5,286 research outputs found
A knowledge discovery approach for the detection of power grid state variable attacks
As the level of sophistication in power system technologies increases, the amount of system state parameters being recorded also increases. This data not only provides an opportunity for monitoring and diagnostics of a power system, but it also creates an environment wherein security can be maintained. Being able to extract relevant information from this pool of data is one of the key challenges still yet to be obtained in the smart grid. The potential exists for the creation of innovative power grid cybersecurity applications, which harness the information gained from advanced analytics. Such analytics can be based on the extraction of key features from statistical measures of reported and contingency power system state parameters. These applications, once perfected, will be able to alert upon potential cyber intrusions providing a framework for the creation of power system intrusion detection schemes derived from the cyber-physical perspective. With the power grid having a growing cyber dependency, these systems are becoming increasingly the target of attacks. The current power grid is undergoing a state of transition where new monitoring and control devices are being constantly added. These newly connected devices, by means of the cyber infrastructure, are capable of executing remote control decisions along with reporting sensor data back to a centralized location.
This dissertation is an examination of advanced data mining and data analytic techniques for the development of a framework for detecting malicious cyber activity in the power grid based solely on reported power system state parameters. Through this examination, results indicate the successful development of a cyber-event detection framework capable of detecting and localizing 92% of the simulated cyber-events. In focusing on specific types of intrusions, this work describes the utilization of machine learning techniques to examine key features of multiple power systems for the detection of said intrusions. System analysis is preformed using the Newton-Raphson method to solve the nonlinear power system partial differential power flow equations for a 5-Bus and 14-Bus power system. This examination offers the theory and simulated implementation examples behind a context specific detection approach for securing the current and next generation\u27s critical infrastructure power grid
A Power Grid Incident Identification Based on Physically Derived Cyber-Event Detection
This article proposes a cyber-event detection framework to aid in incident Identification and digital forensics cases aimed at investigating cyber crime committed against the critical infrastructure power grid. However, unlike other similar investigative techniques, the proposed approach examines only the physical information to derive a cyber conclusion. The developed framework extracts information from the physical parameters stored in historical databases of SCADA systems. The framework uses a pseudo-trusted model derived from randomly selected power system observations found in the historical databases. Afterwards, a technique known as Bayesian Model Averaging is used to average the models and create a more trusted model. Results indicate a successful Classification of on average 89% for the simulated cyber events of varying magnitudes
Ensemble Feature Learning-Based Event Classification for Cyber-Physical Security of the Smart Grid
The power grids are transforming into the cyber-physical smart grid with increasing two-way communications and abundant data flows. Despite the efficiency and reliability promised by this transformation, the growing threats and incidences of cyber attacks targeting the physical power systems have exposed severe vulnerabilities. To tackle such vulnerabilities, intrusion detection systems (IDS) are proposed to monitor threats for the cyber-physical security of electrical power and energy systems in the smart grid with increasing machine-to-machine communication. However, the multi-sourced, correlated, and often noise-contained data, which record various concurring cyber and physical events, are posing significant challenges to the accurate distinction by IDS among events of inadvertent and malignant natures. Hence, in this research, an ensemble learning-based feature learning and classification for cyber-physical smart grid are designed and implemented. The contribution of this research are (i) the design, implementation and evaluation of an ensemble learning-based attack classifier using extreme gradient boosting (XGBoost) to effectively detect and identify attack threats from the heterogeneous cyber-physical information in the smart grid; (ii) the design, implementation and evaluation of stacked denoising autoencoder (SDAE) to extract highlyrepresentative feature space that allow reconstruction of a noise-free input from noise-corrupted
perturbations; (iii) the design, implementation and evaluation of a novel ensemble learning-based feature extractors that combine multiple autoencoder (AE) feature extractors and random forest base classifiers, so as to enable accurate reconstruction of each feature and reliable classification against malicious events. The simulation results validate the usefulness of ensemble learning approach in detecting malicious events in the cyber-physical smart grid
Secure Distributed Dynamic State Estimation in Wide-Area Smart Grids
Smart grid is a large complex network with a myriad of vulnerabilities,
usually operated in adversarial settings and regulated based on estimated
system states. In this study, we propose a novel highly secure distributed
dynamic state estimation mechanism for wide-area (multi-area) smart grids,
composed of geographically separated subregions, each supervised by a local
control center. We firstly propose a distributed state estimator assuming
regular system operation, that achieves near-optimal performance based on the
local Kalman filters and with the exchange of necessary information between
local centers. To enhance the security, we further propose to (i) protect the
network database and the network communication channels against attacks and
data manipulations via a blockchain (BC)-based system design, where the BC
operates on the peer-to-peer network of local centers, (ii) locally detect the
measurement anomalies in real-time to eliminate their effects on the state
estimation process, and (iii) detect misbehaving (hacked/faulty) local centers
in real-time via a distributed trust management scheme over the network. We
provide theoretical guarantees regarding the false alarm rates of the proposed
detection schemes, where the false alarms can be easily controlled. Numerical
studies illustrate that the proposed mechanism offers reliable state estimation
under regular system operation, timely and accurate detection of anomalies, and
good state recovery performance in case of anomalies
- …