Bad Data Detection Research Articles

A detection model for false data injection attacks in smart grids based on graph spatial features using temporal convolutional neural networks

Due to the intelligence and opening of future generation cyber–physical power systems, smart grids are vulnerable to the emergency of cyber-attacks aiming at the cyber–physical systems. Among these attacks, false data injection (FDI) attacks are particularly concerning in smart grids due to their stealthiness. Attackers can tamper with data transmitted through communication networks, influencing the analysis results of the control center, leading it to make wrong decisions and thereby undermining the stability of smart grids. The inability of traditional bad data detection models to detect false data injection attacks poses huge security risks to smart grids. For this reason, a new attack detection model using spatial–temporal features is proposed. The proposed detection model includes the following two parts: spatial features extraction and temporal convolutional network. First, graph convolutional operations are employed to disentangle the interactions among buses and extract spatial features of measurement; Then, the temporal convolutional network model is used to extract the temporal features. Through these processes, the proposed detection model can effectively identify the injected false data injection attacks in smart grids. The detection performance and robustness of the proposed FDI attack detection model are tested through simulations on IEEE 14-bus and 118-bus grid systems.

Physical model learning based false data injection attack on power system state estimation

The cyber security of power system state estimation (PSSE) is crucial, and its robustness against evolving false data injection attacks (FDIA) is being rigorously assessed to develop advanced countermeasures. Existing FDIA methods have achieved satisfactory success rates but often fail to align with practical constraints such as the assumption of partial or complete knowledge of the power system network by the attacker, modifications in generator output measurements, and the sparsity of the attacks. This work proposes a near practical, stealthy approach using a deep generative adversarial network-long short-term memory autoencoder (GAN-LSTMAE) learning based sparse FDIA method against AC PSSE, leveraging only measurement data. To evade the bad data detection (BDD) mechanism effectively, an LSTMAE-based PSSE mimic is proposed, further optimizing the GAN-based attack generator to embed the physical laws of the system along with measurement residuals and temporal dependencies of states to the generated false data. The proposed modified training data preparation algorithm, coupled with the attack sub-graph method, defines the optimal attack region while keeping generator output measurements intact. The generated attack is validated extensively using IEEE 14 and 118 bus test benchmarks against various defense techniques, demonstrating high success rates.

FDIA localization and classification detection in smart grids using multi-modal data and deep learning technique

False data injection attacks (FDIA) exploit the vulnerabilities of bad data detection in energy management systems to maliciously tamper with state estimation results, seriously jeopardizing the safe and reliable operation of power systems. In order to promptly detect FDIA, recent studies have used machine learning techniques to extract attack characteristics and detect FDIA based on changes in these characteristics. Current research predominantly focuses on detecting a single type of FDIA attack model and topology. However, the increasing diversification of FDIA construction methods and the variability of topological structures in power systems can reduce or even invalidate detection effectiveness. To cope with the abovementioned difficulties, this study introduces a multimodal deep learning detection model based on variational graph auto-encoders (VGAE), temporal convolutional networks (TCN), and gated recurrent units (GRU). The topological features of power systems are obtained through VGAE to adapt to the detection needs of various topological structures and performance enhancement. These features are then integrated with preprocessed measurement data via BDD to form multimodal data. Furthermore, this multimodal data is used to locate and classify FDIA with complete information, FDIA with incomplete information, and topology attack after applying a multi-label classification algorithm based on TCN-GRU for temporal feature extraction. Experiments carried out on the IEEE 14 and IEEE 118 bus systems show that the proposed method is robust and has high detection performance. The results indicate that the proposed detection method achieves AUC values that are, on average, 0.085, 0.145, and 0.04 higher than those of CNN, LSTM, and CNN-LSTM, respectively. Moreover, under various noise and attack intensities, recall, precision, F1 score, and RACC remain above 0.859, 0.877, 0.867, and 0.818, respectively, with a classification accuracy greater than 0.912. This study provides a unique perspective on detecting FDIA across various attack models and power system topologies.

