Attack type | Objective | Data driven techniques | Advantages | Disadvantages |
---|---|---|---|---|
Network Integrity and Confidentiality Violation [218] | Intrusion detection | Fuzzy Logic (FL), DAL (Domain-Adversarial Learning) game theory, RL, Data loss prevention, Distributed Network Protocol 3, Public Key Infrastructure (PKI), Transport Layer Security, Secure Sockets Layer | Rarity of sample data and shift of data distribution are handled for properly detecting attacks | Performance falls when transfer is not needed |
Malicious attack on voltage stability [219] | Diagnosis | ANN | Ability to process data parallel with high tolerance towards faults | Lower process time often fails to give optimum results |
CCDA (Covert cyber deception assault) [220] | Diagnosis | SVM, Isolation Forest | Handles nonlinear data efficiently using SVM technique | Needs large memory with lengthy training time |
Theft of Electricity [221] | Detection | CNN, Random Forest | Unique features in training data samples are found in an automated process | A large number of data samples are required to complete analysis |
Cyber Attack [222] | Identification | KNN, SVM, SDAE, RL, ANN | It is possible to seamlessly add datasets with existing datasets | Unable to handle larger datasets and sensitive to noisy datasets |
Survey on traffic, SSS-IP (Social Engineering canning), Scanning of modbus network [223] | Privacy Conformity, Verification, Encryption | Distributed Network Protocol 3 (DNP3), Public Key Infrastructure (PKI), Transport Layer Security, Secure Sockets Layer, Security information and event management | Multiple modes of operation can be used in a flexible environment | Unable to work with high bandwidth signals |
Trojan horse, Virus [224] | Intrusion Detection | Security information and event management, Data loss prevention, AV(Anti-Virus) | Cost is minimal | Noise can drastically reduce system efficiency |
DoS (Denial of Service) of AMI [224] | Intrusion Detection, Calculation of Collapsed Transmission, Calculation of Time, Checking strength of Signal | Security information and event management | Ease of deployment | Poor noise-handling capability |
Channel Jamming of PMU, HMI Popping in EMS substation and SCADA [224] | Intrusion Detection, Privacy Conformity | AJ (Anti-Jamming), Security information and event management, Data loss prevention, AV(Anti-Virus), | Cost is minimal | Noise can drastically reduce system efficiency |
Attack of Masquerade on PLC [225] | Intrusion Detection, Verification, Encryption | Security information and event management, Data loss prevention, Distributed Network Protocol 3, Public Key Infrastructure (PKI), Transport Layer Security, Secure Sockets Layer | Effortless setup | Ineffective noise management skills |
Intrusion Detection | Security information and event management, AV(Anti-Virus) | Ease of deployment | Poor noise-handling capability | |
Distributed denial of service (DDoS) attack [227] | Identification and defense | Random forest (RF) and Naive Bayes (NB) | Divides the security measures in three different levels for better threat aversion | Self-awareness of smart grids is hampered for huge networks of grid infrastructures |
False data injection (FDI) attacks [227] | Anomaly Detection | Unsupervised, Semi-supervised and Supervised ML Approach | Divides the security measures in three different levels for better threat aversion | Self-awareness of smart grids is hampered for huge networks of grid infrastructures |
Hidden Cyber Attack [228] | Detection | Dynamic Bayesian network (DBN) | Efficiently uses hidden layer for robust classification | Unable to deal with cyber threats that are evolving dynamically |