DDoS Attack Dataset

Advanced Metering Infrastructure in smart grid is prone to many cyber threats of which distributed denial of service attack is one of the prominent attacks that threaten availability of service. Hence, the proposal aims to implement anomaly based embedded intrusion detection scheme using novel machine learning algorithm. The real time advanced metering infrastructure is set up using lamp loads, smart meter, data concentrator and cloud server. Initially, normal traffic pattern is captured using wireshark. Then, nodes are compromised using Hydra and TCP SYN flood is attempted using HPing and the malicious behavior of node is sniffed using wireshark. The packets correspond to normal and malicious behavior are fed to logistic regression, k-nearest neighbors, support vector machine, naive bayes, decision tree and random forest classifier and their performance indices namely accuracy, precision, recall, F1-score, sensitivity, specificity and false positive rate are compared to identify suitable classifier. Further, the accuracy of chosen random forest is optimized using gradient boost, adaboost and extreme gradient boost and it is observed that extreme gradient boost performs better. Furthermore, hyper parameter tuning is attempted to optimize the hybrid model. Then, hybrid optimal model is converted to joblib format and the so obtained pre-trained model is validated using raspberry pi. The proposed embedded intrusion detection system proves to be standalone intrusion detection system.