Anomalous Traffic Detection Method for Power Internet of Things Based on Graph Neural Networks

Abstract

Edge nodes in power grids typically have lower security capabilities, making important interactions such as power communication more susceptible to potential attack threats. These edge nodes lack strong network protection and security protocols, which can easily become weaknesses in network attacks and increase the risk of power systems. Attackers may use these weak links to invade the power supply chain system, causing adverse effects on power supply and distribution. In order to effectively identify malicious traffic, we propose an anomaly detection method based on attribute graphs to identify potential security vulnerabilities in power IoT traffic. This method utilizes the node representation of the attribute graph to extract features from network traffic, and uses a graph neural network based on meta paths to learn the topological structure and attribute information of the traffic network. In order to ensure the performance of the model in large-scale power IoT nodes, a data accuracy adjustment strategy based on Hoffman encoding was developed to optimize data and adjust the size of attribute maps under different data sizes. The effectiveness of this method was verified through experiments on real network traffic datasets.