Browsing by Author "Mahi, Abderrazak"
Now showing 1 - 1 of 1
Results Per Page
Sort Options
- Electric vehicules cyber-attack detectionPublication . Mahi, Abderrazak; Cunha, António; Mestre, PedroThis thesis explores ML and DL techniques for improved cybersecurity of EVSE as part of smart grid systems. As the adoption of electric vehicles increases, their related infrastructure is in jeopardy of cyber-attack, which can directly affect the users' safety, data privacy, and overall stability of the grid. The overall objective of this research was to prototype, implement, test and evaluate, and compare several classification-based intrusion detection systems that could detect harmful activity in an EVSE environment. This work builds upon the published CICEVSE2024 dataset, which is a multilayer, multimodal dataset that provides telemetry data from a simulated EV charging environment. At this time, there was limited research on the use of telemetry measurement, and the potential value add to an intrusion detection space. The dataset contained network level, power level, and kernel level telemetry data which, when used in conjunction, can support extensive analysis for intrusion detection purposes. Given the breadth and diversity of the data attributes, it is well suited for creating realistic, enforceable detection accuracy models. There are two types of classification tasks in this study: Binary classification task of normal vs. attack packets, and multi-class classification task of identifying the type of attack. One goal of this work was to achieve and maintain high detection accuracy, which we achieved by developing a pipeline for our analysis which included: Data cleaning and data normalization; Feature selection and correlation analysis and Implementation of scenario-based and class-based balancing strategies to eliminate data imbalance. The use of both mature ML algorithms (Random Forest, Gradient Boosting, Support Vector Machine, K-Nearest Neighbors, Logistic Regression) and DL algorithms (LSTM, GRU based architectures). The performance of each model was evaluated by measures of overall accuracy, precision, recall, F1-Score, and confusion metrics and validated in a train-test setting. The study's findings suggested classical ML models have rapid search speed and provide interpretable outputs, however DL models are more suited to detecting intrusions in the time series and context by moving beyond independent features in the telemetry data demonstrating high accuracy, especially where the sequential model could capture the temporal dependencies of LSTM and GRU models. The thesis also examined implications of using ML/DL hybrids for intrusions detection and discussed several main principles to consider in the context of specificity in modeling, the value of a realistic dataset, limitations in detecting zero-day attacks, and stealth attacks. Some of the challenges to developing robust, and importantly adaptable and scalable intrusion detection systems in real world CPS contexts of EVSE were acknowledged. Overall, we can say that the research analysis confirmed the value and significance of continued study of multimodal datasets, and provided suggestions for future research based on detection, certainly online detection, but also transfer learning strategies while accounting for the need to deploy models in edge contexts, is warranted. Overall, the study made methodological contributions and validated its experimental analysis providing new perspectives and possibilities for securing and monitoring the next evolution of smart EV charging infrastructure.