Electrical substations manage electrical energy, therefore a cyber-attack on these systems would cause significant damage to the population, but also to hospitals and all critical and non-critical infrastructures. In this paper we propose a method, based on deep learning, to identify anomalies in electrical substations. The proposed method directly analyzes network logs to highlight the possible presence of anomalies in the substation networks. In order to push the adoption of deep learning in real contexts, the proposed method also provides a kind of prediction explainability behind the classifier predictions, by highlighting the section of the network trace that has been detected as symptomatic of an anomaly from the deep learning classifier point of view.

Top