Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
Towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system
Thesis (MA)--Stellenbosch University, 2024.
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | en_ZA |
| Published: |
Stellenbosch : Stellenbosch University
2024
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613988220567552 |
|---|---|
| access_status_str | Open Access |
| author | Banda, Takudzwa Vincent |
| author2 | Blaauw, Dewald |
| author_browse | Banda, Takudzwa Vincent Blaauw, Dewald |
| author_facet | Blaauw, Dewald Banda, Takudzwa Vincent |
| author_sort | Banda, Takudzwa Vincent |
| collection | Thesis |
| dc_rights_str_mv | Stellenbosch University |
| description | Thesis (MA)--Stellenbosch University, 2024. |
| format | Thesis |
| id | oai:scholar.sun.ac.za:10019.1/130615 |
| institution | Stellenbosch University (South Africa) |
| language | en_ZA |
| last_indexed | 2026-06-10T12:44:52.743Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from SUNScholar — Stellenbosch University Repository |
| publishDate | 2024 |
| publishDateRange | 2024 |
| publishDateSort | 2024 |
| publisher | Stellenbosch : Stellenbosch University |
| publisherStr | Stellenbosch : Stellenbosch University |
| record_format | dspace |
| source_str | SUNScholar — Stellenbosch University Repository |
| spelling | oai:scholar.sun.ac.za:10019.1/130615 Towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system Banda, Takudzwa Vincent Blaauw, Dewald Watson, Bruce Stellenbosch University. Faculty of Arts and Social Sciences. Dept. of Information Science. Cyberinfrastructure -- Security measures Cyberterrorism -- Prevention Cyberinfrastructure -- Prevention Smart power grids -- Security measures UCTD Thesis (MA)--Stellenbosch University, 2024. ENGLISH SUMMARY: Critical infrastructure cyberattacks have become a significant threat to national security worldwide. Adversaries exploit vulnerabilities in communication networks, technologies, and protocols of smart grid SCADA networks to gain access and control of power grids, causing blackouts. Despite the need to safeguard the reliable and stable operation of the grid against cyberattacks, simultaneously detecting and preventing attacks presents a significant challenge. To address this, a Kali Linux machine was connected to a smart grid SCADA network simulated in GNS3 to perform common cyberattacks. Wireshark was then deployed to capture network traffic for machine learning. Aiming to improve the detection and prevention of cyberattacks the study proposed a dual-tasked ensemble supervised machine learning model, a combination of Multi-Layer Perceptron Neural Network (MLPNN) and Extreme Gradient Boosting (XGBoost), that had an average accuracy of 99.60% and detection rate of 99.48%. The first task of the model distinguishes between normal state and cyberattack modes of operation. The second task prevents suspicious packets from reaching the network destination devices. Leveraging the PowerShell command-line tool, to success the model dynamically applies packet filtering firewall rules based on its predictions. Therefore, the proposed model is both an Intrusion Detection System (IDS) and Intrusion Prevention System (IPS). The model was tested on new data, producing an accuracy of 99.19% and detection rate of 98.95%. Furthermore, the model's performance was compared to existing proposed cyber-attack detection models and consistently outperforms these proposed models on most datasets, demonstrating its superiority in terms of precision, accuracy, and recall/detection rate. Thus, the proposed model, with its function as a firewall, enhances the overall security capabilities of the smart grid SCADA networks and significantly mitigates potential cyberattacks. AFRIKAANSE OPSOMMING: Kritieke Infrastruktuur kuberaanvalle het wereldwyd 'n beduidende bedreiging vir nasionale veiligheid geword. Teenstanders ontgin kwesbaarhede in kommunikasienetwerke, tegnologiee en protokolle van slimnetwerk-SCADA-netwerke om toegang en beheer van kragnetwerke te verkry, wat onderbrekings veroorsaak. Ten spyte van die behoefte om die betroubare en stabiele werking van die netwerk teen kuberaanvalle te beskerm, bied die opsporing en voorkoming van aanvalle terselfdertyd 'n groot uitdaging. Om dit aan te spreek, is 'n Kali Linux-masjien gekoppel aan 'n slimnetwerk SCADA-netwerk wat in GNS3 gesimuleer is om algemene kuberaanvalle uit te voer. Wireshark is toe ontplooi om netwerkverkeer vir masjienleer vas te le. Met die doel om die opsporing en voorkoming van kuberaanvalle te verbeter, het die studie 'n tweetalige proses onder toesig masjienleermodel voorgestel, 'n kombinasie van Multi-Layer Perceptron Neurale Netwerk (MLPNN) en Extreme Gradient Boosting (XGBoost), wat 'n gemiddelde akkuraatheid van 99.60% gehad het ‘n en opsporingsyfer van 99.48%. Die eerste taak van die model onderskei tussen normale toestande en kuberaanval werkswyses. Die tweede taak verhoed dat verdagte pakkies die netwerkbestemmingstoestelle bereik. Deur gebruik te maak van die PowerShell-opdragreelnutsding om sukses te behaal, pas die model pakkie-filtrerende vuurmuur reels dinamies toe op grond van sy voorspellings. Die voorgestelde model is beide 'n Intrusion Detection System (IDS) en Intrusion Prevention System (IPS). Die model is op nuwe data getoets, wat 'n akkuraatheid van 99.19% en opsporingsyfer van 98.95% gelewer het. Verder is die model se werkverrigting vergelyk met bestaande voorgestelde kuberaanval-opsporingsmodelle en presteer konsekwent beter as hierdie voorgestelde modelle op die meeste datastelle, wat die superioriteit daarvan demonstreer in terme van akkuraatheid, akkuraatheid en herroep/opsporingstempo. Die voorgestelde model, met sy funksie as 'n brandmuur, verbeter die algehele sekuriteitsvermoens van die slimnetwerk SCADA-netwerke en versag potensiele kuberaanvalle aansienlik. Masters 2024-01-30T16:43:08Z 2024-04-27T00:03:37Z 2024-01-30T16:43:08Z 2024-04-27T00:03:37Z 2024-03 Thesis https://scholar.sun.ac.za/handle/10019.1/130615 en_ZA Stellenbosch University xix, 171 pages : illustrations, includes annexures application/pdf Stellenbosch : Stellenbosch University |
| spellingShingle | Cyberinfrastructure -- Security measures Cyberterrorism -- Prevention Cyberinfrastructure -- Prevention Smart power grids -- Security measures UCTD Banda, Takudzwa Vincent Towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system |
| title | Towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system |
| title_full | Towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system |
| title_fullStr | Towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system |
| title_full_unstemmed | Towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system |
| title_short | Towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system |
| title_sort | towards a supervised machine learning algorithm for cyberattacks detection and prevention in a smart grid cybersecurity system |
| topic | Cyberinfrastructure -- Security measures Cyberterrorism -- Prevention Cyberinfrastructure -- Prevention Smart power grids -- Security measures UCTD |
| url | https://scholar.sun.ac.za/handle/10019.1/130615 |
| work_keys_str_mv | AT bandatakudzwavincent towardsasupervisedmachinelearningalgorithmforcyberattacksdetectionandpreventioninasmartgridcybersecuritysystem |