Comparison of deep learning algorithms for site detection of false data injection attacks in smart grids

False Data Injection Attacks (FDIA) pose a significant threat to the stability of smart grids. Traditional Bad Data Detection (BDD) algorithms, deployed to remove low-quality data, can easily be bypassed by these attacks which require minimal knowledge about the parameters of the power bus systems. This makes it essential to develop defence approaches that are generic and scalable to all types of power systems. Deep learning algorithms provide state-of-the-art detection for FDIA while requiring no knowledge about system parameters. However, there are very few works in the literature that evaluate these models for FDIA detection at the level of an individual node in the power system. In this paper, we compare several recent deep learning-based model that proven their high performance and accuracy in detecting the exact location of the attack node, which are convolutional neural networks (CNN), Long Short-Term Memory (LSTM), attention-based bidirectional LSTM, and hybrid models. We, then, compare their performance with baseline multi-layer perceptron (MLP)., All the models are evaluated on IEEE-14 and IEEE-118 bus systems in terms of row accuracy (RACC), computational time, and memory space required for training the deep learning model. Each model was further investigated through a manual grid search to determine the optimal architecture of the deep learning model, including the number of layers and neurons in each layer. Based on the results, CNN model exhibited consistently high performance in very short training time. LSTM achieved the second highest accuracy; however, it had required an averagely higher training time. The attention-based LSTM model achieved a high accuracy of 94.53 during hyperparameter tuning, while the CNN model achieved a moderately lower accuracy with only one-fourth of the training time. Finally, the performance of each model was quantified on different variants of the dataset—which varied in their l2\\documentclass[12pt]{minimal} \\usepackage{amsmath} \\usepackage{wasysym} \\usepackage{amsfonts} \\usepackage{amssymb} \\usepackage{amsbsy} \\usepackage{mathrsfs} \\usepackage{upgreek} \\setlength{\\oddsidemargin}{-69pt} \\begin{document}$${\ ext{l}}_{2}$$\\end{document}-norm. Based on the results, LSTM, CNN obtained the highest accuracy followed by CNN-LSTM and lastly MLP.

Metaheuristics based dimensionality reduction with deep learning driven false data injection attack detection for enhanced network security

Recent sensor, communication, and computing technological advancements facilitate smart grid use. The heavy reliance on developed data and communication technology increases the exposure of smart grids to cyberattacks. Existing mitigation in the electricity grid focuses on protecting primary or redundant measurements. These approaches make certain assumptions regarding false data injection (FDI) attacks, which are inadequate and restrictive to cope with cyberattacks. The reliance on communication technology has emphasized the exposure of power systems to FDI assaults that can bypass the current bad data detection (BDD) mechanism. The current study on unobservable FDI attacks (FDIA) reveals the severe threat of secured system operation because these attacks can avoid the BDD method. Thus, a Data-driven learning-based approach helps detect unobservable FDIAs in distribution systems to mitigate these risks. This study presents a new Hybrid Metaheuristics-based Dimensionality Reduction with Deep Learning for FDIA (HMDR-DLFDIA) Detection technique for Enhanced Network Security. The primary objective of the HMDR-DLFDIA technique is to recognize and classify FDIA attacks in the distribution systems. In the HMDR-DLFDIA technique, the min–max scalar is primarily used for the data normalization process. Besides, a hybrid Harris Hawks optimizer with a sine cosine algorithm (hybrid HHO‐SCA) is applied for feature selection. For FDIA detection, the HMDR-DLFDIA technique utilizes the stacked autoencoder (SAE) method. To improve the detection outcomes of the SAE model, the gazelle optimization algorithm (GOA) is exploited. A complete set of experiments was organized to highlight the supremacy of the HMDR-DLFDIA method. The comprehensive result analysis stated that the HMDR-DLFDIA technique performed better than existing DL models.

Detection of false data injection attacks in smart grid based on adaptive inhibition unscented Kalman filter

Abstract False data injection attacks (FDIAs) cause incorrect system states by tampering with measurements, seriously affecting the EMS’s control process. However, the well-designed FDIAs can bypass traditional bad data detection (BDD) mechanisms. Aiming at the challenge, we improve the unscented Kalman filter and combine AIUKF with weighted least squares (WLS) to detect FDIAs. Utilizing the different convergence rates of the two estimators, the cosine similarity is introduced for FDIA detection. Various test conditions in IEEE-14-bus are simulated to underline the capability of AIUKF in state estimation. The results indicate that the proposed detection approach is superior for detecting FDIAs.

Detection and identification of bad data in AC/DC hybrid systems with LCC and MMC

Based on the CIM/XML and CIM/E documents exported from the regional dispatching system, this paper focuses on data generation and starts by converting the exported documents into raw input data for state estimation. Considering the interactions between the AC system, LCC, MMC, and LCC-MMC interfaces, a unified iterative method is proposed to model the state estimation of the 500 kV subnetwork. Subsequently, Gaussian noise is added to the original measurement data, and the maximum residual test method is employed for detecting and identifying bad data. Finally, the effectiveness of the proposed models for AC/DC state estimation and the detection and identification of bad data are validated through simulation data.

