Unsupervised Machine Learning for Anomaly Detection in Synchrophasor Network Traffic
No Thumbnail Available
Authors
Donner, Phillip
Leger, Aaron St.
Blaine, Raymond W.
Issue Date
2019-10
Type
proceedings-article
Language
Keywords
Smart grids , Phasor measurement units , Telecommunication traffic , IP networks , Machine Learning , Data models , Protocols
Alternative Title
Abstract
In this paper, the k-means algorithm is applied to IEEE C37.118.2 synchrophasor network traffic data to model the expected packet features under normal operating conditions. Once the model is trained, anomalies in the data are introduced using packet manipulation and packet injection. Anomalies in this research are defined as any packets in the network traffic from an unknown IP address, irregularities in the byte length of the synchrophasor data, or any packet with a network latency longer than is characteristic of the network. The trained model detects these simulated anomalies by assigning each test packet to a trained cluster centroid and determining if the distortion of the test packet qualifies it as an anomaly. This paper describes the problems and opportunities that arise from smart grid technologies, why using machine learning for anomaly detection is essential in control system environments, and how the model is developed to detect anomalies.
Description
Citation
P. Donner, A. S. Leger and R. Blaine, "Unsupervised Machine Learning for Anomaly Detection in Synchrophasor Network Traffic," 2019 North American Power Symposium (NAPS), Wichita, KS, USA, 2019, pp. 1-6, doi: 10.1109/NAPS46351.2019.9000400.
Publisher
IEEE