Advertisement

Terminal Access Data Anomaly Detection Based on Random Forest for Power User Electric Energy Data Acquisition System

  • Xiaobing Liang
  • Bing Zhao
  • Qian MaEmail author
  • Bang Sun
  • Baojiang Cui
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 926)

Abstract

There are several drawbacks in rule-based traditional terminal access data anomaly detection methods for power user electric energy data acquisition system. They are easy to be bypassed, and the false positive rate and false negative rate are often very high. To address these problems, we propose a terminal access data anomaly detection model based on random forest focusing on the communication protocol, namely 376.1 master station communication protocol. Firstly, through analyzing the characteristics of the 376.1 master station communication protocol, we construct an expressive multidimensional feature set. Then we choose random forest to detect abnormal access data. The experimental result shows that the detection model outperforms its counterparts. Our work also provides a new idea for terminal access data anomaly detection.

Keywords

Power user electric energy data acquisition system 376.1 master station communication protocol Anomaly detection Feature extraction Random forest 

Notes

Acknowledgments

This work was supported by Research and Application of Key Technologies for Unified Data Collection of Multi-meter (JL71-17-007) and National Natural Science Foundation of China (No. U1536122).

References

  1. 1.
    Ma, J., Dai, G., Xu, Z.: Network anomaly detection using dissimilarity-based one-class SVM classifier. In: International Conference on Parallel Processing Workshops, pp. 409–414. IEEE (2009)Google Scholar
  2. 2.
    Bicego, M., Figueiredo, M.A.T.: Soft clustering using weighted one-class support vector machines. Pattern Recogn. 42(1), 27–32 (2009)CrossRefGoogle Scholar
  3. 3.
    Celebi, M.E., Kingravi, H.A., Vela, P.A.: A comparative study of efficient initialization methods for the k-means clustering algorithm. Expert Syst. Appl. 40(1), 200–210 (2013)CrossRefGoogle Scholar
  4. 4.
    Han, Z.: An adaptive K-means Initialization method based on data density. Comput. Appl. Softw. 2, 182–187 (2014)Google Scholar
  5. 5.
    Zuo, J., Chen, Z.: Anomaly detection algorithm based on improved K-means clustering. Comput. Sci. 43(8), 258–261 (2016)MathSciNetGoogle Scholar
  6. 6.
    Ye, X., Lan, J., Guo, T.: Network anomaly detection method based on principle component analysis and tabu search and decision tree classification. J. Comput. Appl. 33(10), 2846–2850 (2013)Google Scholar
  7. 7.
    Zhou, Y., Hu, G.: Network-wide anomaly detection based on muter connection relationships. IEICE Trans. Commun. E94B(8), 2239–2242 (2011)CrossRefGoogle Scholar
  8. 8.
    Chen, J., Zhang, M., Liu, X., Fan, T.: Distributed intrusion detection model based on artificial immune. J. Comput. Appl. (1), 86–89 + 94 (2014)Google Scholar
  9. 9.
    Kruegel, C., Mutz, D., Robertson, W., Valeur, F.: Bayesian event classification for intrusion detection. In: Proceedings of the 19th Annual Computer Security Applications Conference, p. 12 (2003)Google Scholar
  10. 10.
    Mukkamala, S., Janoski, G., Sung, A.: Intrusion detection using neural networks and support vector machines. In: Proceedings of the 2002 International Joint Conference on Neural Networks, IJCNN 2002, p. 5 (2002)Google Scholar
  11. 11.
    Liu, K., Liao, X.: Design and implementation of Q/GDW 376. 1 protocol and DL/T 645 protocol conversion. Adv. Technol. Electr. Eng. Energy 32(2), 72–75 (2013)Google Scholar
  12. 12.
    Liaw, A., Wiener, M.: Classification and regression by random forest. R News 2, 18–22 (2002)Google Scholar
  13. 13.
    Natekin, A., Knoll, A.: Gradient boosting machines, a tutorial. Front. Neurorobotics 7, 21 (2013)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  • Xiaobing Liang
    • 1
  • Bing Zhao
    • 1
  • Qian Ma
    • 2
    • 3
    Email author
  • Bang Sun
    • 2
    • 3
  • Baojiang Cui
    • 2
    • 3
  1. 1.China Electric Power Research InstituteBeijingChina
  2. 2.School of Cyberspace SecurityBeijing University of Posts and TelecommunicationsBeijingChina
  3. 3.National Engineering Laboratory for Mobile Network SecurityBeijingChina

Personalised recommendations