Detection of False Data Injection Attacks in Smart Grids: A Real-Time Principle Component Analysis (original) (raw)

Stealth false data injection using independent component analysis in smart grid

2011

In smart grid, the strong coupling between cyber and physical operations makes power systems vulnerable to cyber attacks. In this paper, stealth false data attacks are investigated where the attackers without prior knowledge of the power grid topology, try to make inferences through phasor observations. We show that when the system dynamics are small and can be approximated linearly, linear independent component analysis (ICA) can be applied to estimate the Jacobian matrix multiplied by the eigenvectors of the covariance matrix of the state variables. The inferred structural information can then be used to launch unobservable attacks. As demonstrated by the simulation results using data generated by MATPOWER, the proposed scheme can indeed inject false data with low detectability.

Detection of false data injection attacks in smart-grid systems

IEEE Communications Magazine, 2015

Smart grids are essentially electrical grids that uses information and communication technology (ICT) to provide reliable, efficient electricity transmission and distribution. Security and trust are of paramount importance. Among various emerging security issues, false data injection (FDI) attack is one of the most substantial ones, which can significantly increase the cost of the energy distribution process. However, most current research focuses on countermeasures to FDIs for traditional power grids rather smart grid infrastructures. We develop an efficient and real-time scheme to detect FDI attacks in smart grids, by exploiting spatial-temporal correlations between grid components. Through realistic simulations based on the US smart grid, we demonstrate that the proposed scheme provides an accurate and reliable solution.

Sparse Malicious False Data Injection Attacks and Defense Mechanisms in Smart Grids

IEEE Transactions on Industrial Informatics, 2015

This paper discusses malicious false data injection attacks on the wide area measurement and monitoring system in smart grids. First, methods of constructing sparse stealth attacks are developed for two typical scenarios: 1) random attacks in which arbitrary measurements can be compromised; and 2) targeted attacks in which specified state variables are modified. It is already demonstrated that stealth attacks can always exist if the number of compromised measurements exceeds a certain value. In this paper, it is found that random undetectable attacks can be accomplished by modifying only a much smaller number of measurements than this value. It is well known that protecting the system from malicious attacks can be achieved by making a certain subset of measurements immune to attacks. An efficient greedy search algorithm is then proposed to quickly find this subset of measurements to be protected to defend against stealth attacks. It is shown that this greedy algorithm has almost the same performance as the brute-force method, but without the combinatorial complexity. Third, a robust attack detection method is discussed. The detection method is designed based on the robust principal component analysis problem by introducing element-wise constraints. This method is shown to be able to identify the real measurements, as well as attacks even when only partial observations are collected. The simulations are conducted based on IEEE test systems. Index Terms-Bad data detection (BDD), malicious data attack, robust principle component analysis (PCA), smart grid security. I. INTRODUCTION C OMPARED with the traditional power grids, a smart grid tends to be much more reliable, efficient, and intelligent due to the remarkable advancements in sensing, monitoring, control technologies, and also the tight integration with cyber infrastructure and advanced computing and communication technologies [1]. However, this integration can lead to new vulnerabilities to cyber attacks on the power systems. Cyber attacks are reported as one of the main potential threats to the reliable operation of the power system [2], [3]. In this paper, we Manuscript

Detecting stealthy false data injection using machine learning in smart grid

2013 IEEE Global Communications Conference (GLOBECOM), 2013

Aging power industries together with increase in the demand from industrial and residential customers are the main incentive for policy makers to define a road map to the next generation power system called smart grid. In smart grid, the overall monitoring costs will be decreased but at the same time, the risk of cyber attacks might be increased. Recently a new type of attacks (called the stealth attack) has been introduced, which cannot be detected by the traditional bad data detection using state estimation. In this paper, we show how normal operations of power networks can be statistically distinguished from the case under stealthy attacks. We propose two machine learning based techniques for stealthy attack detection. The first method utilizes the supervised learning over labeled data and trains a distributed support vector machine. The design of the distributed SVM is based on the Alternating Direction Method of Multipliers, which offers provable optimality and convergence rate. The second method requires no training data and detects deviation in measurements. In both methods, principle component analysis is used to reduce the dimensionality of the data to be processed, which leads to lower computation complexities. The results of the proposed detection methods on the IEEE standard test systems demonstrate the effectiveness of both schemes.

Subset Level Detection of False Data Injection Attacks in Smart Grids

State estimation is a critical component in determining whether the power grid is operating properly, or not. Invalid state estimate can have a huge impact on the stability of the grid and can cause severe socioeconomic damage. False data injection attacks (FDIAs) display a prominent threat to the operation of power systems, especially when carefully constructed to bypass traditional bad data detection (BDD). Therefore, an intrusion detection system (IDS) has to be in place to prevent FDIAs from going unnoticed. A major limitation of current approaches is that only coarse-grained attack detection is performed. In order to take effective mitigation actions, it would be more beneficial to detect whether any critical subset of state variables is under attack or not. In this paper, we investigate two state-of-the-art machine learning algorithms for subset level detection of FDIAs. Furthermore, the trade-off between performance and subset size is investigated. The proposed detection algorithms are evaluated by simulating FDIAs on the IEEE 30-bus system using real-world load data for measurement construction. Index Terms-Subset level detection, state estimation, false data injection attack, machine learning, support vector machine, recurrent neural network, long short-term memory unit.

