Feature Selection–Based Detection of Covert Cyber Deception Assaults in Smart Grid Communications Networks Using Machine Learning

Ahmed, Saeed; Lee, Young-Doo; Hyun, Seung-Ho; Koo, Insoo

doi:10.1109/access.2018.2835527

Cited by 79 publications

(41 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This kind of method doesn't need to solve complex time-domain equations of the power system, and clear performance indicators can be used to evaluate the performance, it is one of the current main FDIA detection methods. This type of method mainly includes support vector machine (SVM) [18], extreme learning machine [19], fuzzy C-means clustering [20], deep learning [21], ensemble learning, etc., [22]. The detection performance of traditional supervised learning algorithms such as SVM depends on the quality of the data heavily, such as the poor characterization ability of the feature set will cause a low detection rate.…”

Section: The Detection Methods Based On Machine Learningmentioning

confidence: 99%

A Novel False Data Injection Attack Detection Model of the Cyber-Physical Power System

Cao

Wang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

The False data injection attack (FDIA) against the Cyber-Physical Power System (CPPS) is a kind of data integrity attack. With more and more cyber vulnerabilities detected out, different types of FDIAs are emerging as severe threats to the stable operation of CPPS gradually. In this paper, the invasion pathway of the FDIA against CPPS is explored in detail, and a novel FDIA detection model based on ensemble learning is further provided. First, a pseudo-sample database is built to assist the training and evaluation of this model, and it's more important to update the model in the future. Furthermore, the optimal feature set is extracted to characterize the behavior of the FDIA, which improves the precision of the FDIA detection model. Finally, a focal-loss-lightgbm (FLGB) ensemble classifier is constructed to detect the FDIA behavior automatically and accurately. We illustrated the performance of this model by a fusion of measurement data and power system audit logs. This model utilizes the offline training way, the conclusion shows the high precision and stability of this model, which ensures the stable operation of the smart grid and improves the FDIA resistance ability of the CPPS. INDEX TERMS CPPS, FDIA detection model, invasion pathway analysis, ensemble learning.

show abstract

Section: The Detection Methods Based On Machine Learningmentioning

confidence: 99%

A Novel False Data Injection Attack Detection Model of the Cyber-Physical Power System

Cao

Wang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…However, it is only suitable for a single attack scenario, whose pattern period is about 50 AGC cycles. There are other literature works looking into the application of machine learning or artificial intelligence technology in this territory [22]- [24]. Deb Roy et al investigated the unique feature of low inertial AGC systems, such as the system with lots of renewable generations.…”

Section: Related Workmentioning

confidence: 99%

Coordinated False Data Injection Attacks in AGC System and Its Countermeasure

2020

IEEE Access

View full text Add to dashboard Cite

The Automatic Generation Control (AGC) system is vital for power system frequency stability. The frequency and tie-line power flow are measured and transmitted to the control room to form Area Control Error (ACE), which is then sent to each generator for power generation adjustment. Due to the vulnerability of the Inter-Control Center Communication (ICCP) protocol, which is used for data transmission, many attacks such as Denial of Service, timing de-synchronization, and False Data Injection (FDI) attack can be inflicted upon the compromised system. In this paper, we investigated the attacking mechanism and the impact of the coordinated FDI attack. Compared with the single attack model, the coordinated FDI attack has a smaller Time to Emergency (TTE) value and wider parameter ranges. Therefore, it is stealthier and more harmful to the AGC system. However, it is found that the pattern of the corrupted ACEs (attacked by a specific coordination FDI attack) follows a specific fashion. Therefore, we proposed a self-learning and evolving approach to detect this stealthy attack. The real data from an electric company helps to train and test the pattern recognition model. The coordinated attack is simulated and compared in a 3area AGC system, while the proposed detection method is verified via the IEEE 39-bus test system.

show abstract

“…Covert cyber assault is a type of FDI attack held on SGs, which was detected by SE [27]. For attack detection, a supervised machine learning algorithm based bad data detector was designed.…”

Section: Related Work On Fdi Attack Detectionmentioning

confidence: 99%

T2S2G: A Novel Two-Tier Secure Smart Grid Architecture to Protect Network Measurements

Aziz

Jin²,

Abdulqadder³

et al. 2019

Energies

View full text Add to dashboard Cite

False data injection (FDI) attacks are a major security threat to smart grid (SG) communication systems. In FDI attacks, the attacker has the ability of modifying the measurements transmitted by smart grid entities such as smart meters, buses, etc. Many solutions have been proposed to mitigate FDI attacks in the SG. However, most of these solutions rely on centralized state estimation (SE), which is computationally expensive. To engulf this problem in FDI attack detection and to improve security of SGs, this paper proposes novel two-tier secure smart grid (T2S2G) architecture with distributed SE. In T2S2G, measurement collection and SE are involved in first tier while compromised meter detection is involved in second tier. Initially the overall SG system is divided into four sections by the weighted quad tree (WQT) method. Each section is provided with an aggregator, which is responsible to perform SE. Measurements from power grids are collected by remote terminal units (RTUs) and encrypted using a parallel enhanced elliptic curve cryptography (PEECC) algorithm. Then the measurements are transmitted to the corresponding aggregator. Upon collected measurements, aggregator estimates state using the amended particle swarm optimization (APSO) algorithm in a distributed manner. To verify authenticity of aggregators, each aggregator is authenticated by a logical schedule based authentication (LSA) scheme at the control server (CS). In the CS, fuzzy with a neural network (FNN) algorithm is employed for measurements classification. Our proposed T2S2G shows promising results in the following performance metrics: Estimation error, number of protected measurements, detection probability, successful detection rate, and detection delay.

show abstract

Feature Selection–Based Detection of Covert Cyber Deception Assaults in Smart Grid Communications Networks Using Machine Learning

Cited by 79 publications

References 38 publications

A Novel False Data Injection Attack Detection Model of the Cyber-Physical Power System

A Novel False Data Injection Attack Detection Model of the Cyber-Physical Power System

Coordinated False Data Injection Attacks in AGC System and Its Countermeasure

T2S2G: A Novel Two-Tier Secure Smart Grid Architecture to Protect Network Measurements

Contact Info

Product

Resources

About