GridSense-ADS: An Industrial IoT Approach for Real-time Anomaly Detection in Power Grid Systems

Proceedingsof Science&EngineeringResearchBoard (SERB)Sponsored

NationalConference on MachineLearningInHealthcareApplications (MLHA-2024)

PublishedBy:

GuruNanakInstituteofTechnology

AnEducationalInitiativeofJISGroup

AnAutonomousInstituteAffiliatedbyMAKAUT

Copyright@2024byGNIT.Allrightsreserved.Nopart ofthispublicationmaybereproducedstoredina retrievalsystem,ortransmitted,inanyformorbyany means,electronic,mechanical,photocopying,recording, orotherwise,withoutthepriorwrittenpermissionofthe publisher.

ISBNNumber:978-93-340-3095-2

GridSense-ADS:AnIndustrialIoTApproachfor Real-timeAnomalyDetectioninPowerGrid Systems

RajdeepDas

Dept. of Computer Science & Business Systems Institute of Engineering and Management Kolkata,India rajdeep.das.public@gmail.com

DebrupMitra Dept. of Computer Science & Business Systems Institute of Engineering and Management Kolkata,India 30debrup@gmail.com

Abstract—The constant evolution of power grid systems presents an ever-evolving risk of such incidents leading to significant negative consequences. The proactive strategies to dealwiththoseissuesbecomeanurgentissue.Tothecontrary, GridSense-ADS turns out to be an anomaly detection system dedicated to power grid infrastructures defend against the many unseen threats.This system represents a technological advancementthroughintegratingthenoveltyofearlydetection and reduction, and it unifies cutting-edge technology features with IoT implementation in the industry.At its very core, GridSense-ADS thrives on the synergy between the technological power of sensors and the cloud computing capabilities to play a thriving symphony of real-time data collection and analysis.Through the combination of a DHT11 sensor coupled with ESP8266 microcontroller, the system sharesthehumiditydatathathasbeencarefullyselectedfrom the power grid environment.A MQTT broker, for instance, can be used to relay the data swiftly by leveraging the unparalleledscalabilityandresilienceofferedbytheAWSEC2 cloud,allowingforthebuildingblocksofananomalydetection system to be consolidated.Combined with the thought of applying machine learning (ML) algorithms, the performance of GridSense-ADS is enhanced.Among all the techniques, the Isolation Forest appears to be the highest accuracy model which is able to all the patterns and discrete data with maximum precision.An additional feature of this itinerant model is the Local Outlier Factor (LOF) and One-Class Support Vector Machine (OCSVM) algorithms which, together, strengthen the analyzing capacity of the system.The Isolation Forest is a result of rigorous experimentation and validation curved from GridSense-ADS to be its core which brings a revolution of the paradigm in real-time grid grid system.AstheimportanceoftheGridSense-ADSforsustaining critical infrastructures keeps escalating, we are standing at a position that, out of the weight of the role we play, we have becomethe vanguard of the era of resilience and reliability in thepowergridmanagement.

Prof.(Dr.) IndrajitDey Dept. of Computer Science & Business Systems Institute of Engineering and Management Kolkata,India indrajit.de@iem.edu.in

Keywords— Anomaly Detection Systems (ADS),Machine Learning Models,Isolation Forest Algorithm,Industrial InternetofThings(IIoT)

I. INTRODUCTION

Instation of power grid systems accommodate GridSense-ADS which is anomaly detection system thoughtfully designed to use against power grid infrastructurewithissues.Theproblemfoundoutinthe grid system that there are disorders that caused by fluctuating moist in the air and led to adverse incidents such as electrocution and electric fire. GridSense-ADS is based on

