer, Todd, & Manic, Milos. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge. United States.
Linda, Ondrej, Vollmer, Todd, and Manic, Milos. Wed . "Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge". United States. https://www.osti.gov/servlets/purl/1055968.
@article{osti_1055968,
title = {Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge},
author = {Linda, Ondrej and Vollmer, Todd and Manic, Milos},
abstractNote = {The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.},
doi = {},
url = {https://www.osti.gov/biblio/1055968}, journal = {},
number = ,
volume = ,
place = {United States},
year = {2012},
month = {8}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: