Toward Resilient Smart Grid Communications Using Distributed SDN with ML-Based Anomaly Detection
Next generation “Smart” systems, including cyber-physical systems like smart grid and Internet-of-Things, integrate control, communication and computation to achieve stability, efficiency and robustness of physical processes. While a great amount of research has gone towards building these systems, security in the form of resilient and fault-tolerant communications for smart grid systems is still immature. In this paper, we propose a hybrid, distributed and decentralized (HDD) SDN architecture for resilient Smart Systems. It provides a redundant controller design for fault-tolerance and fail-over operation, as well as parallel execution of multiple anomaly detection algorithms. Using the k-means clustering algorithm from the machine learning literature, it is shown that k-means can be used to produce a high accuracy (96.9%) of identifying anomalies within normal traffic. Furthermore, incremental k-means produces a slightly lower accuracy (95.6%) but demonstrated an increased speed with respect to k-means and fewer CPU and memory resources needed, indicating a possibility for scaling the system to much larger networks.
KeywordsSoftware defined networks Anomaly detection Machine learning Security Resilience
The authors would like to thank the Harris Corporation Excellence in Research program for providing funding for this research.
- 1.Monsanto, C., Reich, J., Foster, N., Rexford, J., Walker, D.: Composing software defined networks. In: The 10th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2013), pp. 1–13. IEEE (2013)Google Scholar
- 2.Lin, H., Chen, C., Wang, J., Qi, J., Jin, D.: Self-healing attack-resilient PMU network for power system operation. IEEE Trans. Smart Grid 1 (2016)Google Scholar
- 5.Nkosi, M., Lysko, A., Ravhuanzwo, L., Nandeni, T., Engelberencht, A.: Classification of SDN distributed controller approaches: a brief overview. In: 2016 International Conference on Advances in Computing and Communication Engineering (ICACCE), ICACCE, pp. 342–344 (2016)Google Scholar
- 6.ONOS-Open Network Operating System, March 2018. https://wiki.onosproject.org/. Accessed 4 Mar 2018
- 7.Muqaddas, A., Giaccone, P., Bianco, A., Maier, G.: Inter-controller traffic to support consistency in ONOS clusters. IEEE Trans. Netw. Serv. Manag. 14(11), 126–133 (2017)Google Scholar
- 8.Kopeikin, A., Ponda, S.S., Johnson, L.B., How, J.P.: Multi-UAV network control through dynamic task allocation: ensuring data-rate and bit-error-rate support. In: 2012 IEEE Globecom Workshops, pp. 1579–1584. IEEE (2012)Google Scholar
- 9.Limthong, K.: Real-time computer network anomaly detection using machine learning techniques. J. Adv. Comput. Netw. 1(1), 126–133 (2013)Google Scholar
- 14.KDD Cup 1999 Data, March 1999. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html. Accessed 4 Mar 2018