چكيده به لاتين
Today, traditional power supply systems fail to meet users’ needs and often have shortcomings, including in cybersecurity. These systems are harmful to the environment and increase carbon emissions. Therefore, with advancements in various fields, including electrical engineering and computer science, smart grid networks have been introduced to meet users’ diverse needs, creating a two-way communication between distributor and consumer. With the technological shift towards smart grids, the cybersecurity of power supply systems has also improved to some extent, increasing consumer trust in the power supply system. Additionally, more diverse and advanced solutions for defense against attacks have been introduced. However, the introduction of a pioneering technology has also brought a new level of cybersecurity concerns, and these networks, like all other networks, face potential threats and have various vulnerabilities. Ensuring the security of smart grids is a critical issue because it is directly and closely related to human life and well-being. Therefore, addressing this issue is of utmost importance. The architecture of the smart grid is one area where improving it can solve many security issues, and for this purpose, software-defined network (SDN) architecture has been used in this system’s structure. One of the most dangerous incidents in a smart grid network is the lack of access and service interruption, which can be caused by denial-of-service (DoS) attacks, primarily distributed denial-of-service (DDoS) attacks. Identifying these attacks is a crucial first step in defending against them in smart grid networks. There are various methods for detecting these attacks, each with its specific structure. The detection method used in this thesis is the unsupervised machine learning method K-means. Machine learning methods are widely used today in many scientific fields due to their scalability and autonomous decision-making capabilities. In this thesis, using the K-means algorithm, we identified DDoS attacks in the smart grid network with software-defined network architecture, which includes five different scenarios with various types of traffic and attacks. The achievement of this thesis is the identification of most attacks with a highly acceptable detection rate. Additionally, new implementations and scenarios have been introduced, in which high detection accuracy has also been achieved using the mentioned method. In attacks such as SYN Flood, ICMP Flood, and Socket Stress attacks, we achieved detection rates of 100%, 100%, and 88.21%, respectively. In a new scenario that includes all attacks, an acceptable detection rate of 88.00% was achieved.
