Ensemble Feature Learning-Based Event Classification for Cyber-Physical Security of the Smart Grid

The power grids are transforming into the cyber-physical smart grid with increasing two-way communications and abundant data flows. Despite the efficiency and reliability promised by this transformation, the growing threats and incidences of cyber attacks targeting the physical power systems have exposed severe vulnerabilities. To tackle such vulnerabilities, intrusion detection systems (IDS) are proposed to monitor threats for the cyber-physical security of electrical power and energy systems in the smart grid with increasing machine-to-machine communication. However, the multi-sourced, correlated, and often noise-contained data, which record various concurring cyber and physical events, are posing significant challenges to the accurate distinction by IDS among events of inadvertent and malignant natures. Hence, in this research, an ensemble learning-based feature learning and classification for cyber-physical smart grid are designed and implemented. The contribution of this research are (i) the design, implementation and evaluation of an ensemble learning-based attack classifier using extreme gradient boosting (XGBoost) to effectively detect and identify attack threats from the heterogeneous cyber-physical information in the smart grid; (ii) the design, implementation and evaluation of stacked denoising autoencoder (SDAE) to extract highlyrepresentative feature space that allow reconstruction of a noise-free input from noise-corrupted perturbations; (iii) the design, implementation and evaluation of a novel ensemble learning-based feature extractors that combine multiple autoencoder (AE) feature extractors and random forest base classifiers, so as to enable accurate reconstruction of each feature and reliable classification against malicious events. The simulation results validate the usefulness of ensemble learning approach in detecting malicious events in the cyber-physical smart grid

Protection of data privacy based on artificial intelligence in Cyber-Physical Systems

With the rapid evolution of cyber attack techniques, the security and privacy of Cyber-Physical Systems (CPSs) have become key challenges. CPS environments have several properties that make them unique in efforts to appropriately secure them when compared with the processes, techniques and processes that have evolved for traditional IT networks and platforms. CPS ecosystems are comprised of heterogeneous systems, each with long lifespans. They use multitudes of operating systems and communication protocols and are often designed without security as a consideration. From a privacy perspective, there are also additional challenges. It is hard to capture and filter the heterogeneous data sources of CPSs, especially power systems, as their data should include network traffic and the sensing data of sensors. Protecting such data during the stages of collection, analysis and publication still open the possibility of new cyber threats disrupting the operational loops of power systems. Moreover, while protecting the original data of CPSs, identifying cyberattacks requires intrusion detection that produces high false alarm rates. This thesis significantly contributes to the protection of heterogeneous data sources, along with the high performance of discovering cyber-attacks in CPSs, especially smart power networks (i.e., power systems and their networks). For achieving high data privacy, innovative privacy-preserving techniques based on Artificial Intelligence (AI) are proposed to protect the original and sensitive data generated by CPSs and their networks. For cyber-attack discovery, meanwhile applying privacy-preserving techniques, new anomaly detection algorithms are developed to ensure high performances in terms of data utility and accuracy detection. The first main contribution of this dissertation is the development of a privacy preservation intrusion detection methodology that uses the correlation coefficient, independent component analysis, and Expectation Maximisation (EM) clustering algorithms to select significant data portions and discover cyber attacks against power networks. Before and after applying this technique, machine learning algorithms are used to assess their capabilities to classify normal and suspicious vectors. The second core contribution of this work is the design of a new privacy-preserving anomaly detection technique protecting the confidential information of CPSs and discovering malicious observations. Firstly, a data pre-processing technique filters and transforms data into a new format that accomplishes the aim of preserving privacy. Secondly, an anomaly detection technique using a Gaussian mixture model which fits selected features, and a Kalman filter technique that accurately computes the posterior probabilities of legitimate and anomalous events are employed. The third significant contribution of this thesis is developing a novel privacy-preserving framework for achieving the privacy and security criteria of smart power networks. In the first module, a two-level privacy module is developed, including an enhanced proof of work technique-based blockchain for accomplishing data integrity and a variational autoencoder approach for changing the data to an encoded data format to prevent inference attacks. In the second module, a long short-term memory deep learning algorithm is employed in anomaly detection to train and validate the outputs from the two-level privacy modules

Attack Prevention in IoT through Hybrid Optimization Mechanism and Deep Learning Framework