the industrial IoT implementation whose DHT11 sensor serves as a medium for connecting to an ESP8266 microcontroller that helps to monitor humidity levels that happen to power grid environments.. This data is sent via MQTT protocol to an AWS EC2 cloud personal broking which optimizes the service of the communication and the resource involved in the process. Furthermore, ML models like Isolation Forest, LOF, and OCVSM address concerns about the disparities in moisture levels, especially the dramatic intensification. Out of the above listed ML algorithms, Isolation Forest stands out to be the most promising one that is yet to achieve the top position in detectinganomalies.Closetoaccurateanalyzationofbunchy fluctuationsincomplicateddatastreams,thealgorithmisthe star of the project as GridSense-ADS. But as we go ahead, GridSense-ADS effects on real-time Grid's Isolation Forest model are tobe implemented for actual anomalies detection to further improve the grids protection against security threats. Confronting with the dark figure of the climate change, the necessity of the intelligent anomaly detection techniques makes the impression more unavoidable. GridSense-ADS symbolizes the capability of mankind to arise, adaptandtolerate the uncertainties and become future dependableandresilientinthemidstofthechallenges.

WORK

The escalating integration of smart devices and communication technologies across various sectors, particularlywithin the realmof Industrial Internetof Things (IIoT), underscores the pressing need for robust anomaly detection systems (ADS).Asthe prevalence ofanomaliesin sensor data escalates, particularly in critical environments likemanufacturingfacilities,thetransitionfromconventional Intrusion Detection Systems (IDS) to specialized Anomaly Detection Systems becomes imperative. This section delves into existing research and methodologies within the domain of anomaly detection systems, providing valuable insights into the landscape of anomaly detection in IIoT environments.Das et al.'s paper explores the practical implementation of the MQTT protocol, emphasizing its efficacy for facilitating real-time communication in IoT ecosystems [1]. While the focus lies on communication protocols, the discussion surrounding real-time aspects resonates with the exigency for prompt anomaly detection responses within IIoT settings. Feng et al.'s research on full graphautoencodersforone-classgroupanomalydetectionin IIoT systems introduces innovative graph-based models, leveraging graph neural networks (GNNs) to differentiate

normalandabnormaldata[2].Thisalignswiththeobjectives of the GridSense-ADS project, which seeks to experiment with various machine learning models, including graphbasedones,foranomalydetectioninIIoTsensordata.Zhang, Zhu, and Tian's studyconcentrateson kernelconstruction to enhance the classification performance of OCSVM [3]. The proposed methodologies for kernel construction resonate with the GridSense-ADS project's endeavor to explore different machine learning models, including OCSVM, for humidity anomaly detection in IIoT environments. Additionally, research on attack and anomaly detection in IIoTnetworksunderscorestherelevanceofmachinelearning techniques, such as AdaBoost, for robust intrusion detection [4].ThisintersectswiththedomainofIIoTnetworksecurity, where anomaly detection plays a pivotal role in upholding theintegrityofinterconnecteddevices.Furthermore,thework onAdaptiveAnomalyDetectionforConceptDrift(ADTCD) addressesthechallengeofconceptdriftinIoTenvironments through an adaptive anomaly detection approach [5]. This aligns with the GridSense-ADS project's commitment to enhancing anomaly detection capabilities in humidity monitoring within IIoT networks, considering the potential impact of concept drifts on model accuracy. While the GridSense-ADS project primarily focuses on humidity sensor data,Das'studybroadens thediscourse toencompass diverse applications of anomaly detection within the IoT ecosystem [6].Lastly, the survey on anomaly detection for IoT time-series data offers a comprehensive overview of various methodologies, including ensemble methods and recurrentneuralnetworks[7].Thechallengesdiscussed,such as real-time processing and multivariate data handling, resonatewiththeGridSense-ADSproject'semphasisonrealtime monitoring of humidity sensor data within IIoT networks. Analyzing these related works reveals unique perspectives and methodologies, each contributing valuable insightsrelevanttothebroadercontextofanomalydetection in IIoT environments. The GridSense-ADS project, in its pursuit of real-time anomaly detection in humidity sensor data, draws inspiration and guidance from these diverse researchendeavors.

