Coordinated Cyber-Attack Detection Model of Cyber-Physical Power System Based on the Operating State Data Link
Existing coordinated cyber-attack detection methods have low detection accuracy and efficiency and poor generalization ability due to difficulties dealing with unbalanced attack data samples, high data dimensionality, and noisy data sets. This paper proposes a model for cyber and physical data fusio...
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Frontiers Media S.A.
2021-04-01
|
| Series: | Frontiers in Energy Research |
| Subjects: | |
| Online Access: | https://www.frontiersin.org/articles/10.3389/fenrg.2021.666130/full |
| _version_ | 1819284981782937600 |
|---|---|
| author | Lei Wang Lei Wang Pengcheng Xu Zhaoyang Qu Zhaoyang Qu Xiaoyong Bo Xiaoyong Bo Yunchang Dong Yunchang Dong Zhenming Zhang Zhenming Zhang Yang Li |
| author_facet | Lei Wang Lei Wang Pengcheng Xu Zhaoyang Qu Zhaoyang Qu Xiaoyong Bo Xiaoyong Bo Yunchang Dong Yunchang Dong Zhenming Zhang Zhenming Zhang Yang Li |
| author_sort | Lei Wang |
| collection | DOAJ |
| description | Existing coordinated cyber-attack detection methods have low detection accuracy and efficiency and poor generalization ability due to difficulties dealing with unbalanced attack data samples, high data dimensionality, and noisy data sets. This paper proposes a model for cyber and physical data fusion using a data link for detecting attacks on a Cyber–Physical Power System (CPPS). The two-step principal component analysis (PCA) is used for classifying the system’s operating status. An adaptive synthetic sampling algorithm is used to reduce the imbalance in the categories’ samples. The loss function is improved according to the feature intensity difference of the attack event, and an integrated classifier is established using a classification algorithm based on the cost-sensitive gradient boosting decision tree (CS-GBDT). The simulation results show that the proposed method provides higher accuracy, recall, and F-Score than comparable algorithms. |
| first_indexed | 2024-12-24T01:56:01Z |
| format | Article |
| id | doaj.art-19cc0ac4b0e24f87bd634b16296c7a2d |
| institution | Directory Open Access Journal |
| issn | 2296-598X |
| language | English |
| last_indexed | 2024-12-24T01:56:01Z |
| publishDate | 2021-04-01 |
| publisher | Frontiers Media S.A. |
| record_format | Article |
| series | Frontiers in Energy Research |
| spelling | doaj.art-19cc0ac4b0e24f87bd634b16296c7a2d2022-12-21T17:21:34ZengFrontiers Media S.A.Frontiers in Energy Research2296-598X2021-04-01910.3389/fenrg.2021.666130666130Coordinated Cyber-Attack Detection Model of Cyber-Physical Power System Based on the Operating State Data LinkLei Wang0Lei Wang1Pengcheng Xu2Zhaoyang Qu3Zhaoyang Qu4Xiaoyong Bo5Xiaoyong Bo6Yunchang Dong7Yunchang Dong8Zhenming Zhang9Zhenming Zhang10Yang Li11School of Electrical Engineering, Northeast Electric Power University, Jilin, ChinaJilin Engineering Technology Research Center of Intelligent Electric Power Big Data Processing, Jilin, ChinaSiping Power Supply Company of State Grid Jilin Electric Power Company Limited, Siping, ChinaSchool of Electrical Engineering, Northeast Electric Power University, Jilin, ChinaJilin Engineering Technology Research Center of Intelligent Electric Power Big Data Processing, Jilin, ChinaSchool of Electrical Engineering, Northeast Electric Power University, Jilin, ChinaJilin Engineering Technology Research Center of Intelligent Electric Power Big Data Processing, Jilin, ChinaSchool of Electrical Engineering, Northeast Electric Power University, Jilin, ChinaJilin Engineering Technology Research Center of Intelligent Electric Power Big Data Processing, Jilin, ChinaSchool of Electrical Engineering, Northeast Electric Power University, Jilin, ChinaJilin Engineering Technology Research Center of Intelligent Electric Power Big Data Processing, Jilin, ChinaSchool of Electrical Engineering, Northeast Electric Power University, Jilin, ChinaExisting coordinated cyber-attack detection methods have low detection accuracy and efficiency and poor generalization ability due to difficulties dealing with unbalanced attack data samples, high data dimensionality, and noisy data sets. This paper proposes a model for cyber and physical data fusion using a data link for detecting attacks on a Cyber–Physical Power System (CPPS). The two-step principal component analysis (PCA) is used for classifying the system’s operating status. An adaptive synthetic sampling algorithm is used to reduce the imbalance in the categories’ samples. The loss function is improved according to the feature intensity difference of the attack event, and an integrated classifier is established using a classification algorithm based on the cost-sensitive gradient boosting decision tree (CS-GBDT). The simulation results show that the proposed method provides higher accuracy, recall, and F-Score than comparable algorithms.https://www.frontiersin.org/articles/10.3389/fenrg.2021.666130/fullcyber-physical power systemcoordinated cyber-attackcluster analysisoversamplinggradient boosting decision tree |
| spellingShingle | Lei Wang Lei Wang Pengcheng Xu Zhaoyang Qu Zhaoyang Qu Xiaoyong Bo Xiaoyong Bo Yunchang Dong Yunchang Dong Zhenming Zhang Zhenming Zhang Yang Li Coordinated Cyber-Attack Detection Model of Cyber-Physical Power System Based on the Operating State Data Link Frontiers in Energy Research cyber-physical power system coordinated cyber-attack cluster analysis oversampling gradient boosting decision tree |
| title | Coordinated Cyber-Attack Detection Model of Cyber-Physical Power System Based on the Operating State Data Link |
| title_full | Coordinated Cyber-Attack Detection Model of Cyber-Physical Power System Based on the Operating State Data Link |
| title_fullStr | Coordinated Cyber-Attack Detection Model of Cyber-Physical Power System Based on the Operating State Data Link |
| title_full_unstemmed | Coordinated Cyber-Attack Detection Model of Cyber-Physical Power System Based on the Operating State Data Link |
| title_short | Coordinated Cyber-Attack Detection Model of Cyber-Physical Power System Based on the Operating State Data Link |
| title_sort | coordinated cyber attack detection model of cyber physical power system based on the operating state data link |
| topic | cyber-physical power system coordinated cyber-attack cluster analysis oversampling gradient boosting decision tree |
| url | https://www.frontiersin.org/articles/10.3389/fenrg.2021.666130/full |
| work_keys_str_mv | AT leiwang coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT leiwang coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT pengchengxu coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT zhaoyangqu coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT zhaoyangqu coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT xiaoyongbo coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT xiaoyongbo coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT yunchangdong coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT yunchangdong coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT zhenmingzhang coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT zhenmingzhang coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink AT yangli coordinatedcyberattackdetectionmodelofcyberphysicalpowersystembasedontheoperatingstatedatalink |