Tensor-Based Cybersecurity Analysis of Smart Grids Using IT/OT Convergence
The expansion of cyberthreat landscape has been driving power utilities to investigate innovative methods for attack detection while leveraging the converged data generated across the grid Information Technology (IT) and Operational Technology (OT) systems. In this paper, we propose a tensor-based c...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2024-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10792896/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850121835326210048 |
|---|---|
| author | Danial Jafarigiv Keyhan Sheshyekani Marthe Kassouf |
| author_facet | Danial Jafarigiv Keyhan Sheshyekani Marthe Kassouf |
| author_sort | Danial Jafarigiv |
| collection | DOAJ |
| description | The expansion of cyberthreat landscape has been driving power utilities to investigate innovative methods for attack detection while leveraging the converged data generated across the grid Information Technology (IT) and Operational Technology (OT) systems. In this paper, we propose a tensor-based cybersecurity data analysis method and we prove its efficiency using tensors of IT and OT data obtained through the cosimulation of an electricity distribution system using wireless Long-Term Evolution (LTE) technology for synchrophasor communications. An approximate CANDECOMP/PARAFAC (CP) decomposition and Higher Order Singular Value Decomposition (HOSVD) are used to exploit the underlying hidden patterns in the low-rank data tensors. The effectiveness of the low-rank modeling using both decompositions is confirmed by demonstrating relatively low reconstruction error. A residual extraction method is also considered to distinguish the normal subspace of tensor dataset from the anomalous dataset resulting from the attacker actions. Finally, we highlight the intrusion detection performance of the proposed method compared to that of the Tensor Robust Principal Component Analysis (TRPCA) and the discrete-time nonlinear autoregressive neural network (NARX). |
| format | Article |
| id | doaj-art-8b16bfd3b17245fcade6cdc63d6b82c4 |
| institution | OA Journals |
| issn | 2169-3536 |
| language | English |
| publishDate | 2024-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-8b16bfd3b17245fcade6cdc63d6b82c42025-08-20T02:34:59ZengIEEEIEEE Access2169-35362024-01-011219189319190610.1109/ACCESS.2024.351564210792896Tensor-Based Cybersecurity Analysis of Smart Grids Using IT/OT ConvergenceDanial Jafarigiv0https://orcid.org/0000-0002-5801-9877Keyhan Sheshyekani1https://orcid.org/0000-0002-5066-6391Marthe Kassouf2https://orcid.org/0000-0002-3007-2350Hydro-Québec Research Institute, Varennes, QC, CanadaDepartment of Electrical and Computer Engineering, Polytechnique Montreal, Montreal, QC, CanadaHydro-Québec Research Institute, Varennes, QC, CanadaThe expansion of cyberthreat landscape has been driving power utilities to investigate innovative methods for attack detection while leveraging the converged data generated across the grid Information Technology (IT) and Operational Technology (OT) systems. In this paper, we propose a tensor-based cybersecurity data analysis method and we prove its efficiency using tensors of IT and OT data obtained through the cosimulation of an electricity distribution system using wireless Long-Term Evolution (LTE) technology for synchrophasor communications. An approximate CANDECOMP/PARAFAC (CP) decomposition and Higher Order Singular Value Decomposition (HOSVD) are used to exploit the underlying hidden patterns in the low-rank data tensors. The effectiveness of the low-rank modeling using both decompositions is confirmed by demonstrating relatively low reconstruction error. A residual extraction method is also considered to distinguish the normal subspace of tensor dataset from the anomalous dataset resulting from the attacker actions. Finally, we highlight the intrusion detection performance of the proposed method compared to that of the Tensor Robust Principal Component Analysis (TRPCA) and the discrete-time nonlinear autoregressive neural network (NARX).https://ieeexplore.ieee.org/document/10792896/CosimulationCP decompositioncyberattackdistribution gridIT/OT convergenceLTE network |
| spellingShingle | Danial Jafarigiv Keyhan Sheshyekani Marthe Kassouf Tensor-Based Cybersecurity Analysis of Smart Grids Using IT/OT Convergence IEEE Access Cosimulation CP decomposition cyberattack distribution grid IT/OT convergence LTE network |
| title | Tensor-Based Cybersecurity Analysis of Smart Grids Using IT/OT Convergence |
| title_full | Tensor-Based Cybersecurity Analysis of Smart Grids Using IT/OT Convergence |
| title_fullStr | Tensor-Based Cybersecurity Analysis of Smart Grids Using IT/OT Convergence |
| title_full_unstemmed | Tensor-Based Cybersecurity Analysis of Smart Grids Using IT/OT Convergence |
| title_short | Tensor-Based Cybersecurity Analysis of Smart Grids Using IT/OT Convergence |
| title_sort | tensor based cybersecurity analysis of smart grids using it ot convergence |
| topic | Cosimulation CP decomposition cyberattack distribution grid IT/OT convergence LTE network |
| url | https://ieeexplore.ieee.org/document/10792896/ |
| work_keys_str_mv | AT danialjafarigiv tensorbasedcybersecurityanalysisofsmartgridsusingitotconvergence AT keyhansheshyekani tensorbasedcybersecurityanalysisofsmartgridsusingitotconvergence AT marthekassouf tensorbasedcybersecurityanalysisofsmartgridsusingitotconvergence |