Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

Title: Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge

Full Record
Other Related Research

Abstract

The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.

Authors:: Linda, Ondrej; Vollmer, Todd; Manic, Milos

Publication Date:: 2012-08-01

Research Org.:: Idaho National Laboratory (INL)

Sponsoring Org.:: DOE - OE

OSTI Identifier:: 1055968

Report Number(s):: INL/CON-12-25647

DOE Contract Number:: DE-AC07-05ID14517

Resource Type:: Conference

Resource Relation:: Conference: 5th International Symposium on Resilient Control Systems,Salt Lake City, UT,08/14/2012,08/16/2012

Country of Publication:: United States

Language:: English

Subject:: 97 MATHEMATICS AND COMPUTING; Anomaly Detection; Cyber Sensor; Fuzzy Logic System

Citation Formats


                    Linda, Ondrej, Vollmer, Todd, and Manic, Milos. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge.  United States: N. p., 2012. 
        Web.

Copy to clipboard


                    Linda, Ondrej, Vollmer, Todd, & Manic, Milos. Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge.  United States.

Copy to clipboard


                    Linda, Ondrej, Vollmer, Todd, and Manic, Milos. Wed .  
        "Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge".  United States.  https://www.osti.gov/servlets/purl/1055968.

Copy to clipboard


                    
@article{osti_1055968,

  title        = {Improving Cyber-Security of Smart Grid Systems via Anomaly Detection and Linguistic Domain Knowledge},

  author       = {Linda, Ondrej and Vollmer, Todd and Manic, Milos},

  abstractNote = {The planned large scale deployment of smart grid network devices will generate a large amount of information exchanged over various types of communication networks. The implementation of these critical systems will require appropriate cyber-security measures. A network anomaly detection solution is considered in this work. In common network architectures multiple communications streams are simultaneously present, making it difficult to build an anomaly detection solution for the entire system. In addition, common anomaly detection algorithms require specification of a sensitivity threshold, which inevitably leads to a tradeoff between false positives and false negatives rates. In order to alleviate these issues, this paper proposes a novel anomaly detection architecture. The designed system applies the previously developed network security cyber-sensor method to individual selected communication streams allowing for learning accurate normal network behavior models. Furthermore, the developed system dynamically adjusts the sensitivity threshold of each anomaly detection algorithm based on domain knowledge about the specific network system. It is proposed to model this domain knowledge using Interval Type-2 Fuzzy Logic rules, which linguistically describe the relationship between various features of the network communication and the possibility of a cyber attack. The proposed method was tested on experimental smart grid system demonstrating enhanced cyber-security.},

  doi          = {},

  url          = {https://www.osti.gov/biblio/1055968},
  journal      = {},
number       = ,

  volume       = ,

  place        = {United States},

  year         = {2012},

  month        = {8}

}

Copy to clipboard

Conference:

View Conference

Other availability

Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share:

Export Metadata

Save to My Library

Similar records in OSTI.GOV collections:

Towards Resilient Critical Infrastructures: Application of Type-2 Fuzzy Logic in Embedded Network Security Cyber Sensor

Conference Linda, Ondrej ; Vollmer, Todd ; Alves-Foss, Jim ; ...

Resiliency and cyber security of modern critical infrastructures is becoming increasingly important with the growing number of threats in the cyber-environment. This paper proposes an extension to a previously developed fuzzy logic based anomaly detection network security cyber sensor via incorporating Type-2 Fuzzy Logic (T2 FL). In general, fuzzy logic provides a framework for system modeling in linguistic form capable of coping with imprecise and vague meanings of words. T2 FL is an extension of Type-1 FL which proved to be successful in modeling and minimizing the effects of various kinds of dynamic uncertainties. In this paper, T2 FL providesmore »« less
Full Text Available
Adaptive Neuro Fuzzy Inference System for Cyber-Intrusion Detection in a Smart Grid

Conference Bedoya, Juan C. ; Liu, Chen-Ching ; Xie, Jing

The evolution of the power grid has brought increasing deployment of advance metering infrastructure, penetration of intelligent electronic devices, and integration of physical power system components with information and communications technologies. With the fast-expanding connectivity, cyber vulnerabilities arise due to the use of internet-based communication systems. These systems are targets of cyber-intrusions which attempt to disturb the normal power system functions. Traditional intrusion detection algorithms have been developed without an explicit model of the cyber components. In this paper, an algorithm to detect false data injections in the power system is proposed considering both cyber and physical models of themore »« less
Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems

Conference Ferragut, Erik M ; Laska, Jason A ; Melin, Alexander M ; ...

The consolidation of cyber communications networks and physical control systems within the energy smart grid introduces a number of new risks. Unfortunately, these risks are largely unknown and poorly understood, yet include very high impact losses from attack and component failures. One important aspect of risk management is the detection of anomalies and changes. However, anomaly detection within cyber security remains a difficult, open problem, with special challenges in dealing with false alert rates and heterogeneous data. Furthermore, the integration of cyber and physical dynamics is often intractable. And, because of their broad scope, energy grid cyber-physical systems must bemore »« less
Demand Response and Smart Buildings: A Survey of Control, Communication, and Cyber-Physical Security

Journal Article Qi, Junjian ; Kim, Youngjin ; Chen, Chen ; ... - ACM Transactions on Cyber-Physical Systems

In this paper, we perform a comprehensive survey of the technical aspects related to the implementation of demand response and smart buildings. Specifically, we discuss various smart loads such as heating, ventilating, and air-conditioning (HVAC) systems and plug-in electric vehicles (PEVs); the power architecture with multibus characteristics; different control algorithms such as the hybrid centralized and decentralized control and the distributed coordination among buildings; the communication technologies and network architectures; and the potential cyber-physical security issues and possible mechanisms for enhancing the system security at both cyber and physical layers. Finally, the current status of the demand response in Unitedmore »« less
https://doi.org/10.1145/3009972

Full Text Available
Fuzzy Logic Based Anomaly Detection for Embedded Network Security Cyber Sensor

Conference Linda, Ondrej ; Vollmer, Todd ; Wright, Jason ; ...

Resiliency and security in critical infrastructure control systems in the modern world of cyber terrorism constitute a relevant concern. Developing a network security system specifically tailored to the requirements of such critical assets is of a primary importance. This paper proposes a novel learning algorithm for anomaly based network security cyber sensor together with its hardware implementation. The presented learning algorithm constructs a fuzzy logic rule based model of normal network behavior. Individual fuzzy rules are extracted directly from the stream of incoming packets using an online clustering algorithm. This learning algorithm was specifically developed to comply with the constrainedmore »« less
Full Text Available

Similar Records