III. PROPOSED

IntermsofGridSense-ADSresearch,thedataacquisition conduction is a precise orchestration that starts from the senseless linking of the DHT11 sensor to the NodeMCU ESP8266 microcontroller which are shown in the schematic diagram. The integration of both technologies reflects the solid foundation for the underlying production of data of real-time sensors, which is an important factor towards the fixation of anomalies within power system casually. Similarly,MQTTactsassuchcomponentthatispassedonto designated receiver through broker, that is, AWS EC2 instanceactingascentralizeddataforwardingpoint.Inorder toshedlightonthecomplexdatatrafficroute,Wireshark,an advanced packet apprehending and reporting tool, is to be usedtocaptureandrecordtheincomingandoutgoingofthe datapacketswithintheAWSEC2environment;theultimate outcome being precise execution and analysis. Hence, the generated .pcap serves as a seed to enriching the data upon further refinement and analysis stages needed to extract the hidden insights from the multitude of sensor data. This startingdatasetgoesthroughdynamicchangebyastructured pipelineofpre-processingprocesssuchasfeatureextraction, featureselectionthataredoingswithaccuracyandstrictness. By approaching the procedure of variable identification and

selectionprudentlyandresponsibly,thedataisbroughtdown to the most crucial points leaving only those with the most importantdatafor the follow-on analysis phases.Thesumof these endeavours is the creation of a complete, polished dataset couched in a .csv format - the attestation of the meticulousness present at the core of the inquiry process. Thus, the research continues with the application of as well as training of machine learning (ML) models characterized by a transition from raw sensor data to an operational insights generation. Advanced technological methodologies employed show high level sophistication of the research, at the forefront of the cutting-edge IoT applications of today. Moreover, a deep dive into the ML model training will continues, takes you through the algorithmic complicatedness and the model architectures optimized for thespecificofthedataset.

Assessment of model performance metrics, crossvalidation techniques, and hyperparameter tuning further amplifies the scientific rigor embedded within the investigative framework, ensuring that GridSense-ADS remains at the forefront of proactive anomaly detection

OCSVM achieves an accuracy of 93.10%, accompanied by perfect precision of 100.00%, indicating its ability to accurately identify anomalies while minimizing false positives. With a recall of 93.10% and an F1 score of 96.43%, OCSVM demonstrates high efficacy in detecting anomalies while maintaining a balance between precision

B. Local Outlier Factor (LOF)

Incontrast, LOFachievesa loweraccuracyof 89.82%,with precisionandrecallof83.33% and4.72%,respectively. The F1 score stands at 8.93%, indicating its struggles in effectivelyidentifying anomalies within the dataset. Despite maintaining a relatively high precision, LOF exhibits significant limitations in recall, highlighting challenges in detectinganomaliesaccurately.

Fig.3:LOFcontaminationfactor0.005

Fig.4:LOFcontaminationfactor0.05

Fig.5:LOFcontaminationfactor0.01

C. Isolation Forest

Isolation Forest boasts a commendable accuracy of 97.51%andperfectprecision,akintoOCSVM.However,its recall of 48.11% and F1 score of 64.97% indicate a lower efficacy in identifying anomalies compared to OCSVM. Isolation Forest may miss some anomalies or misclassify normalinstancesasanomalies,leadingtoadecreaseinrecall andF1score.

Fig.6:IsolationForestAnomalyGraph

Based on the provided evaluation metrics, Isolation Forest emerges as the most suitable model for this scenario. Despite its slightly lower recall compared to OCSVM, Isolation Forest exhibits higher overall accuracy and a comparable precision-recall balance. Its abilitytoaccurately identify anomalies while maintaining a high level of precisionunderscores its effectivenessinanomalydetection. However, the selection of the most appropriate anomaly detection model should consider the specific requirements and characteristics of the dataset, ensuring optimal performanceinreal-worldapplications.

