Elevating Cybersecurity for Smart Grid Systems—A Container-Based Approach Enhanced by Machine Learning

This paper presents a comprehensive implementation of a cybersecurity solution for smart grid network containers. The methodology utilises (i) Qualys API-based vulnerability scanning and reporting system for vulnerability identification, (ii) Docker deployment for security and isolation, (iii) advanced load balancing techniques for resource optimisation, and (iv) machine learning-powered anomaly detection for threat identification and vulnerability prioritisation. The implementation was used to create a dataset that continues the details of several simulated attacks, enabling effective training and evaluation of a robust machine-learning model. The paper provides a thorough description of the implemented system architecture, the Qualys API-based vulnerability scanning and reporting system, the data set creation process, simulated attacks in Docker implementation, the load balancing process, and the machine learning model used for vulnerability prioritisation. The experiments showed that the machine learning model performed exceptionally well across all conducted attacks i.e., Denial of Service, Remote-to-Local, User-to-Root, and Probes, achieving high scores in accuracy, precision, recall, and F1 scores.