Electrical Grid Cybersecurity: An Anomaly Detection Approach to Examine Abnormal Behaviour and Potential Security Intrusions
- Nowadays, many time series are generated by various types of critical infrastructure such as electrical power grids, thermal plants, public water utilities, etc.
- This project attempts to address the procedures and findings in exploration of available data from electricity consumption of households in the U.S. and the implementation of anomaly detection techniques to determine point and contextual anomalies in five sets of unseen data.
- Point anomalies are detected by applying the so-called moving average method.
- Contextual anomalies are determined by trained hidden Markov models (HMMs) and comparison of log-likelihoods to determine anomalous behaviour.
- For feature selection, a subset of dependent electrical variables is selected based on correlation coefficients and performing a Principal Component Analysis (PCA) on the provided training data set.
- The analysis and methodologies for the feature engineering, HMM training and testing as well as anomaly detection is addressed in detail within the report.