VALUATION

The evaluation mayresultfromverycarefulappraisal of the performance indicators, which were achieved through intensive testing. Each as a machine learning model, including Isolation Forest, Local Outlier Factor, and OneClassSupportVectorMachine(OCSVM),hadgonethrought a continuous examination and evaluation process based on thekeypointssuchasthedetectiondistribution,correctness, recall and F1 score. And from the various models that were tested, the Isolation Forest saw itself as the unquestioned championasitclearlyoutpacedtherestinboththe accuracy of detecting anomalies and efficiency in the computations. The outstanding ability of the Isolation Forest algorithm to filter noise and identifyabnormalitiesin the healthanalytics data points accentuates its potential qualification as a useful anomaly detection tool for the GridSense-ADS system. The connection of smart devices anywhere within the industrial internet of things architecture signifies a milestone of the strengthening of the reliability of the power grid infrastructures, via controlling any potential anomalies such as electric fires or electrostatic damage that may lead to accidents. Regarding the next step, GridSense-ADS will ceasetobejustatrialanderroronenvironmentperformance as a product will be built on the top of this base, with monitoring real time state capacities. This ahead-setting vision sources the urgency of flawless unification and expanding the capacity, thus the system emerges to become to an adaptive entity with a real-time eye which detects abnormalities.Suchautomationisofparticularinteresttoall those industries that engage in production processes, the natureof whichisevolvingatarapid pace,requiringtimely detection and resolution of emerging challenges as the operationsareunderway.

Fig.7:HumidityDistributionsGraph

KeyPerformanceMetrics:

 Precision: The precision metric evaluates the accuracy of positive predictions made bythe model, providing insights into the system's ability to correctly identify anomalieswithoutmisclassifyingnormaldatapoints.

 Recall: Recall, also known as sensitivity, gauges the model's capacity to capture all relevant instances of anomalies within the dataset, thereby minimizing the likelihoodoffalsenegatives.

 F1Score:TheF1scorerepresentstheharmonicmeanof precision and recall, offering a comprehensive assessment of the model's overall performance in balancingprecisionandrecallmetrics.

 Accuracy:Accuracymeasurestheoverallcorrectnessof the model's predictions, indicating the proportion of correctly classified instances out of the total number ofinstancesevaluated.

TABLEI.

ACHINE LEARNING

TABLEII.

ANALYSISOFCOMPARISION

THE-ARTPROPOSED

danger, this anomaly detection system portrays an example of industrial IoT actualization and combined with robust machine learning algorithms. Based on a series of rigorous trials and evaluation, however, Isolation Forest seems to shine as the critical component of the project and demonstrates exceptional anomaly detection accuracy and optimal computational performance. The technology of barometer monitoring as an integral part of the industrial IoT lattice emphasizes its potential adaptability in the real industrial environment which helps to prevent such events as electric fires or electrostatic discharge provoked by moisture level fluctuations in the air. From here on, GridSense-ADS research project will broaden its horizon beyond the static environment laboratory and usher us to a new era with the possibility of real time monitoring. ThroughthefactthatIsolationForesthasbeenincorporated withina monitor,whichisadaptive, andpossessesdynamic features, GridSense-ADS can enhance the instrument's effectiveness and pertinence in industrial settings, where operational environments are continuously changing. Such developments, therefore, are the pillars of robustness and durabilityofthepowersystemsandacceleratethattransition

Weighed by the addition of another protective mantle, we are at the frontline battle—an exhibit of the power of the human kind and the relentless determination to fight for a better future- a future with courage. By recognizing the scope for anomaly detection technologies, GridSense-ADS shows that instead of being defined by unpredictability, the future will be characterized by the capacity to withstand interruptionsanddisplaydependability.

EFERENCES

RajdeepDas,VaishnaviSharma,NirjharPal.”RevolutionizingRealTime Communication: A Practical Implementation of MQTT in a Secure and Scalable Custom Chat Application”, Volume 11, Issue XII, International Journal for Research in Applied Science and

Y. Feng, J. Chen, Z. Liu, H. Lv and J. Wang, ”Full Graph Autoencoder for One-Class Group Anomaly Detection of IIoT System,”inIEEEInternetofThingsJournal,vol.9,no.21,pp.

