Advanced Metering Infrastructure (AMI) devices are one of the core components of smart grids architecture. As AMI components are connected through mesh networks in a distributed mechanism, new vulnerabilities will be exploited by a grid's attackers who intentionally interfere with the network's communication system and steal customer data. As a result, identifying distributed security solutions to maintain the confidentiality, integrity, and availability of AMI devices' traffic is an essential requirement that needs to be taken into account. This paper proposes a real-time distributed intrusion detection system (DIDS) for AMI infrastructure that utilizes stream mining techniques and a multi-layer implementation approach. Using unsupervised online clustering techniques, the anomaly-based DIDS monitors the data flow in the smart grid (SG) and determines if there are anomalous traffic. By comparing between online and offline clustering techniques, the experimental results showed that online clustering "Mini-Batch Kmeans" is appropriate for the architecture requirements by giving high detection rates and low false positive rates.
| Date of Award | May 2015 |
|---|
| Original language | American English |
|---|
| Supervisor | U Zeyar Aung (Supervisor) |
|---|
- Distributed Intrusion Detection System
- Online Clustering
- Mini-Batch Kmeans
- Smart Grids
- Stream Mining
- Advanced Metering Infrastructure (AMI).
Smart Grids' Security: Real-time Anomaly-based Distributed Intrusion Detection Systems for Advanced Metering Infrastructure (AMI) based on Stream Mining
Alseiari, F. A. A. (Author). May 2015
Student thesis: Master's Thesis