Big Data-Based Attack Scenario Reconstruction Architecture in Smart Grid

  • Liang GuoEmail author
  • Qianqian JinEmail author
  • Ying Liu
  • Yuanyi Xia
  • Han Hu
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 517)


The intelligence of power grids has made the relationship between distribution networks and the Internet more and more compact. Therefore, in order to cope with the various threats in the situation of smart grid, it is necessary to study from multiple perspectives. Among them, attack scenario reconstruction is a more effective method of network security defense. However, the existing attack scenario reconstruction technology is not combined with the actual situation of the power grid. In this paper, we proposed a grid-based attack scenario reconstruction framework which is based on big data. The framework consists of KNN-based attack data classification and state machine-based attack scenario restoration. In addition, we also implemented prototypes and evaluated the effectiveness and availability of databases provided by IDS in China Grid Corporation. The results show that the framework proposed in this paper improves the efficiency and accuracy of analyzing attacker strategies.


Big data Attack scenario reconstruction Smart grid KNN 



The work is supported by State Grid Corporation of China Science and Technology Project: Research on Unknown Security Threat Detection Technology Based on Big Data Analysis (No. SGJSXT00JFJS1700101).


  1. 1.
    Yu, J., Fang, C., Lu, L., Li, Z.: Mitigating application layer distributed denial of service attacks via effective trust management. AIET Commun. 4(16), 1952–1962 (2010)CrossRefGoogle Scholar
  2. 2.
    Wang, K., Li, H., Feng, Y., Tian, G.: Big data analytics for system stability evaluation strategy in the energy Internet. IEEE Trans. Ind. Inform. (2017). Scholar
  3. 3.
    Vimalkumar, K., Radhika, N.: A novel model for detecting application layer DDoS attacks. In: International Conference on Advances in Computing, Communications and Informatics, pp. 198–204 (2017)Google Scholar
  4. 4.
    Adhikari, U., Morris, T.H., Pan, S.: A causal event graph for cyber-power system events using synchrophasor. In: PES General Meeting Conference Exposition, pp. 1–5 (2017)Google Scholar
  5. 5.
    Hinton, G.E., Osindero, S., Teh, Y.-W.: A fast learning algorithm for deep belief nets. Neural Comput. 18(7), 1527–1554 (2006)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Sukhbaatar, S., Makino, T., Aihara, K., Chikayama, T.: Robust generation of dynamical patterns in human motion by a deep belief nets. J. Mach. Learn. Res. 20, 231–246 (2011)Google Scholar
  7. 7.
    Campo, G.L., Cristina, C., de Diego, I.M., Enrique, C.: Detecting denial of service by modeling web-sever behavior. Comput. Electr. Eng. 39(7), 2252–2262 (2013)Google Scholar
  8. 8.
    Prasanna, K., Seetha, M., Siva, A.: CApriori: conviction based apriori algorithm for discovering frequent determinant patterns from high dimensional datasets. In: 2014 International Conference on Science Engineering and Management Research (ICSEMR) (2014)Google Scholar
  9. 9.
    Mao, X., Zhao, G., Sun, R.: Naive Bayesian algorithm classification model with local attribute weighted based on KNN. In: Information Technology, Networking, Electronic and Automation Control Conference, pp. 904–908. IEEE (2017)Google Scholar
  10. 10.
    Luna, J., Cano, A., Pechenizkiy, M., Ventura, S.: Speeding-up association rule mining with inverted index compression. IEEE Trans. Cybern. 46(12), 3059–3072 (2016)CrossRefGoogle Scholar
  11. 11.
    Li, K., Xie, P., Zhai, J., et al.: An improved AdaBoost algorithm for imbalanced data based on weighted KNN. In: International Conference on Big Data Analysis, pp. 30–34. IEEE (2017)Google Scholar
  12. 12.
    Ma, X., Liu, F., Qi, Y., Wang, X.: A multiobjective evolutionary algorithm based on decision variable analyses for multiobjective optimization problems with large-scale variables. IEEE Trans. Evol. Comput. 20(2), 275–298 (2016)CrossRefGoogle Scholar
  13. 13.
    Ao, W., Song, Y., Wen, C.: Distributed robust attack detection and reconstruction for a class of uncertain nonlinear interconnected CPSs. In: International Conference on Collaboration Technologies and Systems, pp. 1819–1824. IEEE (2016)Google Scholar
  14. 14.
    Wang, K., Shao, Y., Shu, L., Han, G., Zhu, C.: LDPA: a local data processing architecture in ambient assisted living communications. IEEE Commun. Mag. 53(1), 56–63 (2015)CrossRefGoogle Scholar
  15. 15.
    Zhu, L., Li, M., Zhang, Z., et al.: Big data mining of users energy consumption patterns in the wireless smart grid. IEEE Wirel. Commun. 25(1), 84–89 (2018)CrossRefGoogle Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.NARI Group Corporation/State Grid Electric Power Research InstituteNanjingChina
  2. 2.State Grid Corporation of ChinaBeijingChina
  3. 3.State Grid Jiangsu Information and Telecommunication CompanyNanjingChina
  4. 4.School of Internet of ThingsNanjing University of Posts and TelecommunicationsNanjingChina

Personalised recommendations