Survey of false data injection in smart power grid: Attacks, countermeasures and challenges

Journal of Information Security and Applications, 2020

False Data Injection Attack (FDIA) is one of the most dangerous cyber attacks against smart power grids, as it could cause severe physical and economic damage. In this paper, we review and compare previous surveys on FDIA, which mostly focus only on the state estimation component. Differently, our survey describes the FDIAs that target the different components of the on-line power system security. It also provides two novel attack classifications. The first classification categorizes the different FDIAs with respect to three levels: targeted systems at the first level, targeted subsystems at the second level, and the attacks targeting the subsystems at the third level. The second classification considers two criteria: targeted sub system and the impact of the attack, which can be physical and/or economic. The countermeasures are classified according to two dimensions: (i) the targeted subsystem and (ii) the class of countermeasure: preventive or detective. Both preventive and detective classes are further categorized according to different approaches. In addition, the countermeasures are presented along with their performance results. Finally, open issues are identified, and future research directions are recommended.

False Data Injection Attack Detection based on Hilbert-Huang Transform in AC Smart Islands

IEEE Access

In Smart Island (SI) systems, operators of power distribution system usually utilize actual-time measurement information as the Advanced Metering Infrastructure (AMI) to have an accurate, efficient, advanced control and monitor of whole their system. SI system can be vulnerable to complicated information integrity attacks such as False Data Injection Attack (FDIA) on some equipment including sensors and controllers, which can generate misleading operational decision in the system. Hence, lack of detailed research in the evaluation of power system that links the FDIAs with system stability is felt, and it will be important for both assessment of the effect of cyber-attack and taking preventive protection measures. In this regards, time-frequency-based differential approach is proposed for SI cyber-attack detection according to non-stationary signal assessment. In this paper, non-stationary signal processing approach of Hilbert-Huang Transform (HHT) is performed for the FDIA detection in several case studies. Since various critical case studies with a small FDIA in data where accurate and efficient detection can be a challenge, the simulation results confirm the efficiency of HHT approach and the proposed detection frame is compared with shallow model. In this research, the configuration of the SI test case is developed in the MATLAB software with several Distributed Generations (DGs). As a result, it is found that the HHT approach is completely efficient and reliable for FDIA detection target in AC-SI. The simulation results verify that the proposed model is able to achieve accuracy rate of 93.17% and can detect FDIAs less than 50 ms from cyber-attack starting in different kind of scenarios. INDEX TERMS False data injection attack, Hilbert-Huang transform, smart island, AC system.

Fourier Singular Values-Based False Data Injection Attack Detection in AC Smart-Grids

Applied Sciences

Cyber-physical threats as false data injection attacks (FDIAs) in islanded smart microgrids (ISMGs) are typical accretion attacks, which need urgent consideration. In this regard, this paper proposes a novel cyber-attack detection model to detect FDIAs based on singular value decomposition (SVD) and fast Fourier transform (FFT). Since new research are mostly focusing on FDIAs detection in DC systems, paying attention to AC systems attack detection is also necessary; hence, AC state estimation (SE) have been used in SI analysis and in considering renewable energy sources effect. Whenever malicious data are added into the system state vectors, vectors’ temporal and spatial datum relations might drift from usual operating conditions. In this approach, switching surface based on sliding mode controllers is dialyzed to regulate detailed FFT’s coefficients to calculate singular values. Indexes are determined according to the composition of FFT and SVD in voltage/current switching surface ...

Machine Learning Algorithm for Detection of False Data Injection Attack in Power System

2021 International Conference on Information Networking (ICOIN), 2021

Electric grids are becoming smart due to the integration of Information and Communication Technology (ICT) with the traditional grid. However, it can also attract various kinds of Cyber-attacks to the grid infrastructure. The False Data Injection Attack (FDIA) is one of the lethal and most occurring attacks possible in both the physical and cyber part of the smart grid. This paper proposed an approach by applying machine learning algorithms to detect FDIAs in the power system. Several feature selection techniques are explored to investigate the most suitable features to achieve high accuracy. Various machine learning algorithms are tested to follow the most suitable method for building a detection system against such attacks. Also, the dataset has a skewed distribution between the two classes, and hence data imbalance issue is addressed during the experiments. Moreover, because the response time is critical in a smart grid, each experiment is also evaluated in terms of time complexity.

False Data Injection Attack Detection in Power Systems Based on Cyber-Physical Attack Genes

Frontiers in Energy Research, 2021

In the process of the detection of a false data injection attack (FDIA) in power systems, there are problems of complex data features and low detection accuracy. From the perspective of the correlation and redundancy of the essential characteristics of the attack data, a detection method of the FDIA in smart grids based on cyber-physical genes is proposed. Firstly, the principle and characteristics of the FDIA are analyzed, and the concept of the cyber-physical FDIA gene is defined. Considering the non-functional dependency and nonlinear correlation of cyber-physical data in power systems, the optimal attack gene feature set of the maximum mutual information coefficient is selected. Secondly, an unsupervised pre-training encoder is set to extract the cyber-physical attack gene. Combined with the supervised fine-tuning classifier to train and update the network parameters, the FDIA detection model with stacked autoencoder network is constructed. Finally, a self-adaptive cuckoo search...