Zhang,B., Zhu,J.,Tian, H.(2015).ConstructingKernelsforOneclass Support Vector Machine. In 2015, the 14th International SymposiumonDistributedComputingandApplicationsforBusiness EngineeringandScience(DCABES),IEEE

Pradeep Kumar, Dr. Indrajit Banerjee, ”Attack and Anomaly Detection in IIoT Networks UsingMachine Learning Techniques,” 14th ICCCNT IEEE Conference, July 6-8, 2023, IIT-Delhi, Delhi,

[5] L.Xu,X.Ding,H.Peng,D.ZhaoandX.Li,”ADTCD:AnAdaptive AnomalyDetectionApproachTowardConceptDriftinIoT,”inIEEE Internet of Things Journal, vol. 10, no. 18, pp. 15931-15942, 15 Sept.15,2023,.

[6] Rajdeep Das.”Accelerated Safety: Revitalizing ADXL345 for Enhanced IoT-enabled Fall Detection”, Volume 11, Issue XII, International Journal for Research in Applied Science and EngineeringTechnology(IJRASET).

V. CONCLUSION

Innovation and technology are the context in which Grid Sense-ADSstandsout, herebeingabeaconof transforming power, that brings advanced solutions for early detection andmanagementofthegridsystemanomalies.Groundedon the necessity of protecting key infrastructure from any

[7] A. A. Cook, G. Mısırlı and Z. Fan, ”Anomaly Detection for IoT TimeSeriesData:ASurvey,”inIEEEInternetofThingsJournal,vol. 7,no.7,pp.6481-6494,July2020.

[8] Isolation-basedanomalydetection”byFeiTonyLiu,KaiMingTing and Zhi-Hua Zhou. Published inACM Transactions onKnowledge DiscoveryfromData(TKDD),2012.

[9] AReviewofRecurrentNeuralNetworks:LSTMCellsandNetwork Architectures” by Yong Yu, Xiaosheng Si, Changhua Hu, Jianxun Zhang.NeuralComputation.

[10] Zhou, Xiaokang, et al. ”Variational LSTM enhanced anomaly detection for industrial big data.” IEEE Transactions on Industrial Informatics

[11] Wang,Chao,etal.”IntrusionDetectionSystemBasedonOne-Class SupportVectorMachineandGaussianMixtureModel.”

[12] Liu,FeiTony,KaiMingTing,andZhi-HuaZhou.”Isolation-based anomaly detection.” ACM Transactions on Knowledge Discovery fromData(TKDD).

[13] Moustafa, Nour, Benjamin Turnbull, and Kim-Kwang Raymond Choo.”Anensembleintrusiondetectiontechniquebasedonproposed statistical flow features forprotectingnetworktraffic ofinternet of things.”IEEEInternetofThingsJournal.

[14] R. Primartha and B. A. Tama, ”Anomaly detection using random forest: Aperformance revisited,” 2017 International Conference on

Data and Software Engineering (ICoDSE), Palembang, Indonesia, 2017,pp.1-6.

[15] Gao,Ying;Liu,Yu;Jin,Yaqia;Chen,Juequan;Wu,Hongrui(2018). ANovelSemi-SupervisedLearningApproachforNetworkIntrusion Detection on Cloud-Based Robotic System. IEEEAccess 6:50927–50938.

[16] Anwer,Maryam,S.MahmoodKhan,andM.UmerFarooq.”Attack detection in IoTusingmachine learning.”Engineering,Technology AppliedScienceResearch11.3(2021):7273-7278.

[17] Mushtaq E, Zameer A, Umer M, Abbasi AA (2022) A two-stage intrusiondetectionsystemwithautoencoderandLSTMs.ApplSoft Comput 121:108768