A Hierarchical Terminal Recognition Approach based on Network Traffic Analysis

TL;DR

This paper presents a hierarchical, end-to-end network traffic analysis model for accurately recognizing grid metering terminal types, improving security policy enforcement in smart grids.

Contribution

It introduces a novel two-level hierarchical model that combines statistical and behavioral features with multiple algorithms for precise terminal recognition.

Findings

Achieved an F1 score of 98.3% in terminal recognition

Improved performance over existing recognition models

Effectively classifies three types of grid metering terminals

Abstract

Recognizing the type of connected devices to a network helps to perform security policies. In smart grids, identifying massive number of grid metering terminals based on network traffic analysis is almost blank and existing research has not proposed a targeted end-to-end model to solve the flow classification problem. Therefore, we proposed a hierarchical terminal recognition approach that applies the details of grid data. We have formed a two-level model structure by segmenting the grid data, which uses the statistical characteristics of network traffic and the specific behavior characteristics of grid metering terminals. Moreover, through the selection and reconstruction of features, we combine three algorithms to achieve accurate identification of terminal types that transmit network traffic. We conduct extensive experiments on a real dataset containing three types of grid metering terminals, and the results show that our research has improved performance compared to common recognition models. The combination of an autoencoder, K-Means and GradientBoost algorithm achieved the best recognition rate with F1 value of 98.3%.