Intrusion Detection in SCADA Based Power Grids: Recursive Feature Elimination Model With Majority Vote Ensemble Algorithm

We propose an integrated framework for an intrusion detection system for SCADA (Supervisory Control and Data Acquisition)-based power grids. Our scheme combines RFE-XGBoost (Recursive Feature Elimination-eXtreme Gradient Boosting) based feature selection with a majority vote ensemble method. RFE selects features recursively based on Weighted Feature Importance (WFI) scores during the training process, while the majority vote ensemble method predicts the output label based on a total of nine heterogeneous classifiers - three bagging ensembles, namely, Random Forest (RF), Extra Tree (ET), and Decision Tree (DT), three boosting ensembles, namely, XGBoost (XGB), Gradient Boosting (GB), and AdaBoost-Decision Tree (AdB-DT) along with artificial neural network (ANN), Naive Bayes (NB), and k-nearest neighbors (KNN). This leads to a more accurate solution as a result of the combination of the most useful features and prediction from multiple heterogeneous classifiers. Experimental results show that our approach increases the accuracy, precision, recall, F1 score, and decreases the miss rate as compared to previous approaches. The model is also evaluated for four different class categories, namely binary, three-class, seven class and multi-class, using Precision Recall (PR) and Receiver Operating Characteristic (ROC) plot. In addition, an end-to-end IDS framework is proposed for efficient and accurate detection of intrusions.

Automated summary

An integrated framework for intrusion detection system for SCADA-based power grids is proposed, combining feature selection with a majority vote ensemble method. The approach selects features recursively based on Weighted Feature Importance scores and predicts output label using a total of nine heterogeneous classifiers, leading to improved accuracy and performance metrics.