Hybrid Detection of Intermittent Cyber-Attacks in Networked Power Systems

Kontouras, Efstathios; Tzes, Anthony; Dritsas, Leonidas

doi:10.3390/en12244625

Cited by 6 publications

(8 citation statements)

References 35 publications

(89 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The concept of a compound attack detection mechanism, that links estimation-based and set-theoretic methods is addressed in [22] by Kontouras et al The detection mechanism is developed as a security enhancing tool for the load-frequency control loop of a networked power system that consists of several interconnected control areas. Simulations indicate that an estimation-based detector is unable to discern an intermittent attack.…”

Section: Published Papers Highlightsmentioning

confidence: 99%

Modern Power System Dynamics, Stability and Control

Alexandridis¹

2020

Energies

View full text Add to dashboard Cite

This Special Issue of Energies, “Modern Power System Dynamics, Stability and Control”, addresses the core problem of deploying novel aspects in the analysis of modern power systems as these are composed after the high penetration of distributed generation (DG) with different renewable energy sources (RES). The focus is given either on the new whole power and control system configuration or on individual cases of DG sources, power converters and other general or specific plants and devices. The problem can be tackled with different methodologies and may have several, more or less valuable and complicated solutions. The twenty-three accepted papers certainly offer a good contribution in a wide range of applications; they are extended from basic system theory perspectives, fundamental nonlinear analysis tools and novel modeling deployments to some interesting particular system and control issues.

show abstract

Section: Published Papers Highlightsmentioning

confidence: 99%

Modern Power System Dynamics, Stability and Control

Alexandridis¹

2020

Energies

View full text Add to dashboard Cite

show abstract

“…However, such a detector requires additional physical communication channels, which may not be feasible or realistic. Traditional analytical redundancy-based passive anomaly detectors are enhanced in [35] and [36] for detecting stealthy integrity attacks by using a backward-in-time signal processor. In these studies, even a small change due to a stealthy integrity attack is amplified by a backward-in-time signal processor such that the amplified change becomes sufficiently "large" to be detected.…”

Section: A State Of the Artmentioning

confidence: 99%

“…In these studies, even a small change due to a stealthy integrity attack is amplified by a backward-in-time signal processor such that the amplified change becomes sufficiently "large" to be detected. However, stealthy intermittent integrity attacks are not considered in [34]- [36].…”

Section: A State Of the Artmentioning

confidence: 99%

“…Compared to the authors' previous work [36], the intermittency feature of stealthy integrity attacks is considered in this paper. Moreover, the designed smoother in this paper introduces the covariance matrix resetting technique, which is shown to guarantee robustness to both disturbances and noise, and simultaneously guarantee sensitivity to stealthy intermittent integrity attacks.…”

Section: B Main Contributionsmentioning

confidence: 99%

See 1 more Smart Citation

Passive Attack Detection for a Class of Stealthy Intermittent Integrity Attacks

Zhang

Keliris

Parisini

et al. 2023

IEEE/CAA J. Autom. Sinica

View full text Add to dashboard Cite

This paper proposes a passive methodology for detecting a class of stealthy intermittent integrity attacks in cyberphysical systems subject to process disturbances and measurement noise. A stealthy intermittent integrity attack strategy is first proposed by modifying a zero-dynamics attack model. The stealthiness of the generated attacks is rigorously investigated under the condition that the adversary does not know precisely the system state values. In order to help detect such attacks, a backward-in-time detection residual is proposed based on an equivalent quantity of the system state change, due to the attack, at a time prior to the attack occurrence time. A key characteristic of this residual is that its magnitude increases every time a new attack occurs. To estimate this unknown residual, an optimal fixed-point smoother is proposed by minimizing a piece-wise linear quadratic cost function with a set of specifically designed weighting matrices. The smoother design guarantees robustness with respect to process disturbances and measurement noise, and is also able to maintain sensitivity as time progresses to intermittent integrity attack by resetting the covariance matrix based on the weighting matrices. The adaptive threshold is designed based on the estimated backward-in-time residual, and the attack detectability analysis is rigorously investigated to characterize quantitatively the class of attacks that can be detected by the pro-posed methodology. Finally, a simulation example is used to demonstrate the effectiveness of the developed methodology.

show abstract

“…(2) Intermittent (inter): every targeted instance is followed by a non-attacked instance and vice versa. In [34], this pattern showed to be hardly detected by an estimation-based detector;…”

Section: Threat Modelmentioning

confidence: 99%

Detecting and Mitigating Adversarial Examples in Regression Tasks: A Photovoltaic Power Generation Forecasting Case Study

et al. 2021

View full text Add to dashboard Cite

With data collected by Internet of Things sensors, deep learning (DL) models can forecast the generation capacity of photovoltaic (PV) power plants. This functionality is especially relevant for PV power operators and users as PV plants exhibit irregular behavior related to environmental conditions. However, DL models are vulnerable to adversarial examples, which may lead to increased predictive error and wrong operational decisions. This work proposes a new scheme to detect adversarial examples and mitigate their impact on DL forecasting models. This approach is based on one-class classifiers and features extracted from the data inputted to the forecasting models. Tests were performed using data collected from a real-world PV power plant along with adversarial samples generated by the Fast Gradient Sign Method under multiple attack patterns and magnitudes. One-class Support Vector Machine and Local Outlier Factor were evaluated as detectors of attacks to Long-Short Term Memory and Temporal Convolutional Network forecasting models. According to the results, the proposed scheme showed a high capability of detecting adversarial samples with an average F1-score close to 90%. Moreover, the detection and mitigation approach strongly reduced the prediction error increase caused by adversarial samples.

show abstract

Hybrid Detection of Intermittent Cyber-Attacks in Networked Power Systems

Cited by 6 publications

References 35 publications

Modern Power System Dynamics, Stability and Control

Modern Power System Dynamics, Stability and Control

Passive Attack Detection for a Class of Stealthy Intermittent Integrity Attacks

Detecting and Mitigating Adversarial Examples in Regression Tasks: A Photovoltaic Power Generation Forecasting Case Study

Contact Info

Product

Resources

About