A new methodology for anomaly detection of attacks in IEC 61850-based substation system. (August 2022)
- Record Type:
- Journal Article
- Title:
- A new methodology for anomaly detection of attacks in IEC 61850-based substation system. (August 2022)
- Main Title:
- A new methodology for anomaly detection of attacks in IEC 61850-based substation system
- Authors:
- Yang, Liqun
Zhai, You
Zhang, Yipeng
Zhao, Yufei
Li, Zhoujun
Xu, Tongge - Abstract:
- Abstract: Smart substation is a crucial Cyber-Physical system and is prone to cyber-attack. In this paper, we propose a novel anomaly detection mechanism tailored for detecting the IEC 61850-based network traffic. Three types of traffic features are taken into account for comprehensively characterizing the network traffic during a time window. To eliminate the subjectivity of manually selecting the traffic features, we exploit Discrete Wavelet Transform (DWT) algorithm to secondarily extract the deep features. An improved Locally Linear Embedding (LLE) algorithm is proposed to reduce the dimension of deep feature vectors with more effective dimensionality reduction ability. By doing so, the LSTM (Long Short Term Memory)-based Autoencoder network that can learn to reconstruct the normal traffic time-series behavior, and thereafter uses the reconstruction error to detect the anomalies. We assess the performance of our proposed mechanism with the comprehensive experiments on the real smart substation. The results indicate that the proposed mechanism can be performed in a fast way with satisfactory detection performance.
- Is Part Of:
- Journal of information security and applications. Volume 68(2022)
- Journal:
- Journal of information security and applications
- Issue:
- Volume 68(2022)
- Issue Display:
- Volume 68, Issue 2022 (2022)
- Year:
- 2022
- Volume:
- 68
- Issue:
- 2022
- Issue Sort Value:
- 2022-0068-2022-0000
- Page Start:
- Page End:
- Publication Date:
- 2022-08
- Subjects:
- IEC 61850 -- Smart substation -- Discrete wavelet transform -- Locally linear embedding -- LSTM-Autoencoder
Computer security -- Periodicals
Information technology -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/ ↗
- DOI:
- 10.1016/j.jisa.2022.103262 ↗
- Languages:
- English
- ISSNs:
- 2214-2126
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 22597.xml