Abstract:Today's power systems become more prone to cyberattacks due to the high integration of information technologies. In this paper, we demonstrate that the outages of some lines can be masked by injecting false data into a set of measurements. The success of the topology attack can be guaranteed by making that: 1)the injected false data obeys KCL and KVL to avoid being detected by the bad data detection program in the state estimation; 2)the residual is increased such that the line outage cannot be detected by PMU… Show more
“…However, the above two works only discussed a single attack and does not concern how to launch successive attacks. In the work by the authors of [15], attackers with perfect knowledge injected false data to successively mask transmission line outages leading to a serious situation without awareness. With further research, attack strategies have been improved, for example, optimal FDI attack actions are studied to mask the exceptional frequency leading to the largest disruption of generators in the work by the authors of [16].…”
Section: Fdi Attackmentioning
confidence: 99%
“…False command injection caused the system failure and FDI could delay the time of attack detection and develop impact of attacks. Based on the above discussion, the characters of FDI attacks [13][14][15][16][17][18][19] are summarized in Table 4. We can clearly see that the FDI attack becomes more complex, hides the traces of attacks better, and causes greater disruption.…”
Section: Fdi Attackmentioning
confidence: 99%
“…Previous works [13][14][15][16][17][18][19] have extensively studied FDI attacks. However, previous FDI attacks mainly pay attention to masking the wrong system state or disturbing the state estimation by launching just one attack.…”
False data injection (FDI) attack is a hot topic in cyber-physical systems (CPSs). Attackers inject bad data into sensors or return false data to the controller to cause the inaccurate state estimation. Although there exists many detection approaches, such as bad data detector (BDD), sequence pattern mining, and machine learning methods, a smart attacker still can inject perfectly false data to go undetected. In this paper, we focus on the advanced false data injection (AFDI) attack and its detection method. An AFDI attack refers to the attack where a malicious entity accurately and successively changes sensory data, making the normal system state continuously evaluated as other legal system states, causing wrong outflow of controllers. The attack can lead to an automatic and long-term system failure/performance degradation. We first depict the AFDI attack model and analyze limitations of existing detectors for detecting AFDI. Second, we develop an approach based on machine learning, which utilizes the k-Nearest Neighbor (KNN) technique and heterogeneous data including sensory data and system commands to implement a classifier for detecting AFDI attacks. Finally, simulation experiments are given to demonstrate AFDI attack impact and the effectiveness of the proposed method for detecting AFDI attacks.
“…However, the above two works only discussed a single attack and does not concern how to launch successive attacks. In the work by the authors of [15], attackers with perfect knowledge injected false data to successively mask transmission line outages leading to a serious situation without awareness. With further research, attack strategies have been improved, for example, optimal FDI attack actions are studied to mask the exceptional frequency leading to the largest disruption of generators in the work by the authors of [16].…”
Section: Fdi Attackmentioning
confidence: 99%
“…False command injection caused the system failure and FDI could delay the time of attack detection and develop impact of attacks. Based on the above discussion, the characters of FDI attacks [13][14][15][16][17][18][19] are summarized in Table 4. We can clearly see that the FDI attack becomes more complex, hides the traces of attacks better, and causes greater disruption.…”
Section: Fdi Attackmentioning
confidence: 99%
“…Previous works [13][14][15][16][17][18][19] have extensively studied FDI attacks. However, previous FDI attacks mainly pay attention to masking the wrong system state or disturbing the state estimation by launching just one attack.…”
False data injection (FDI) attack is a hot topic in cyber-physical systems (CPSs). Attackers inject bad data into sensors or return false data to the controller to cause the inaccurate state estimation. Although there exists many detection approaches, such as bad data detector (BDD), sequence pattern mining, and machine learning methods, a smart attacker still can inject perfectly false data to go undetected. In this paper, we focus on the advanced false data injection (AFDI) attack and its detection method. An AFDI attack refers to the attack where a malicious entity accurately and successively changes sensory data, making the normal system state continuously evaluated as other legal system states, causing wrong outflow of controllers. The attack can lead to an automatic and long-term system failure/performance degradation. We first depict the AFDI attack model and analyze limitations of existing detectors for detecting AFDI. Second, we develop an approach based on machine learning, which utilizes the k-Nearest Neighbor (KNN) technique and heterogeneous data including sensory data and system commands to implement a classifier for detecting AFDI attacks. Finally, simulation experiments are given to demonstrate AFDI attack impact and the effectiveness of the proposed method for detecting AFDI attacks.
“…The attack was designed based on finding out the line that can cause the most damaging to the system in [14]. Then, the authors in [15], [16] attempted to modify the PMU data to mask the outage event. The attack model was further derived using the power flow method [17] and SE [18].…”
Malicious attacks in the power system can eventually result in a large-scale cascade failure if not attended on time. These attacks, which are traditionally classified into physical and cyber attacks, can be avoided by using the latest and advanced detection mechanisms. However, a new threat called cyber-physical attacks which jointly target both the physical and cyber layers of the system to interfere the operations of the power grid is more malicious as compared with the traditional attacks. In this paper, we propose a new cyber-physical attack strategy where the transmission line is first physically disconnected, and then the line-outage event is masked, such that the control center is misled into detecting as an obvious line outage at a different position in the local area of the power system. Therefore, the topology information in the control center is interfered by our attack. We also propose a novel procedure for selecting vulnerable lines, and analyze the observability of our proposed framework. Our proposed method can effectively and continuously deceive the control center into detecting fake line-outage positions, and thereby increase the chance of cascade failure because the attention is given to the fake outage. The simulation results validate the efficiency of our proposed attack strategy.
“…In this paper, we focus on the detection of FDI attacks on transmission lines of the smart grid. An FDI attack on transmission line refers to the action in which a smart attacker modifies a part of sensory data to cause the false evaluation of line states such as transmission line outage mask attacks [2]. Transmission line states estimated based on related sensory data are critical to maintain the normal running of smart grid.…”
False data injection (FDI) attack is a hot topic in large-scale Cyber-Physical Systems (CPSs), which can cause bad state estimation of controllers. In this paper, we focus on FDI detection on transmission lines of the smart grid. We propose a novel and effective detection framework to identify FDI attacks. Different from the previous methods, there are multi-tier detectors which utilize edge nodes such as the programmable logic controllers (PLCs) instead of the central controller to detect attacks. The proposed framework can decrease the transmission time of data to reduce the latency of decisions because many sensory data need not be transmitted to the central controller for detection. We also develop a detection algorithm which utilizes classifiers based on machine learning to identify FDI. The training process is split from every edge node and is placed on the central node. The detectors are lightweight and are properly adopted in our detection framework. Our simulation experiments show that the proposed detection framework can provide better detection results than the existing detection approaches.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.