skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Modified Matrix Completion-based Detection of Stealthy Data Manipulation Attacks in Low Observable Distribution Systems
A composite detection technique against stealthy data manipulations is developed in this paper for distribution networks that are low observable. Attack detection strategies typically rely on state estimation which becomes challenging when limited measurements are available. In this paper, a modified matrix completion approach provides estimates of the system state and its error variances for the locations in the network where measurements are unavailable. Using the error statistics and their corresponding state estimates, bad data detection can be carried out using the chi-squared test. The proposed approach employs a moving target defence strategy (MTD) where the network parameters are perturbed through distributed flexible AC transmission system (D-FACTS) devices such that stealthy data manipulation attacks can be exposed in the form of bad data. Thus, the bad data detection approach developed in this paper can detect stealthy attacks using the MTD strategy. This technique is implemented on 37-bus and 123-bus three-phase unbalanced distribution networks to demonstrate the attack detection accuracy even for a low observable system.  more » « less
Award ID(s):
2225341
PAR ID:
10417407
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
IEEE Transactions on Smart Grid
ISSN:
1949-3053
Page Range / eLocation ID:
1 to 1
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; (, 2021 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm))
    This paper presents a deep learning based multi-label attack detection approach for the distributed control in AC microgrids. The secondary control of AC microgrids is formulated as a constrained optimization problem with voltage and frequency as control variables which is then solved using a distributed primal-dual gradient algorithm. The normally distributed false data injection (FDI) attacks against the proposed distributed control are then designed for the distributed gener-ator's output voltage and active/reactive power measurements. In order to detect the presence of false measurements, a deep learning based attack detection strategy is further developed. The proposed attack detection is formulated as a multi-label classification problem to capture the inconsistency and co-occurrence dependencies in the power flow measurements due to the presence of FDI attacks. With this multi-label classification scheme, a single model is able to identify the presence of different attacks and load change simultaneously. Two different deep learning techniques are compared to design the attack detector, and the performance of the proposed distributed control and the attack detector is demonstrated through simulations on the modified IEEE 34-bus distribution test system. 
    more » « less
  2. ; (, IEEE Transactions on Dependable and Secure Computing)
    Optimal Power Flow (OPF) is a crucial part of the Energy Management System (EMS) as it determines individual generator outputs that minimize generation cost while satisfying transmission, generation, and system level operating constraints. OPF relies on a core EMS routine, namely state estimation, which computes system states, principally bus voltages/phase angles at the buses. However, state estimation is vulnerable to false data injection attacks in which an adversary can alter certain measurements to corrupt the estimator's solution without being detected. It is also shown that a stealthy attack on state estimation can increase the OPF cost. However, the impact of stealthy attacks on the economic and secure operation of the system cannot be comprehensively analyzed due to the very large size of the attack space. In this paper, we present a hybrid framework that combines formal analytics with Simulink-based system modeling to investigate the feasibility of stealthy attacks and their influence on OPF in a time-efficient manner. The proposed approach is illustrated on synthetic case studies demonstrating the impact of stealthy attacks in different attack scenarios. We also evaluate the impact analysis time by running experiments on standard IEEE test cases and the results show significant scalability of the framework. 
    more » « less
  3. ; ; ; (, Processes)
    Hidden moving target defense (HMTD) is a proactive defense strategy that is kept hidden from attackers by changing the reactance of transmission lines to thwart false data injection (FDI) attacks. However, alert attackers with strong capabilities pose additional risks to the HMTD and thus, it is much-needed to evaluate the hiddenness of the HMTD. This paper first summarizes two existing alert attacker models, i.e., bad-data-detection-based alert attackers and data-driven alert attackers. Furthermore, this paper proposes a novel model-based alert attacker model that uses the MTD operation models to estimate the dispatched line reactance. The proposed attacker model can use the estimated line reactance to construct stealthy FDI attacks against HMTD methods that lack randomness. We propose a novel random-enabled HMTD (RHMTD) operation method, which utilizes random weights to introduce randomness and uses the derived hiddenness operation conditions as constraints. RHMTD is theoretically proven to be kept hidden from three alert attacker models. In addition, we analyze the detection effectiveness of the RHMTD against three alert attacker models. Simulation results on the IEEE 14-bus systems show that traditional HMTD methods fail to detect attacks by the model-based alert attacker, and RHMTD is kept hidden from three alert attackers and is effective in detecting attacks by three alert attackers. 
    more » « less
  4. ; ; (, Proceedings of the 10th IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm 2019))
    This work proposes a moving target defense (MTD) strategy to detect coordinated cyber-physical attacks (CCPAs) against power grids. A CCPA consists of a physical attack, such as disconnecting a transmission line, followed by a coordinated cyber attack that injects false data into the sensor measurements to mask the effects of the physical attack. Such attacks can lead to undetectable line outages and cause significant damage to the grid. The main idea of the proposed approach is to invalidate the knowledge that the attackers use to mask the effects of the physical attack by actively perturbing the grid’s transmission line reactances using distributed flexible AC transmission system (D-FACTS) devices. We identify the MTD design criteria in this context to thwart CCPAs. The proposed MTD design consists of two parts. First, we identify the subset of links for D-FACTS device deployment that enables the defender to detect CCPAs against any link in the system. Then, in order to minimize the defense cost during the system’s operational time, we use a game-theoretic approach to identify the best subset of links (within the D-FACTS deployment set) to perturb which will provide adequate protection. Extensive simulations performed using the MATPOWER simulator on IEEE bus systems verify the effectiveness of our approach in detecting CCPAs and reducing the operator’s defense cost. 
    more » « less
  5. ; ; (, International Conference on Decision and Game Theory for Security)
    null (Ed.)
    Moving target defense (MTD) is a proactive defense approach that aims to thwart attacks by continuously changing the attack surface of a system (e.g., changing host or network configurations), thereby increasing the adversary’s uncertainty and attack cost. To maximize the impact of MTD, a defender must strategically choose when and what changes to make, taking into account both the characteristics of its system as well as the adversary’s observed activities. Finding an optimal strategy for MTD presents a significant challenge, especially when facing a resourceful and determined adversary who may respond to the defender’s actions. In this paper, we propose a multi-agent partially-observable Markov Decision Process model of MTD and formulate a two-player general-sum game between the adversary and the defender. To solve this game, we propose a multi-agent reinforcement learning framework based on the double oracle algorithm. Finally, we provide experimental results to demonstrate the effectiveness of our framework in finding optimal policies. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email