Intrusion Detection in SCADA Based Power Grids: Recursive Feature Elimination Model With Majority Vote Ensemble Algorithm

Intrusion Detection in SCADA Based Power Grids: Recursive Feature Elimination Model With Majority Vote Ensemble Algorithm

We propose an integrated framework for an intrusion detection system for SCADA (Supervisory Control and Data Acquisition)-based power grids. Our scheme combines RFE-XGBoost (Recursive Feature Elimination-eXtreme Gradient Boosting) based feature selection with a majority vote ensemble method. RFE sel...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on network science and engineering Vol. 8; no. 3; pp. 2559 - 2574
Main Authors: Upadhyay, Darshana, Manero, Jaume, Zaman, Marzia, Sampalli, Srinivas
Format: Journal Article
Language:English
Published: Piscataway IEEE 01-07-2021
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Algorithms
Artificial neural networks
Boosting
Classifiers
cyber security
Decision trees
ensemble method
Feature extraction
feature selection
Intrusion detection
Intrusion detection systems
majority vote
network intrusions
Power grids
Power systems
Predictive models
Recall
recursive feature elimination
SCADA systems
Supervisory control and data acquisition
Training
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We propose an integrated framework for an intrusion detection system for SCADA (Supervisory Control and Data Acquisition)-based power grids. Our scheme combines RFE-XGBoost (Recursive Feature Elimination-eXtreme Gradient Boosting) based feature selection with a majority vote ensemble method. RFE selects features recursively based on Weighted Feature Importance (WFI) scores during the training process, while the majority vote ensemble method predicts the output label based on a total of nine heterogeneous classifiers - three bagging ensembles, namely, Random Forest (RF), Extra Tree (ET), and Decision Tree (DT), three boosting ensembles, namely, XGBoost (XGB), Gradient Boosting (GB), and AdaBoost-Decision Tree (AdB-DT) along with artificial neural network (ANN), Naive Bayes (NB), and k-nearest neighbors (KNN). This leads to a more accurate solution as a result of the combination of the most useful features and prediction from multiple heterogeneous classifiers. Experimental results show that our approach increases the accuracy, precision, recall, F1 score, and decreases the miss rate as compared to previous approaches. The model is also evaluated for four different class categories, namely binary, three-class, seven class and multi-class, using Precision Recall (PR) and Receiver Operating Characteristic (ROC) plot. In addition, an end-to-end IDS framework is proposed for efficient and accurate detection of intrusions.
ISSN:2327-4697
2334-329X
DOI:10.1109/TNSE.2021.3099371