NORMA eResearch @NCI Library

A Hybrid IDS using Machine Learning and Semantic Rules for Modern Power Systems to Detect Cyber-Attacks

Patel, Harsh Dharmendra (2023) A Hybrid IDS using Machine Learning and Semantic Rules for Modern Power Systems to Detect Cyber-Attacks. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
PDF (Master of Science)
Download (641kB) | Preview
[thumbnail of Configuration manual]
PDF (Configuration manual)
Download (1MB) | Preview


The evolution of power systems into modern power systems or smart grids has provided a huge benefit. Smart grids have made the working and operation of the power grids more efficient but a major problem that accompanies this shift is the unavoidable threat of cyber-attacks as the smart grids are connected to networks and like all networks, these are exposed to cyber-attacks. So, it is important to create a system that can detect cyber-attacks on smart power grid networks. In the approach proposed here intrusions or attacks in the smart power grid systems will be detected using machine learning algorithms and a second method which uses semantic rules for Intrusion detection system (IDS) to detect cyberattacks. The machine learning algorithms like Random Forest (RF), Decision Tree (DT) and Artificial Neural Networks (ANN) will be used for detecting intrusions in networks and semantic rule-based intrusion detection system (IDS) based on Snort tool will be used to detect network intrusions. A Snort tool is used hers as it can be used to setup rules for detecting any malicious activities in the network. The machine learning classifiers will be trained using the data in the NSL-KDD and Edge IIoT dataset. The important features from the dataset will be used for training the machine learning algorithms and these important features will be selected using the analysis of variance (ANOVA) feature selection technique. The performance of the machine learning classifiers will be evaluated by computing the accuracy and the performance of the Snort will be evaluated by generating attacks on the computing device in which the Snort is installed. The machine learning algorithm with the best accuracy is used for creating a desktop application which is able to detect network intrusions based on the network features given as input. Two desktop applications will be created based on both datasets. It was observed from the results of this approach that the intrusions in smart power grid networks is effectively detected by both the machine learning classifiers and Snort.

Item Type: Thesis (Masters)
Salahuddin, Jawad
Uncontrolled Keywords: Intrusion Detection System; Machine Learning; Snort; Power Systems; Cyber-attacks
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
T Technology > TK Electrical engineering. Electronics. Nuclear engineering > Electricity Supply
Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 04 May 2023 15:48
Last Modified: 04 May 2023 15:48

Actions (login required)

View Item View Item