Multivariate Gaussian-Based False Data Detection Against Cyber-Attacks

An, Yu; Liu, Dong

doi:10.1109/access.2019.2936816

Cited by 26 publications

(13 citation statements)

References 27 publications

(33 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Wavelet transform has been used widely for transient analysis in the power system [9], [10], [11] and is employed for signal smoothing in this work. We combine the results from a variety of base anomaly detectors such as Hampel filter [12], Quartile technique, and DBSCAN using MB-MLE.…”

Section: B Related Workmentioning

confidence: 99%

Denoising and Bad Data Detection in Distribution Phasor Measurements using Filtering, Clustering and Koopman Mode Analysis

Vosughi¹,

Gholami²,

Srivastava³

2021

Preprint

View full text Add to dashboard Cite

Distribution-level phasor measurement units (D-PMU) data are prone to different types of anomalies given complex data flow and processing infrastructure in an active power distribution system with enhanced digital automation. It is essential to pre-process the data before being used by critical applications for situational awareness and control. In this work, two approaches for detection of data anomalies are introduced for offline (larger data processing window) and online (shorter data processing window) applications. A margin-based maximum likelihood estimator (MB-MLE) method is developed to detect anomalies by integrating the results of different base detectors including Hampel filter, Quartile detector and DBSCAN. A smoothing wavelet denoising method is used to remove high-frequency noises. The processed data with offline analysis is used to fit a model to the underlying dynamics of synchrophasor data using Koopman Mode Analysis, which is subsequently employed for online denoising and bad data detection (BDD) using Kalman Filter (KF). The parameters of the KF are adjusted adaptively based on similarity to the training data set for model fitting purposes. Developed techniques have been validated for the modified IEEE test system with multiple D-PMUs, modeled and simulated in real-time for different case scenarios using the OPAL-RT Hardware-In-the-Loop (HIL) Simulator.

show abstract

Section: B Related Workmentioning

confidence: 99%

Denoising and Bad Data Detection in Distribution Phasor Measurements using Filtering, Clustering and Koopman Mode Analysis

Vosughi¹,

Gholami²,

Srivastava³

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…The historical data in [21] needs to provide time series with equal time intervals. In the experiment, the number of fault samples adopted by [22] and [23] is almost equal to that normal samples. [24] verifies that the supervised learning method is not suitable when the number of fault samples is small.…”

Section: Introductionmentioning

confidence: 99%

A Degradation Fault Prognostic Method of Radar Transmitter Combining Multivariate Long Short-Term Memory Network and Multivariate Gaussian Distribution

Zhai

Fang

2020

IEEE Access

View full text Add to dashboard Cite

In the prognosis of radar transmitter degradation fault, there are some problems, such as the total sample size and fault sample size of sensor monitoring data are small, and the monitoring data can not reach the fault threshold. To solve these problems, a prediction model combining the multivariate long short-term memory networks with multivariate Gaussian distribution is proposed, in which the long short-term memory networks predict the subsequent time step of multi-sensor monitoring data, and the multivariate Gaussian distribution model constructed by few fault samples is used to realize the prediction of degraded faults. The key parameters of the model are determined by the data processing experiments of double monitoring points, and the validity of the model is verified by the data processing experiments of multiple monitoring points. The experimental results show that the degradation fault can be predicted effectively within 10% of the total time series of monitoring data. Compared with the traditional radar warning after failure, the model can effectively predict the degradation fault of the transmitter when the fault sample size is low and the fault threshold is not reached.INDEX TERMS Multivariate long short-term memory network, multivariate gaussian distribution, prognostic method, degradation fault of radar transmitter.

show abstract

“…Various attack detection techniques have been presented in the literature. In [6], the authors propose a multivariate Gaussian‐based anomaly detector trained using correlation features of micro phasor measurement units (μPMUs), but this detector requires the installation of μPMUs in the system. Liu et al [7] detect and identify attacks using reactance perturbation, but this method only works when the attacker has limited resources.…”

Section: Introductionmentioning

confidence: 99%

“…Estimation–detection framework: In this study, we introduce an LR attack detection framework based on support vector models by leveraging the historical load information commonly available to system operators. While there are existing approaches in the literature to prevent attacks by installing new devices [6] or protecting specific measurements [10], guiding operators to utilise existing data available to design software‐based solutions is complementary to those existing approaches. Our method determines the existence of LR attacks directly through the estimated loads, which can be conveniently applied in conjunction with the current EMS operations.…”

Section: Introductionmentioning

confidence: 99%