Intrusion Detection Method Based on SMOTE Transformation for Smart Grid Cybersecurity

Abstract

Real-Time Intrusion Detection Systems (IDSs) have attracted greater attention for secured and resilient smart grid operations. IDSs are employed to identify unknown cyberattacks and malware from network traffics. In this paper, an efficient model-based machine learning is proposed to detect a variety of cyberattacks. The proposed method enhanced Extremely randomized Trees (ET) classifier based on Synthetic Minority Oversampling Technique (SMOTE) accurately classifies imbalanced IDSs data. The proposed ET-SMOTE uses a virtue of data processing blocks to enable multi-layer network cyber-security assessment in smart grids by acquiring the essential knowledge of attack dynamics. The proposed computing framework provides an accurate multiclass classification of five network traffic categories: denial of service attacks, probing attacks, root to local attacks, user to root attacks, and normal. The experimental results demonstrate the high accuracy of the proposed ET-SMOTE algorithm in detecting various types of cyber threats compared to benchmark models with an accuracy of 99.79% using the NSL-KDD networks data set.