An Edge Computing-Based and Threat Behavior-Aware Smart Prioritization Framework for Cybersecurity Intrusion Detection and Prevention of IEDs in Smart Grids With Integration of Modified LGBM and One Class-SVM Models

Abdulmohsen Algarni; Zulfiqar Ahmad; Mohammed Alaa Ala'Anzy

doi:10.1109/ACCESS.2024.3435564

IEEE Access (Jan 2024)

An Edge Computing-Based and Threat Behavior-Aware Smart Prioritization Framework for Cybersecurity Intrusion Detection and Prevention of IEDs in Smart Grids With Integration of Modified LGBM and One Class-SVM Models

Abdulmohsen Algarni,
Zulfiqar Ahmad,
Mohammed Alaa Ala'Anzy

Affiliations

Abdulmohsen Algarni: ORCiD; Department of Computer Science, King Khalid University, Abha, Saudi Arabia
Zulfiqar Ahmad: ORCiD; Department of Computer Science and Information Technology, Hazara University, Mansehra, Pakistan
Mohammed Alaa Ala'Anzy: ORCiD; Department of Computer Science, SDU University, Almaty, Kazakhstan

DOI: https://doi.org/10.1109/ACCESS.2024.3435564
Journal volume & issue: Vol. 12
pp. 104948 – 104963

Abstract

Read online

The smart grid environment, which emphasizes sustainability, dependability, and efficiency through smart components such as Intelligent Electronic Devices (IEDs), communication networks, and control systems, marks a revolutionary change in the way traditional power distribution is carried out. As smart grids grow and are integrated into energy distribution networks, these systems become more vulnerable to cybersecurity threats due to their increased connectivity, usage of IEDs, and reliance on digital communication channels. This study presents an edge computing-based, threat behavior-aware smart prioritization framework with binary and multidimensional classification and detection of cybersecurity intrusions through modified machine learning methods. The proposed framework has the potential to improve smart grid cybersecurity by offering a comprehensive defense against intrusion threats. The proposed framework enhances smart grid cybersecurity by utilizing a multi-criteria approach. It implements edge-computing technology for data storage and processing in smart grids. It applies machine-learning models for cybersecurity intrusion detection in IEDs and provides prevention by assigning priorities to the threats based on their behavior. In order to show the effectiveness of the proposed framework, we modified and implemented two machine-learning models, i.e., LGBM and One Class-SVM, as proposed models in the framework. For multidimensional classification and detection of cybersecurity intrusions in IEDs of smart grids, we used LGBM. Whereas, for binary classification and detection of cybersecurity intrusions, we used One Class-SVM. We simulated the detection and classification of cybersecurity intrusions in IEDs using a power system intrusion dataset. The results show that the LGBM model provides an accuracy of 93%, precision of 94%, recall of 93%, and F1 score of 93% in the detection and classification of cybersecurity intrusions in IEDs of smart grids. The implementation of One Class-SVM with binary classification yields an accuracy of 85%, precision of 89%, recall of 85%, and F1 score of 86%. We implemented the benchmark machine-learning models, i.e., Gradient Boosting Machine and Support Vector Machine, for performance comparison with the proposed modified machine-learning models. The performance comparison shows that the modified machine learning models implemented in the proposed framework outperformed the benchmark machine-learning models.INDEX TERMS Smart grids, cyberattack detection and prevention, IEDs, LGBM, One Class-SVM, intrusions.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords