Mobile Multimedia Communications. 14th EAI International Conference, Mobimedia 2021, Virtual Event, July 23-25, 2021, Proceedings

Research Article

An Improved DDoS Attack Detection Model Based on Unsupervised Learning in Smart Grid

Download
3 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-89814-4_40,
    author={Zhili Ma and Hongzhong Ma and Xiang Gao and Jiyang Gai and Xuejun Zhang and Fucun He and Jinxiong Zhao},
    title={An Improved DDoS Attack Detection Model Based on Unsupervised Learning in Smart Grid},
    proceedings={Mobile Multimedia Communications. 14th EAI International Conference, Mobimedia 2021, Virtual Event, July 23-25, 2021, Proceedings},
    proceedings_a={MOBIMEDIA},
    year={2021},
    month={11},
    keywords={Smart grid DDoS attack detection Autoencoder BIRCH algorithm Unsupervised learning},
    doi={10.1007/978-3-030-89814-4_40}
}
  • Zhili Ma
    Hongzhong Ma
    Xiang Gao
    Jiyang Gai
    Xuejun Zhang
    Fucun He
    Jinxiong Zhao
    Year: 2021
    An Improved DDoS Attack Detection Model Based on Unsupervised Learning in Smart Grid
    MOBIMEDIA
    Springer
    DOI: 10.1007/978-3-030-89814-4_40
Zhili Ma1, Hongzhong Ma1, Xiang Gao2, Jiyang Gai3, Xuejun Zhang3,*, Fucun He3, Jinxiong Zhao1
  • 1: State Grid Gansu Electric Power Research Institute, Lanzhou
  • 2: State Grid Gansu Electric Power Company, Lanzhou
  • 3: School of Electronic and Information Engineering, Lanzhou Jiaotong University, Lanzhou
*Contact email: xuejunzhang@mail.lzjtu.cn

Abstract

The bidirectional communication system in smart grid is vulnerable to distributed denial of service (DDoS) attacks, due to its characteristics of complex system structure and difficult to control. The multiple nodes in the smart grid system will be compromised when the DDoS attack happen, thus resulting in the denial of legitimate services to users and disruption of the normal operation in power grid system. In order to defense such attack, some detection methods have been proposed in recent years. However, most of the existing detection methods have the characteristics of low detection accuracy and high false positive rate. In this paper, we proposed a novel DDoS attack detection method which only uses unlabeled abnormal network traffic data to build the detection model. Our method firstly uses Balanced Iterative Reducing and Clustering Using Hierarchies algorithm (BIRCH) to pre-cluster the abnormal network traffic data, and then explores autoencoder (AE) to build the detection model in an unsupervised manner based on the clustering subsets. In order to verify the performance of our method, we perform experiments on KDDCUP99 dataset and compare our method with existing classical anomaly detection methods. Results show that the proposed method has higher detection accuracy for abnormal traffic detection.

Keywords
Smart grid DDoS attack detection Autoencoder BIRCH algorithm Unsupervised learning
Published
2021-11-02
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-030-89814-4_40
Copyright © 2021–2025 ICST
EAI Logo

About EAI

Community

Publish with EAI