An Approach to Detecting Cyber Attacks against Smart Power Grids Based on the Analysis of Network Traffic Self-Similarity

The paper discusses an approach for detecting cyber attacks against smart power supply networks, based on identifying anomalies in network traffic by assessing its self-similarity property. Methods for identifying long-term dependence in fractal Brownian motion and real network traffic of smart grid systems are considered. It is shown that the traffic of a telecommunication network is a self-similar structure, and its behavior is close to fractal Brownian motion. Fractal analysis and mathematical statistics are used as tools in the development of this approach. The issues of a software implementation of the proposed approach and the formation of a dataset containing network packets of smart grid systems are considered. The experimental results obtained using the generated dataset have demonstrated the existence of self-similarity in the network traffic of smart grid systems and confirmed the fair efficiency of the proposed approach. The proposed approach can be used to quickly detect the presence of anomalies in the traffic with the aim of further using other methods of cyber attack detection.

[1]  Gurpreet Singh,et al.  A Review of Machine Learning based Anomaly Detection Techniques , 2013, ArXiv.

[2]  Murad S. Taqqu,et al.  On the Self-Similar Nature of Ethernet Traffic , 1993, SIGCOMM.

[3]  Игорь Борисович Саенко,et al.  Метод оценки уровня защиты информации от НСД в компьютерных сетях на основе графа защищенности , 2014 .

[4]  Jacopo Torriti,et al.  Demand Side Management for the European Supergrid: Occupancy variances of European single-person households , 2012 .

[5]  J. E. Trinidad-Segovia,et al.  Introducing fractal dimension algorithms to calculate the Hurst exponent of financial time series , 2012 .

[6]  Игорь Витальевич Котенко,et al.  Архитектура системы параллельной обработки больших данных для мониторинга безопасности сетей Интернета вещей , 2018 .

[7]  Shreeram S. Abhyankar,et al.  Fractals, form, chance and dimension , 1978 .

[8]  Paul H. Garthwaite,et al.  Statistical methods for the prospective detection of infectious disease outbreaks: a review , 2012 .

[9]  M. Cao,et al.  A Method of Detecting Seismic Singularities Using Combined Wavelet with Fractal , 2005 .

[10]  Victoria J. Hodge,et al.  A Survey of Outlier Detection Methodologies , 2004, Artificial Intelligence Review.

[11]  Yingfeng Wang,et al.  Hurst Parameter for Security Evaluation of LAN Traffic , 2012 .

[12]  Børge Rokseth,et al.  Applications of machine learning methods for engineering risk assessment – A review , 2020, Safety Science.

[13]  Milton S. Raimundo,et al.  Application of Hurst Exponent (H) and the R/S Analysis in the Classification of FOREX Securities , 2018 .

[14]  Chuanyi Ji,et al.  Modeling heterogeneous network traffic in wavelet domain , 2001, TNET.

[15]  Igor Saenko,et al.  Increasing the Sensitivity of the Method of Early Detection of Cyber-Attacks in Telecommunication Networks Based on Traffic Analysis by Extreme Filtering , 2020 .

[16]  Игорь Витальевич Котенко,et al.  Методы и средства моделирования атак в больших компьютерных сетях: состояние проблемы , 2014 .

[17]  Igor Saenko,et al.  Method of Early Detection of Cyber-Attacks on Telecommunication Networks Based on Traffic Analysis by Extreme Filtering , 2019 .

[18]  Mohamed Guerroumi,et al.  Semi-supervised Statistical Approach for Network Anomaly Detection , 2016, ANT/SEIT.

[19]  Dhruba Kumar Bhattacharyya,et al.  Self-similarity based DDoS attack detection using Hurst parameter , 2016, Secur. Commun. Networks.

[20]  Azer Bestavros,et al.  Self-similarity in World Wide Web traffic: evidence and possible causes , 1997, TNET.

[21]  Irina Strelkovskaya,et al.  Spline-Extrapolation Method in Traffic Forecasting in 5G Networks , 2019, Journal of Telecommunications and Information Technology.