Resumo

LEAL PIEDRAHITA, Erwin Alexander. Hierarchical Clustering for Detecting Anomalous Traffic Conditions in Power Substations. Cienc. Ing. Neogranad. [online]. 2020, vol.30, n.1, pp.75-88.  Epub 16-Ago-2020. ISSN 0124-8170.  https://doi.org/10.18359/rcin.4236.

The IEC 61850 standard has contributed significantly to substation management and automation by incorporating the advantages of communications networks into the operation of power substations. However, this modernization process also involves new challenges in other areas. For example, in the field of security, several academic works have shown that the same attacks used in computer networks (DoS, sniffing, tampering, spoofing, among others) can also compromise the operation of a substation. This article evaluates the applicability of hierarchical clustering algorithms and statistical type descriptors (averages) to the identification of anomalous traffic patterns in communication networks for IEC 61850 power substations. The results obtained show that using a hierarchical algorithm with the Euclidean distance proximity criterion and simple link grouping method, a correct classification is achieved in the following operation scenarios: 1) normal traffic, 2) IED disconnection, 3) network discovery attack, 4) DoS attack, 5) IED spoofing attack, and 6) failure of the high voltage line. In addition, the descriptors used for classification proved equally effective with other unsupervised clustering techniques such as K-means (partitional-type clustering) or LAMDA (diffuse-type clustering).

Palavras-chave : Clustering; Hierarchical; IEC 61850; power substation; traffic detection; unsupervised learning.

        · resumo em Espanhol     · texto em Inglês     · Inglês ( pdf )