Ensemble Learning Methods for Anomaly Intrusion Detection System in Smart Grid

Abstract

Smart grid is an emerging technology that delivers intelligently to the end-users through two-way communication. However, this technology can be subject to several cyber-attacks due to this network's inherent weaknesses. One practical solution to secure smart grid networks is using an intrusion detection system (IDS). IDS improves the smart grid’s security by detecting malicious activities in the network. However, existing systems have several shortcomings, such as a low detection rate and high false alarm. For this purpose, several studies have focused on addressing these issues, using techniques, including traditional machine learning models. In this paper, we investigate the performance of three different ensemble learning techniques: bagging-based, boosting-based, and stacking-based. Their results are compared to those of three traditional machine learning techniques, namely K nearest neighbor, decision tree, and Naive Bayes. To train, evaluate, and test the proposed methods. We used the benchmark of CICDDos 2019 that consists of several DDoS attacks. Two feature selection techniques are used to identify the most important features. The performance evaluation is based on the probability of detection, probability of false alarm, probability of miss detection, and accuracy. The simulation results show that the stacking-based ensemble learning techniques outperform the other algorithms in terms of the four-evaluation metrics.