476 research outputs found

    Modeling and performance evaluation of stealthy false data injection attacks on smart grid in the presence of corrupted measurements

    Full text link
    The false data injection (FDI) attack cannot be detected by the traditional anomaly detection techniques used in the energy system state estimators. In this paper, we demonstrate how FDI attacks can be constructed blindly, i.e., without system knowledge, including topological connectivity and line reactance information. Our analysis reveals that existing FDI attacks become detectable (consequently unsuccessful) by the state estimator if the data contains grossly corrupted measurements such as device malfunction and communication errors. The proposed sparse optimization based stealthy attacks construction strategy overcomes this limitation by separating the gross errors from the measurement matrix. Extensive theoretical modeling and experimental evaluation show that the proposed technique performs more stealthily (has less relative error) and efficiently (fast enough to maintain time requirement) compared to other methods on IEEE benchmark test systems.Comment: Keywords: Smart grid, False data injection, Blind attack, Principal component analysis (PCA), Journal of Computer and System Sciences, Elsevier, 201

    Cyber attacks and faults discrimination in intelligent electronic device-based energy management systems

    Full text link
    Intelligent electronic devices (IEDs) along with advanced information and communication technology (ICT)-based networks are emerging in the legacy power grid to obtain real-time system states and provide the energy management system (EMS) with wide-area monitoring and advanced control capabilities. Cyber attackers can inject malicious data into the EMS to mislead the state estimation process and disrupt operations or initiate blackouts. A machine learning algorithm (MLA)-based approach is presented in this paper to detect false data injection attacks (FDIAs) in an IED-based EMS. In addition, stealthy construction of FDIAs and their impact on the detection rate of MLAs are analyzed. Furthermore, the impacts of natural disturbances such as faults on the system are considered, and the research work is extended to distinguish between cyber attacks and faults by using state-of-the-art MLAs. In this paper, state-of-the-art MLAs such as Random Forest, OneR, Naive Bayes, SVM, and AdaBoost are used as detection classifiers, and performance parameters such as detection rate, false positive rate, precision, recall, and f-measure are analyzed for different case scenarios on the IEEE benchmark 14-bus system. The experimental results are validated using real-time load flow data from the New York Independent System Operator (NYISO)

    Detection of False Data Injection Attacks in Smart Grid under Colored Gaussian Noise

    Full text link
    In this paper, we consider the problems of state estimation and false data injection detection in smart grid when the measurements are corrupted by colored Gaussian noise. By modeling the noise with the autoregressive process, we estimate the state of the power transmission networks and develop a generalized likelihood ratio test (GLRT) detector for the detection of false data injection attacks. We show that the conventional approach with the assumption of Gaussian noise is a special case of the proposed method, and thus the new approach has more applicability. {The proposed detector is also tested on an independent component analysis (ICA) based unobservable false data attack scheme that utilizes similar assumptions of sample observation.} We evaluate the performance of the proposed state estimator and attack detector on the IEEE 30-bus power system with comparison to conventional Gaussian noise based detector. The superior performance of {both observable and unobservable false data attacks} demonstrates the effectiveness of the proposed approach and indicates a wide application on the power signal processing.Comment: 8 pages, 4 figures in IEEE Conference on Communications and Network Security (CNS) 201

    Stealthy MTD against unsupervised learning-based blind FDI Attacks in power systems

    Get PDF
    This paper examines how moving target defenses (MTD) implemented in power systems can be countered by unsupervised learning-based false data injection (FDI) attack and how MTD can be combined with physical watermarking to enhance the system resilience. A novel intelligent attack, which incorporates dimensionality reduction and density-based spatial clustering, is developed and shown to be effective in maintaining stealth in the presence of traditional MTD strategies. In resisting this new type of attack, a novel implementation of MTD combining with physical watermarking is proposed by adding Gaussian watermark into physical plant parameters to drive detection of traditional and intelligent FDI attacks, while remaining hidden to the attackers and limiting the impact on system operation and stability

    Operational moving target defences for improved power system cyber-physical security

    Get PDF
    In this work, we examine how Moving Target Defences (MTDs) can be enhanced to circumvent intelligent false data injection (FDI) attacks against power systems. Initially, we show how, by implementing state-of-the-art topology learning techniques, we can commit full-knowledge-equivalent FDI attacks against static power systems with no prior system knowledge. We go on to explore how naive applications of topology change, as MTDs, can be countered by unsupervised learning-based FDI attacks and how MTDs can be combined with physical watermarking to enhance system resilience. A novel intelligent attack, which incorporates dimensionality reduction and density-based spatial clustering, is developed and shown to be effective in maintaining stealth in the presence of traditional MTD strategies. In resisting this new type of attack, a novel implementation of MTD is suggested. The implementation uses physical watermarking to drive detection of traditional and intelligent FDI attacks while remaining hidden to the attackers. Following this, we outline a cyber-physical authentication strategy for use against FDI attacks. An event-triggered MTD protocol is proposed at the physical layer to complement cyber-side enhancements. This protocol applies a distributed anomaly detection scheme based on Holt-Winters seasonal forecasting in combination with MTD implemented via inductance perturbation. To conclude, we developed a cyber-physical risk assessment framework for FDI attacks. Our assessment criteria combines a weighted graph model of the networks cyber vulnerabilities with a centralised residual-based assessment of the physical system with respect to MTD. This combined approach provides a cyber-physical assessment of FDI attacks which incorporates both the likelihood of intrusion and the prospect of an attacker making stealthy change once intruded.Open Acces

    Data-Driven Stealthy Injection Attacks on Smart Grid

    Full text link
    Smart grid cyber-security has come to the forefront of national security priorities due to emergence of new cyber threats such as the False Data Injection (FDI) attack. Using FDI, an attacker can intelligently modify smart grid measurement data to produce wrong system states which can directly affect the safe operation of the physical grid. The goal of this thesis is to investigate key research problems leading to the discovery of significant vulnerabilities and their impact on smart grid operation. The first problem investigates how a stealthy FDI attack can be constructed without the knowledge of system parameters, e.g., line reactance, bus and line connectivity. We show how an attacker can successfully carry out an FDI attack by analysing subspace information of the measurement data without requiring the system topological knowledge. In addition, we make a critical observation that existing subspace based attacks would fail in the presence of gross errors and missing values in the observed data. Next, we show how an attacker can circumvent this problem by using a sparse matrix separation technique. Extensive evaluation on several benchmark systems demonstrates the effectiveness of this approach. The second problem addresses the scenario when an attacker may eavesdrop but only has access to a limited number of measurement devices to inject false data. We show how an attack can be constructed by first estimating the hidden system topology from measurement data only and then use it to identify a set of critical sensors for data injection. Extensive experiments using graph-theoretic and eigenvalue analyses demonstrate that the estimated power grid structure is very close to the original grid topology, and a stealthy FDI attack can be carried out using only a small fraction of all available sensors. The third problem investigates a new type of stealthy Load Redistribution (LR) attack using FDI which can deliberately cause changes in the Locational Marginal Price (LMP) of smart grid nodes. To construct the LR-FDI attack, the Shift factor is estimated from measurement and LMP data. Finally, the impact of the attacks on the state estimation and the nodal energy prices is thoroughly investigated
    • …
    corecore