Developing a Hybrid Intrusion Detection System Using Data Mining for Power Systems
Synchrophasor systems offer a vast amount of data for remote power system monitoring and control, addressing the growing need for dependable energy. Traditional intrusion detection systems (IDSs) are knowledge-intensive and unsuitable for the big data problem because they rely on manually created rules derived from expert knowledge. In order to create a hybrid intrusion detection system (IDS) that can recognize temporal state-based specifications for power system scenarios such as disruptions, regular control operations, and cyberattacks, this paper outlines a methodical and automated approach. A combination of synchrophasor measurement data and power system audit logs is used to automatically and accurately identify patterns for scenarios using a data mining technique called common path mining.
An IDS prototype was put into practice and verified as a proof of concept. For the purpose of the distance protection scheme for a two-line, three-bus power transmission system, the IDS prototype accurately classifies disruptions, regular control operations, and cyberattacks.