Big Data-Based Attack Scenario Reconstruction Architecture in Smart Grid
The intelligence of power grids has made the relationship between distribution networks and the Internet more and more compact. Therefore, in order to cope with the various threats in the situation of smart grid, it is necessary to study from multiple perspectives. Among them, attack scenario reconstruction is a more effective method of network security defense. However, the existing attack scenario reconstruction technology is not combined with the actual situation of the power grid. In this paper, we proposed a grid-based attack scenario reconstruction framework which is based on big data. The framework consists of KNN-based attack data classification and state machine-based attack scenario restoration. In addition, we also implemented prototypes and evaluated the effectiveness and availability of databases provided by IDS in China Grid Corporation. The results show that the framework proposed in this paper improves the efficiency and accuracy of analyzing attacker strategies.
KeywordsBig data Attack scenario reconstruction Smart grid KNN
The work is supported by State Grid Corporation of China Science and Technology Project: Research on Unknown Security Threat Detection Technology Based on Big Data Analysis (No. SGJSXT00JFJS1700101).
- 3.Vimalkumar, K., Radhika, N.: A novel model for detecting application layer DDoS attacks. In: International Conference on Advances in Computing, Communications and Informatics, pp. 198–204 (2017)Google Scholar
- 4.Adhikari, U., Morris, T.H., Pan, S.: A causal event graph for cyber-power system events using synchrophasor. In: PES General Meeting Conference Exposition, pp. 1–5 (2017)Google Scholar
- 6.Sukhbaatar, S., Makino, T., Aihara, K., Chikayama, T.: Robust generation of dynamical patterns in human motion by a deep belief nets. J. Mach. Learn. Res. 20, 231–246 (2011)Google Scholar
- 7.Campo, G.L., Cristina, C., de Diego, I.M., Enrique, C.: Detecting denial of service by modeling web-sever behavior. Comput. Electr. Eng. 39(7), 2252–2262 (2013)Google Scholar
- 8.Prasanna, K., Seetha, M., Siva, A.: CApriori: conviction based apriori algorithm for discovering frequent determinant patterns from high dimensional datasets. In: 2014 International Conference on Science Engineering and Management Research (ICSEMR) (2014)Google Scholar
- 9.Mao, X., Zhao, G., Sun, R.: Naive Bayesian algorithm classification model with local attribute weighted based on KNN. In: Information Technology, Networking, Electronic and Automation Control Conference, pp. 904–908. IEEE (2017)Google Scholar
- 11.Li, K., Xie, P., Zhai, J., et al.: An improved AdaBoost algorithm for imbalanced data based on weighted KNN. In: International Conference on Big Data Analysis, pp. 30–34. IEEE (2017)Google Scholar
- 13.Ao, W., Song, Y., Wen, C.: Distributed robust attack detection and reconstruction for a class of uncertain nonlinear interconnected CPSs. In: International Conference on Collaboration Technologies and Systems, pp. 1819–1824. IEEE (2016)Google Scholar