The Internet of Things (IoT) connects schemes, programs, data management, and operations, and as they continuously assist in the corporation, they may be a fresh entryway for cyber-attacks. Presently, illegal downloading and virus attacks pose significant threats to IoT security. These risks may acquire confidential material, causing reputational and financial harm. In this paper hybrid optimization mechanism and deep learning,a frame is used to detect the attack prevention in IoT. To develop a cybersecurity warning system in a huge data set, the cybersecurity warning systems index system is first constructed, then the index factors are picked and measured, and finally, the situation evaluation is done.Numerous bio-inspired techniques were used to enhance the productivity of an IDS by lowering the data dimensionality and deleting unnecessary and noisy input. The Grey Wolf Optimization algorithm (GWO) is a developed bio-inspired algorithm that improves the efficacy of the IDS in detecting both regular and abnormal congestion in the network. The smart initialization step integrates the different pre-processing strategies to make sure that informative features are incorporated in the early development stages, has been improved. Researchers pick multi-source material in a big data environment for the identification and verification of index components and present a parallel reduction approach based on the classification significance matrix to decrease data underlying data characteristics. For the simulation of this situation, grey wolf optimization and whale optimization were combined to detect the attack prevention and the deep learning approach was presented. Utilizing system software plagiarism, the TensorFlow deep neural network is intended to classify stolen software. To reduce the noise from the signal and to zoom the significance of each word in the perspective of open-source plagiarism, the tokenization and weighting feature approaches are utilized. Malware specimens have been collected from the Mailing database for testing purposes. The experimental findings show that the suggested technique for measuring cyber security hazards in IoT has superior classification results to existing methods. Hence to detect the attack prevention in IoT process Whale with Grey wolf optimization (WGWO) and deep convolution network is used

Where the bee sucks : a dynamic Bayesian network approach to decision support for pollinator abundance strategies

For policymakers wishing to make evidence-based decisions, one of the challenges is how to combine the relevant information and evidence in a coherent and defensible manner in order to formulate and evaluate candidate policies. Policymakers often need to rely on experts with disparate fields of expertise when making policy choices in complex, multi-faceted, dynamic environments such as those dealing with ecosystem services. The pressures affecting the survival and pollination capabilities of honey bees (Apis mellifera), wild bees, and other pollinators is well documented, but incomplete. In order to estimate the potential effectiveness of various candidate policies to support pollination services, there is an urgent need to quantify the effect of various combinations of variables on the pollination ecosystem service, utilising available information, models and expert judgement. In this paper, we present a new application of the integrating decision support system methodology, using dynamic Bayesian networks, for combining inputs from multiple panels of experts to evaluate policies to support an abundant pollinator population

A Model for Auditing Smart Intrusion Detection Systems (IDSs) and Log Analyzers in Cyber Physical Systems (CPSs)

Suitable models that auditors can adopt to concurrently audit smart Intrusion Detection Systems (IDSs) and log analyzers in Cyber Physical Systems (CPSs) that are also founded on sound empirical claims are scarce. Recently, post-intrusion studies on the resilience of the above mechanisms and prevalence of intrusions in the above domains have shown that certain intrusions that can reduce the performance of smart IDSs can equally overwhelm log analyzers such that both mechanisms can gradually dwindle and suddenly stop working. Studies have also shown that several components of Cyber Physical Systems have unusual vulnerabilities. These key issues often increase cyber threats on data security and privacy of resources that many users can receive over Internet of a Thing (IoT). Dreadful intrusions on physical and computational components of Cyber Physical Systems can cause systemic reduction in global economy, quality of digital services and continue usage of smart toolkits that should support risk assessments and identification of strategies of intruders. Unfortunately, pragmatic studies on how to reduce the above problems are grossly inadequate. This chapter uses alerts from Snort and C++ programming language to practically explore the above issues and further proposes a feasible model for operators and researchers to lessen the above problems. Evaluation with real and synthetic datasets demonstrates that the capabilities and resilience of smart Intrusion Detection Systems (IDSs) to safeguard Cyber Physical Systems (CPSs) can be improved given a framework to facilitate audit of smart IDSs and log analyzers in Cyberspaces and knowledge of the variability in the lengths and components of alerts warned by Smart Intrusion Detection Systems (IDSs)