Local Cyber-Physical Attack for Masking Line Outage and Topology Attack in Smart Grid

Malicious attacks in the power system can eventually result in a large-scale cascade failure if not attended on time. These attacks, which are traditionally classified into \emph{physical} and \emph{cyber attacks}, can be avoided by using the latest and advanced detection mechanisms. However, a new threat called \emph{cyber-physical attacks} which jointly target both the physical and cyber layers of the system to interfere the operations of the power grid is more malicious as compared with the traditional attacks. In this paper, we propose a new cyber-physical attack strategy where the transmission line is first physically disconnected, and then the line-outage event is masked, such that the control center is misled into detecting as an obvious line outage at a different position in the local area of the power system. Therefore, the topology information in the control center is interfered by our attack. We also propose a novel procedure for selecting vulnerable lines, and analyze the observability of our proposed framework. Our proposed method can effectively and continuously deceive the control center into detecting fake line-outage positions, and thereby increase the chance of cascade failure because the attention is given to the fake outage. The simulation results validate the efficiency of our proposed attack strategy.Comment: accepted by IEEE Transactions on Smart Grid. arXiv admin note: text overlap with arXiv:1708.0320

Local Cyber-physical Attack with Leveraging Detection in Smart Grid

A well-designed attack in the power system can cause an initial failure and then results in large-scale cascade failure. Several works have discussed power system attack through false data injection, line-maintaining attack, and line-removing attack. However, the existing methods need to continuously attack the system for a long time, and, unfortunately, the performance cannot be guaranteed if the system states vary. To overcome this issue, we consider a new type of attack strategy called combinational attack which masks a line-outage at one position but misleads the control center on line outage at another position. Therefore, the topology information in the control center is interfered by our attack. We also offer a procedure of selecting the vulnerable lines of its kind. The proposed method can effectively and continuously deceive the control center in identifying the actual position of line-outage. The system under attack will be exposed to increasing risks as the attack continuously. Simulation results validate the efficiency of the proposed attack strategy.Comment: Accepted by IEEE SmartGridComm 201

False Analog Data Injection Attack Towards Topology Errors: Formulation and Feasibility Analysis

In this paper, we propose a class of false analog data injection attack that can misguide the system as if topology errors had occurred. By utilizing the measurement redundancy with respect to the state variables, the adversary who knows the system configuration is shown to be capable of computing the corresponding measurement value with the intentionally misguided topology. The attack is designed such that the state as well as residue distribution after state estimation will converge to those in the system with a topology error. It is shown that the attack can be launched even if the attacker is constrained to some specific meters. The attack is detrimental to the system since manipulation of analog data will lead to a forged digital topology status, and the state after the error is identified and modified will be significantly biased with the intended wrong topology. The feasibility of the proposed attack is demonstrated with an IEEE 14-bus system.Comment: 5 pages, 7 figures, Proc. of 2018 IEEE Power and Energy Society General Meetin

ME-Net: Towards Effective Adversarial Robustness with Matrix Estimation

Deep neural networks are vulnerable to adversarial attacks. The literature is rich with algorithms that can easily craft successful adversarial examples. In contrast, the performance of defense techniques still lags behind. This paper proposes ME-Net, a defense method that leverages matrix estimation (ME). In ME-Net, images are preprocessed using two steps: first pixels are randomly dropped from the image; then, the image is reconstructed using ME. We show that this process destroys the adversarial structure of the noise, while re-enforcing the global structure in the original image. Since humans typically rely on such global structures in classifying images, the process makes the network mode compatible with human perception. We conduct comprehensive experiments on prevailing benchmarks such as MNIST, CIFAR-10, SVHN, and Tiny-ImageNet. Comparing ME-Net with state-of-the-art defense mechanisms shows that ME-Net consistently outperforms prior techniques, improving robustness against both black-box and white-box attacks.Comment: ICML 201

Detection of False Data Injection Attacks in Smart Grid under Colored Gaussian Noise

In this paper, we consider the problems of state estimation and false data injection detection in smart grid when the measurements are corrupted by colored Gaussian noise. By modeling the noise with the autoregressive process, we estimate the state of the power transmission networks and develop a generalized likelihood ratio test (GLRT) detector for the detection of false data injection attacks. We show that the conventional approach with the assumption of Gaussian noise is a special case of the proposed method, and thus the new approach has more applicability. {The proposed detector is also tested on an independent component analysis (ICA) based unobservable false data attack scheme that utilizes similar assumptions of sample observation.} We evaluate the performance of the proposed state estimator and attack detector on the IEEE 30-bus power system with comparison to conventional Gaussian noise based detector. The superior performance of {both observable and unobservable false data attacks} demonstrates the effectiveness of the proposed approach and indicates a wide application on the power signal processing.Comment: 8 pages, 4 figures in IEEE Conference on Communications and Network Security (CNS) 201