4.5 Article

Intrusion Detection of NSM Based DoS Attacks Using Data Mining in Smart Grid

ENERGIES (2012)

Get Full Text
Add to Collection

Journal

ENERGIES
Volume 5, Issue 10, Pages 4091-4109

Publisher

MDPI
DOI: 10.3390/en5104091

Keywords

Denial of Service (DoS) attack; intrusion detection; Network and System Management (NSM); smart grid; data mining

Categories

Energy & Fuels

Funding

  1. Power Generation and Electricity Delivery of the Korea Institute of Energy Technology Evaluation and Planning (KETEP)
  2. Korea government Ministry of Knowledge Economy [2011101050001B]
  3. Ewha Global Top 5 Grand of Ewha Womans University
  4. World Class University Program through National Research Foundation of Korea [R33-10085]
  5. Ministry of Education, Science and Technology
  6. Basic Science Research Program through the National Research Foundation of Korea (NRF)
  7. Ministry of Education, Science and Technology [2012-0004279]
  8. Korea Evaluation Institute of Industrial Technology (KEIT) [2011101050001B, 2012101050004B] Funding Source: Korea Institute of Science & Technology Information (KISTI), National Science & Technology Information Service (NTIS)
  9. National Research Foundation of Korea [2011-0014020] Funding Source: Korea Institute of Science & Technology Information (KISTI), National Science & Technology Information Service (NTIS)

Ask authors/readers for more resources

Protocol

Community support

Reagent

Community support

In this paper, we analyze the Network and System Management (NSM) requirements and NSM data objects for the intrusion detection of power systems; NSM is an IEC 62351-7 standard. We analyze a SYN flood attack and a buffer overflow attack to cause the Denial of Service (DoS) attack described in NSM. After mounting the attack in our attack testbed, we collect a data set, which is based on attributes for the attack. We then run several data mining methods with the data set using the Waikato Environment for Knowledge Analysis (WEKA). In the results, we select the decision tree algorithms with high detection rates, and choose key attributes in high level components of the trees. When we run several data mining methods again with the data set of chosen key attributes, the detection rates of most data mining methods are higher than before. We prove that our selected attack attributes, and the proposed detection process, are efficient and suitable for intrusion detection in the smart grid environment.

Authors

I am an author on this paper
Click your name to claim this paper and add it to your profile.

Reviews

Primary Rating

4.5
Not enough ratings

Secondary Ratings

Novelty
-
Significance
-
Scientific rigor
-
Rate this paper

Recommended

No Data Available
No Data Available
Webinars Posters Questions Hubs Funding Journals Papers Connect Collections Reviewers About Us FAQs Mobile App Privacy Policy Terms of Use
© Peeref 2019-2024. All rights reserved.