Risk Assessment of Cyber Attacks on Power Grids Considering the Characteristics of Attack Behaviors

Yang, Zhihao; Zhang, Yiyi; Zhao, Junhui

doi:10.1109/access.2020.3014785

Cited by 10 publications

(5 citation statements)

References 37 publications

(58 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…where Z ci indicates whether a node has experienced a DoS attack; Z ci = 1 indicates that node i has been attacked, and Z ci = 0 indicates that node i is operating normally. FDI attacks tamper with the monitoring data, which affects the state estimation process of the control center and causes the state estimator to output the wrong value to the system operator, which may lead to the wrong control decision [19], [20]. Additionally, it is assumed that the attacker is allowed to completely control the information node; that is, the monitoring data or instructions of the node can always be tampered with.…”

Section: B Combined Information Attack Mechanismmentioning

confidence: 99%

Expected Failure Method and Its Analysis for Safety Evaluation in a Cyber-Physical Power System

Wang

Chen

et al. 2022

IEEE Access

View full text Add to dashboard Cite

With the development of communication technology, power and information systems have become deeply coupled and have become the most massive and complex cyber-physical power systems (CPPSs), resulting in certain risks to the safe operation of power systems. In this paper, a CPPS security assessment method based on the expected failure method and considering combined information attacks is proposed. Due to the large number of nodes in modern information systems, enumerating all possible combinations of system failures for evaluation and analysis is unrealistic. By considering the topological relationship of the CPPS and the electrical properties of coupled physical nodes, the idea of first screening information nodes is proposed in this paper to filter the information nodes. The impact of combined information attacks on the expected physical fault handling process is analyzed, and a safety evaluation index for the distribution network is provided. In addition, the proposed method is applied to the IEEE-118 system and compared with previous evaluation methods to verify its effectiveness.

show abstract

Section: B Combined Information Attack Mechanismmentioning

confidence: 99%

Expected Failure Method and Its Analysis for Safety Evaluation in a Cyber-Physical Power System

Wang

Chen

et al. 2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…According to the defensive effect function and the evaluation model (Chen et al 2020a), the probability that all smart meters on client k attacked is:…”

Section: Safety Risk Assessmentmentioning

confidence: 99%

“…We assume that an attacker randomly selects the smart meters to attack, and the possibility of a smart meter being attacked is related to its defensive degree. The stronger the defence, the more difficult it is to attack (Chen et al, 2020a) and the less likely it is to be attacked. The number of smart meters that the client

k

is responsible for is

M_{k}

.…”

Section: Client Selection‐based Fed_adbn Frameworkmentioning

confidence: 99%

“…All smart meters connected to a client have the same defence level. Then the defensive effect of a smart meter is as follows:

u_{m_{k}}^{df} goodbreak= 1 goodbreak- e^{- S_{m_{k}}}

The defensive effect of cilent

k

is:

u_{k}^{df} goodbreak= \sum_{m = 1}^{M_{k}} u_{m_{k}}^{df}

According to the defensive effect function and the evaluation model (Chen et al 2020a), the probability that all smart meters on client

k

attacked is:

P_{k}^{d} goodbreak= \frac{e^{- u_{k}^{italicdf}}}{\sum_{k = 1}^{K} e^{- u_{k}^{df}}}

\sum_{k = italic1}^{K} e^{- u_{k}^{df}}

is a fixed value. When the defensive effect on the kth client is better, the

u_{k}^{df}

is larger, and then the

e^{- u_{k}^{df}}

is smaller.…”

Section: Client Selection‐based Fed_adbn Frameworkmentioning

confidence: 99%

See 1 more Smart Citation

Fed_ADBN: An efficient intrusion detection framework based on client selection in AMI network

et al. 2022

View full text Add to dashboard Cite

Data transmission between smart meters and data center is facing network security threats in advanced metering infrastructure of smart grid. The traditional solution is to move the data to the data center to build a centralized attack detection model, or divide the collected data into several independent and identically distributed datasets to build a distributed attack detection model. However, the long-distance transmission and the centralized storage of data not only increase the communication overhead and time overhead, but also increase the risk of being attacked, causing privacy disclosure during the process of building the model. In this paper, we propose an efficient intrusion detection framework Fed_ADBN based on federated attention deep belief network and client selection. Clients cooperate with the data center to jointly build a horizontal federated learning framework. Under the premise of protecting data security by keeping data on the clients, we design a client selection algorithm based on client computing power, communication quality and security risks, which can improve the operating efficiency of federated learning. We also deploy a deep belief neural network with attention mechanism in each client to accurately detect possible network attacks in AMI network in real time. Experimental results show that compared with state-of-the-art methods, the proposed framework can not only maintain good detection accuracy but also protect privacy.

show abstract

“…There have been many related works on risk assessment for cyberattacks on power systems. In [22], considering the characteristics of attack behaviors, a risk assessment method on power grids was proposed. In [23], a cyber-physical security evaluation approach and contingency ranking technique for power infrastructures were proposed.…”

Section: Introductionmentioning

confidence: 99%

Security-Oriented Cyber-Physical Risk Assessment for Cyberattacks on Distribution System

Zhang,

2023

Applied Sciences

View full text Add to dashboard Cite

With the increasing deployment of advanced sensing and measurement devices, the modern distribution system is evolved into a cyber-physical power distribution system (CPPDS). Due to the extensive application of information and communication technology, CPPDS is prevalently exposed to a wide range of cybersecurity threats. In this paper, a novel security-oriented cyber-physical risk assessment method for CPPDS is proposed. Based on the information model composed of logical nodes, an attack graph of privilege promotion by exploiting the cyber vulnerabilities is constructed. The physical consequence caused by cyberattack is analyzed in detail. By using the Markov decision process (MDP) theory, the cyber-physical risk index (CPRI) is calculated. Furthermore, considering the allocation of the finite defense resource, the modified MDP approach with an attack–defense game is presented. The effectiveness of the proposed method is demonstrated with case studies on a four-feeder IEEE-RTBS test system.

show abstract

Risk Assessment of Cyber Attacks on Power Grids Considering the Characteristics of Attack Behaviors

Cited by 10 publications

References 37 publications

Expected Failure Method and Its Analysis for Safety Evaluation in a Cyber-Physical Power System

Expected Failure Method and Its Analysis for Safety Evaluation in a Cyber-Physical Power System

Fed_ADBN: An efficient intrusion detection framework based on client selection in AMI network

Security-Oriented Cyber-Physical Risk Assessment for Cyberattacks on Distribution System

Contact Info

Product

Resources

About