Cybersecurity of smart grids: Comparison of machine learning approaches training for anomaly detection

Cybersecurity of smart grids: Comparison of machine learning approaches training for anomaly detection

Objectives. The transformation of modern electric grids into decentralized smart grids presents new challenges in the field of cybersecurity. The purpose of this work is to conduct research and analysis into the effectiveness of different machine-learning methods for identifying anomalies in decentr...

Full description

Saved in:
Bibliographic Details
Main Authors: S. V. Kochergin, S. V. Artemova, A. A. Bakaev, E. S. Mityakov, Zh. G. Vegera, E. A. Maksimova
Format: Article
Language:Russian
Published: MIREA - Russian Technological University 2024-12-01
Series:Российский технологический журнал
Subjects:
smart grids
cybersecurity
machine learning
anomaly detection
isolation forest
cyberattacks
Online Access:https://www.rtj-mirea.ru/jour/article/view/1025
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Objectives. The transformation of modern electric grids into decentralized smart grids presents new challenges in the field of cybersecurity. The purpose of this work is to conduct research and analysis into the effectiveness of different machine-learning methods for identifying anomalies in decentralized smart networks, including cyberattacks and emergency modes, as well as to develop recommendations on the optimal combination of these methods for ensuring effective cybersecurity under conditions of changing electrical loads.Methods. We consider several machine learning methods for identifying anomalies in power systems that simulate network behavior under conditions of cyberattacks and emergency modes. The relative effectiveness of such methods as multifractal analysis using wavelets, the Isolation Forest model, local outlier factor (LOF), k-means clustering, and one-class support vector machine (One-Class SVM), is analyzed.Results. The comparison of machine learning methods reveals the varying effectiveness of anomaly detection methods used to detect cyber threats and deviations in electrical systems. Isolation Forest is best at detecting abrupt changes related to cyberattacks with high accuracy and a minimum of false positives. While LOF can also be effective in detecting cyberattacks, its increased sensitivity to minor deviations increases the number of false positives. K-means and One-Class SVMs are less effective in detecting abrupt anomalies but are useful for general clustering of data and detecting both abrupt and smooth changes, respectively.Conclusions. The obtained research results indicate the advantages of using a combination of machine learning algorithms to ensure the reliable protection of smart networks from cyberattacks taking into account the nature of the electrical load.
ISSN:2782-3210
2500-316X

Similar Items