ADAPTIVE CLOUD-BASED SECURITY ANALYTICS FOR INDUSTRIAL POWER SYSTEMS: A MULTI-CLASS DETECTION APPROACH

Zaiter Murooj, postgraduate, Dept. of Big Data Analytics and Video Analysis Methods, Ural Federal University

Abstract

The increasing digitalization of power systems in industrial companies has introduced new cybersecurity vulnerabilities that require sophisticated detection systems. This work suggests a cloud-based adaptive system to classify and detect various power system events, including cyber-attacks, natural faults, and normal operations. We design a multi-class detection system based on Phasor Measurement Units (PMUs) data and the system logs on a two-line, four-relay power system configuration. The proposed model can identify 37 different scenarios, including natural events, cyber-attacks, and normal operations, thanks to 128 features extracted from PMU measurements and system logs. Our approach achieves 97% overall accuracy in distinguishing between various power system events, with the best performance in identifying command injection attacks (with an average of 98% precision) and relay setting change attacks (95% precision). The model is demonstrated to be robust for different fault locations and attack scenarios, with high precision and recall rates even for complex multi-relay attacks. With feature importance analysis, we identify key measurements for attack detection, particularly phase magnitude measurements and voltage phase angles, for more efficient monitoring of power system security. Cloud deployment facilitates real-time processing of PMU data and quick detection of attacks, making it suitable for deployment at an industrial level. The model performs with 100% accuracy in identifying normal operations and high accuracy in detecting faults in various sections of the transmission line. The results confirm that our approach can distinctly classify natural faults and malicious attacks and can be used as a reliable security monitoring system for industrial power systems.

KEYWORDS: power system security, cloud computing, cyber-attack detection, machine learning, phasor measurement units, industrial control systems, multi-class classification, real-time monitoring, industrial enterprises, adaptive security analytics.

Download article ADAPTIVE CLOUD-BASED SECURITY ANALYTICS FOR INDUSTRIAL POWER SYSTEMS: A MULTI-CLASS DETECTION APPROACHpdficon_small