Visible to the public Anomaly Detection for Power Grid Based on Time Series Model

TitleAnomaly Detection for Power Grid Based on Time Series Model
Publication TypeConference Paper
Year of Publication2019
AuthorsZhang, L., Shen, X., Zhang, F., Ren, M., Ge, B., Li, B.
Conference Name2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC)
Date PublishedAug. 2019
PublisherIEEE
ISBN Number978-1-7281-1664-8
Call Numberhttps://ieeexplore.ieee.org/document/8919572
Keywordsadvanced behavior attacks, anomaly detection, anomaly detection model, computer network security, Cyber Attacks, cyber security situation, discrete Fourier transform, Discrete Fourier transforms, efficient anomaly detection methods, Fourier transform, highly periodic network, mainstream security devices, Metrics, network message, original physical isolation, periodic extraction method, periodic overlapping mapping, power engineering computing, power grid, power grids, Power system protection, Protocols, pubcrawl, resilience, Resiliency, Scalability, security, Smart grids, smart power grids, Time Frequency Analysis, time series, Time series analysis, time series model, Time-frequency Analysis, timing relationship
Abstract

In the process of informationization and networking of smart grids, the original physical isolation was broken, potential risks increased, and the increasingly serious cyber security situation was faced. Therefore, it is critical to develop accuracy and efficient anomaly detection methods to disclose various threats. However, in the industry, mainstream security devices such as firewalls are not able to detect and resist some advanced behavior attacks. In this paper, we propose a time series anomaly detection model, which is based on the periodic extraction method of discrete Fourier transform, and determines the sequence position of each element in the period by periodic overlapping mapping, thereby accurately describe the timing relationship between each network message. The experiments demonstrate that our model can detect cyber attacks such as man-in-the-middle, malicious injection, and Dos in a highly periodic network.

DOI10.1109/CSE/EUC.2019.00044
Citation Keyzhang_anomaly_2019