skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.


Title: Deep Learning Based Multi-Label Attack Detection for Distributed Control of AC Microgrids
This paper presents a deep learning based multi-label attack detection approach for the distributed control in AC microgrids. The secondary control of AC microgrids is formulated as a constrained optimization problem with voltage and frequency as control variables which is then solved using a distributed primal-dual gradient algorithm. The normally distributed false data injection (FDI) attacks against the proposed distributed control are then designed for the distributed gener-ator's output voltage and active/reactive power measurements. In order to detect the presence of false measurements, a deep learning based attack detection strategy is further developed. The proposed attack detection is formulated as a multi-label classification problem to capture the inconsistency and co-occurrence dependencies in the power flow measurements due to the presence of FDI attacks. With this multi-label classification scheme, a single model is able to identify the presence of different attacks and load change simultaneously. Two different deep learning techniques are compared to design the attack detector, and the performance of the proposed distributed control and the attack detector is demonstrated through simulations on the modified IEEE 34-bus distribution test system.  more » « less
Award ID(s):
2103426 2017597 2403660
PAR ID:
10318998
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
2021 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Abstract This paper addresses the cybersecurity of hierarchical control of AC microgrids with distributed secondary control. The false data injection (FDI) cyberattack is assumed to alter the operating frequency of inverter‐based distributed generators (DGs) in an islanded microgrid. For the microgrids consisting of the grid‐forming inverters with the secondary control operating in a distributed manner, the attack on one DG deteriorates not only the corresponding DG but also the other DGs that receive the corrupted information via the distributed communication network. To this end, an FDI attack detection algorithm based on a combination of Gaussian process regression and one‐class support vector machine (OC‐SVM) anomaly detection is introduced. This algorithm is unsupervised in the sense that it does not require labelled abnormal data for training which is difficult to collect. The Gaussian process model predicts the response of the DG, and its prediction error and estimated variances provide input to an OC‐SVM anomaly detector. This algorithm returns enhanced detection performance than the standalone OC‐SVM. The proposed cyberattack detector is trained and tested with the data collected from a 4 DG microgrid test model and is validated in both simulation and hardware‐in‐the‐loop testbeds. 
    more » « less
  2. This paper presents a resilient control framework for distributed frequency and voltage control of AC microgrids under data manipulation attacks. In order for each distributed energy resource (DER) to detect any misbehavior on its neighboring DERs, an attack detection mechanism is first presented using a Kullback-Liebler (KL) divergence-based criterion. An attack mitigation technique is then proposed that utilizes the calculated KL divergence factors to determine trust values indicating the trustworthiness of the received information. Moreover, DERs continuously generate a self-belief factor and communicate it with their neighbors to inform them of the validity level of their own outgoing information. DERs incorporate their neighbors' self-belief and their own trust values in their control protocols to slow down and mitigate attacks. It is shown that the proposed cyber-secure control effectively distinguishes data manipulation attacks from legitimate events. The performance of proposed secure frequency and voltage control techniques is verified through the simulation of microgrid tests system implemented on IEEE 34-bus test feeder with six DERs. 
    more » « less
  3. Graph signal processing (GSP) has emerged as a powerful tool for practical network applications, including power system monitoring. Recent research has focused on developing GSP-based methods for state estimation, attack detection, and topology identification using the representation of the power system voltages as smooth graph signals. Within this framework, efficient methods have been developed for detecting false data injection (FDI) attacks, which until now were perceived as nonsmooth with respect to the graph Laplacian matrix. Consequently, these methods may not be effective against smooth FDI attacks. In this paper, we propose a graph FDI (GFDI) attack that minimizes the Laplacian-based graph total variation (TV) under practical constraints. We present the GFDI attack as the solution for a non-convex constrained optimization problem. The solution to the GFDI attack problem is obtained through approximating it using ℓ1 relaxation. A series of quadratic programming problems that are classified as convex optimization problems are solved to obtain the final solution. We then propose a protection scheme that identifies the minimal set of measurements necessary to constrain the GFDI output to a high graph TV, thereby enabling its detection by existing GSP-based detectors. Our numerical simulations on the IEEE-57 and IEEE-118 bus test cases reveal the potential threat posed by well-designed GSP-based FDI attacks. Moreover, we demonstrate that integrating the proposed protection design with GSP-based detection can lead to significant hardware cost savings compared to previous designs of protection methods against FDI attacks. 
    more » « less
  4. Intelligently designed false data injection (FDI) attacks have been shown to be able to bypass the chi-squared-test based bad data detector (BDD), resulting in physical consequences (such as line overloads) in the power system. In this paper, using synthetic PMU measurements and intelligently designed FDI attacks, it is shown that if an attack is suddenly injected into the system, a predictive filter with sufficient accuracy is able to detect it. However, an attacker can gradually increase the magnitude of the attack to avoid detection, and still cause damage to the system. 
    more » « less
  5. False data injection (FDI) attacks targeting under-load tap changing (ULTC) transformers pose a significant threat to smart distribution networks by exploiting vulnerabilities in the volt-var optimization (VVO) process, leading to potential undervoltage and voltage collapse. The increased integration of renewable energy and cyber-physical systems has expanded the attack surface, making traditional detection methods inadequate. For example, in 2023, attacks on utilities and decentralized components in the United States rose by 200%, with overall cyber threats increasing by 104%, highlighting growing vulnerabilities in distribution systems. To this end, this article proposes a two-stage remediation framework for decentralized FDI (DFDI) attacks targeting ULTC transformers. In the attack stage, vulnerabilities in ULTCs and voltage regulators are scrutinized, risking voltage collapse or blackouts in the distribution system. In the remediation stage, the distribution system operator focuses on non-attacked ULTCs, voltage regulators, distributed generation (DG) units, and smart homes to minimize reliance on compromised components. In this regard, a distinctive formulation of distribution network resilience and load management (DNRLM) problem is introduced to identify a resilient network topology and determine a situational power balance strategy. The proposed framework focuses on minimizing the system's reliance on the attacked ULTCs and voltage regulator components, thereby avoiding the intended voltage collapse caused by such DFDIs. The simulation results verify that the proposed method reduces the voltage collapse proximity index by over 60%, enhancing system resilience under DFDI attacks. 
    more » « less