Hierarchical Clustering for Anomalous Traffic Conditions Detection in Power Substations

Erwin Alexander Leal Piedrahita
{"title":"Hierarchical Clustering for Anomalous Traffic Conditions Detection in Power Substations","authors":"Erwin Alexander Leal Piedrahita","doi":"10.18359/rcin.4236","DOIUrl":null,"url":null,"abstract":"The IEC 61850 standard has contributed significantly to the substation management and automation process by incorporating the advantages of communications networks into the operation of power substations. However, this modernization process also involves new challenges in other areas. For example, in the field of security, several academic works have shown that the same attacks used in computer networks (DoS, Sniffing, Tampering, Spoffing among others), can also compromise the operation of a substation. This article evaluates the applicability of hierarchical clustering algorithms and statistical type descriptors (averages), in the identification of anomalous patterns of traffic in communication networks for power substations based on the IEC 61850 standard. The results obtained show that, using a hierarchical algorithm with Euclidean distance proximity criterion and simple link grouping method, a correct classification is achieved in the following operation scenarios: 1) Normal traffic, 2) IED disconnection, 3) Network discovery attack, 4) DoS attack, 5) IED spoofing attack and 6) Failure on the high voltage line. In addition, the descriptors used for the classification proved equally effective with other unsupervised clustering techniques such as K-means (partitional-type clustering), or LAMDA (diffuse-type clustering).","PeriodicalId":31201,"journal":{"name":"Ciencia e Ingenieria Neogranadina","volume":"1 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Ciencia e Ingenieria Neogranadina","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.18359/rcin.4236","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4

Abstract

The IEC 61850 standard has contributed significantly to the substation management and automation process by incorporating the advantages of communications networks into the operation of power substations. However, this modernization process also involves new challenges in other areas. For example, in the field of security, several academic works have shown that the same attacks used in computer networks (DoS, Sniffing, Tampering, Spoffing among others), can also compromise the operation of a substation. This article evaluates the applicability of hierarchical clustering algorithms and statistical type descriptors (averages), in the identification of anomalous patterns of traffic in communication networks for power substations based on the IEC 61850 standard. The results obtained show that, using a hierarchical algorithm with Euclidean distance proximity criterion and simple link grouping method, a correct classification is achieved in the following operation scenarios: 1) Normal traffic, 2) IED disconnection, 3) Network discovery attack, 4) DoS attack, 5) IED spoofing attack and 6) Failure on the high voltage line. In addition, the descriptors used for the classification proved equally effective with other unsupervised clustering techniques such as K-means (partitional-type clustering), or LAMDA (diffuse-type clustering).
基于分层聚类的变电站异常交通状况检测
IEC 61850标准通过将通信网络的优势纳入变电站的运行,对变电站的管理和自动化过程做出了重大贡献。然而,这一现代化进程也涉及到其他领域的新挑战。例如,在安全领域,一些学术著作表明,计算机网络中使用的相同攻击(DoS、嗅探、篡改、恶搞等)也可以危及变电站的运行。本文评估了分层聚类算法和统计类型描述符(平均值)在基于IEC 61850标准的变电站通信网络通信量异常模式识别中的适用性。结果表明,采用基于欧几里得距离接近准则的分层算法和简单链路分组方法,可以在1)正常流量、2)IED断开、3)网络发现攻击、4)DoS攻击、5)IED欺骗攻击和6)高压线路故障等操作场景下实现正确的分类。此外,用于分类的描述符被证明与其他无监督聚类技术(如K-means(部分型聚类)或LAMDA(扩散型聚类))同样有效。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
9
审稿时长
20 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信