Skip to main content
SpringerLink
Log in

Terminal Access Data Anomaly Detection Based on Random Forest for Power User Electric Energy Data Acquisition System

  • Conference paper
  • First Online:
Advanced Information Networking and Applications (AINA 2019)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 926))

Abstract

There are several drawbacks in rule-based traditional terminal access data anomaly detection methods for power user electric energy data acquisition system. They are easy to be bypassed, and the false positive rate and false negative rate are often very high. To address these problems, we propose a terminal access data anomaly detection model based on random forest focusing on the communication protocol, namely 376.1 master station communication protocol. Firstly, through analyzing the characteristics of the 376.1 master station communication protocol, we construct an expressive multidimensional feature set. Then we choose random forest to detect abnormal access data. The experimental result shows that the detection model outperforms its counterparts. Our work also provides a new idea for terminal access data anomaly detection.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    BCD code is the abbreviation of Binary-Coded Decimal.

  2. 2.

    AFN code is the application layer function code in the frame format. More detailed information can be found in [11].

  3. 3.

    Fn is the information class identification code in 376.1 protocol. More detailed information can be found in [11].

References

  1. Ma, J., Dai, G., Xu, Z.: Network anomaly detection using dissimilarity-based one-class SVM classifier. In: International Conference on Parallel Processing Workshops, pp. 409–414. IEEE (2009)

    Google Scholar 

  2. Bicego, M., Figueiredo, M.A.T.: Soft clustering using weighted one-class support vector machines. Pattern Recogn. 42(1), 27–32 (2009)

    Article  Google Scholar 

  3. Celebi, M.E., Kingravi, H.A., Vela, P.A.: A comparative study of efficient initialization methods for the k-means clustering algorithm. Expert Syst. Appl. 40(1), 200–210 (2013)

    Article  Google Scholar 

  4. Han, Z.: An adaptive K-means Initialization method based on data density. Comput. Appl. Softw. 2, 182–187 (2014)

    Google Scholar 

  5. Zuo, J., Chen, Z.: Anomaly detection algorithm based on improved K-means clustering. Comput. Sci. 43(8), 258–261 (2016)

    MathSciNet  Google Scholar 

  6. Ye, X., Lan, J., Guo, T.: Network anomaly detection method based on principle component analysis and tabu search and decision tree classification. J. Comput. Appl. 33(10), 2846–2850 (2013)

    Google Scholar 

  7. Zhou, Y., Hu, G.: Network-wide anomaly detection based on muter connection relationships. IEICE Trans. Commun. E94B(8), 2239–2242 (2011)

    Article  Google Scholar 

  8. Chen, J., Zhang, M., Liu, X., Fan, T.: Distributed intrusion detection model based on artificial immune. J. Comput. Appl. (1), 86–89 + 94 (2014)

    Google Scholar 

  9. Kruegel, C., Mutz, D., Robertson, W., Valeur, F.: Bayesian event classification for intrusion detection. In: Proceedings of the 19th Annual Computer Security Applications Conference, p. 12 (2003)

    Google Scholar 

  10. Mukkamala, S., Janoski, G., Sung, A.: Intrusion detection using neural networks and support vector machines. In: Proceedings of the 2002 International Joint Conference on Neural Networks, IJCNN 2002, p. 5 (2002)

    Google Scholar 

  11. Liu, K., Liao, X.: Design and implementation of Q/GDW 376. 1 protocol and DL/T 645 protocol conversion. Adv. Technol. Electr. Eng. Energy 32(2), 72–75 (2013)

    Google Scholar 

  12. Liaw, A., Wiener, M.: Classification and regression by random forest. R News 2, 18–22 (2002)

    Google Scholar 

  13. Natekin, A., Knoll, A.: Gradient boosting machines, a tutorial. Front. Neurorobotics 7, 21 (2013)

    Article  Google Scholar 

Download references

Acknowledgments

This work was supported by Research and Application of Key Technologies for Unified Data Collection of Multi-meter (JL71-17-007) and National Natural Science Foundation of China (No. U1536122).

Author information

Authors and Affiliations

  1. China Electric Power Research Institute, Beijing, 100192, China

    Xiaobing Liang & Bing Zhao

  2. School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing, China

    Qian Ma, Bang Sun & Baojiang Cui

  3. National Engineering Laboratory for Mobile Network Security, Beijing, China

    Qian Ma, Bang Sun & Baojiang Cui

Authors
  1. Xiaobing Liang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bing Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qian Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bang Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Baojiang Cui
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qian Ma .

Editor information

Editors and Affiliations

  1. Department of Information and Communication Engineering, Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

  2. Department of Advanced Sciences, Hosei University, Koganei-Shi, Tokyo, Japan

    Makoto Takizawa

  3. Department of Computer Science, Technical University of Catalonia, Barcelona, Barcelona, Spain

    Fatos Xhafa

  4. Faculty of Business Administration, Rissho University, Tokyo, Japan

    Tomoya Enokido

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Liang, X., Zhao, B., Ma, Q., Sun, B., Cui, B. (2020). Terminal Access Data Anomaly Detection Based on Random Forest for Power User Electric Energy Data Acquisition System. In: Barolli, L., Takizawa, M., Xhafa, F., Enokido, T. (eds) Advanced Information Networking and Applications. AINA 2019. Advances in Intelligent Systems and Computing, vol 926. Springer, Cham. https://doi.org/10.1007/978-3-030-15032-7_14

Download citation

Publish with us

Policies and ethics

Search

Navigation