Upper control limit calculation for bad data detection in spatiotemporal power quality massive data and its application to harmonic load flow study

The current monitoring of modern distribution networks by operators with the aim to improve the network visibility and thus detect and mitigate challenges such as power quality issues has resulted in massive data generation. Such data need to be analysed and technical observations realised. Thus, this paper presents bad data detection for spatiotemporal harmonic power quality field measurements obtained from six power quality analysers (installed at the connection points of customer-owned photovoltaic and small-scale energy storage and the mains units) with high level of granularity (1s interval). A total of 4.1 billion measured values have been evaluated in the bad data detection. Multivariate statistical methods (principal component analysis and Hotelling’s T2 statistic) have been combined with Bag of Little Bootstrap (BLB) to analyse the massive data. Specifically, the BLB technique has been deployed for calculating the upper control limit for the bad data detection, thus, the spatiotemporal nature of the data has been fully captured. The method has been applied to harmonic load flow analysis of a practical distribution network. The findings reveal how the neglect of spatiotemporality could conceal the actual harmonic penetration levels in a data-driven harmonic load flow analysis. Other interesting technical findings are presented.

False data injection attack against smart power grid based on incomplete network information

In power systems, False Data Injection (FDI) attack can covertly mislead the state estimation of the power system and lead to inestimable damage. Traditional studies on FDI attack usually assume that the attacker has complete network information of the power grid. However, this assumption is often difficult to be achieved due to the good protection of data in the control center. In this paper, an FDI attack approach with incomplete network information is proposed against AC state estimation. In addition to constructing an attack vector to modify the selected state, this approach also gives the attack range of the state. Through the analysis of the residuals we propose a method to extend the range that can evade bad data detector. Simulation in the IEEE14 and IEEE118 bus systems verify the feasibility and stealth of the model.

False Data Injection Attack with Max-Min Optimization in Smart Grid

With the proliferation of information and communication technology (ICT), the smart grid is critically vulnerable to cyber-attacks such as false data injection (FDI), denial-of-service, and data spoofing. The cyber-attackers defunctionalize critical operations of the smart grid by compromising the ICT. The decisions for the critical operation of the smart grid are processed with a state estimator, and ICT makes the state estimator vulnerable to FDI attacks. Hence, vulnerability analysis of the state estimator needs to be investigated for potential FDI attacks to protect it from future cyber-attacks. This work proposes the FDI attack vector construction without the knowledge of bad data detection (BDD) threshold on linear and non-linear state estimators using max-min optimization considering the partial network information. The optimization problem is formulated from the attacker's perspective to target the manipulation of measurements in the attack zone so as to increase the generation cost. The equivalent power injection model is developed for the attack zone to construct the deceptive attacks using DC and AC power flow models. The effectiveness of the proposed framework has been tested on 5 bus PJM network, modified IEEE 30 bus, IEEE 57 bus, and IEEE 118 bus system. The proposed framework is compared with existing state-of-art methods (viz., linear attack policy, non-linear attack policy, load redistribution attack, and line flow attack) to assess its efficacy. It is observed that the developed FDI attack vector successfully bypasses the bad data detectors such as the chi-square test, largest normalized residue, and l2 detector that is normally used by the system operator. Moreover, the study compares and discusses the impact of FDI attacks on the estimated state variables obtained with state estimators and, thereby, the generation cost calculated with the DC & AC optimal power flow tool.

AI & Physics-Based Bad Command/Data Detection in Large Power Electronics Systems: Multi-Port Autonomous Reconfigurable Solar Power Plant (MARS)

Detection of bad data from measurement sensors and bad commands from control centers need to be carried out to avoid instabilities within large power electronics systems. Towards the same, in this paper, model and data driven methods are proposed to identify anomalies in measured data and commands received by large power electronics systems. The large power electronics system considered in this paper is a multi-port autonomous reconfigurable solar power plant (MARS), which consists of photovoltaic (PV) and energy storage systems (ESSs) that connect to high-voltage direct current (HVdc) system and transmission ac power grid. The proposed algorithms in the MARS power plant to detect bad data from measurements and bad commands from control centers are evaluated in simulations and hardware-in-the-loop (HIL) tests. It has been observed that the proposed algorithms are able to detect bad measurements and commands in all the use cases evaluated.

A locational false data injection attack detection method in smart grid based on adversarial variational autoencoders

Stealthy FDIA (False Data Injection Attack) is a serious cyber threat that can modify state estimation of smart grid through maliciously altering the measurement data, but can’t be detected by traditional bad data detection system in smart grid. There exist two weakpoints for numerous deep neural networks (DNNs) based data-driven schemes against FDIA. First, they mainly focus on detecting the presence of FDIA, but fail to localize the specific bus/nodes affected. Second, their performance is not sufficiently desirable under small attack, i.e., anomalies caused by the attack closely resemble normal data. To address the above issues, this paper proposes an effective locational FDIA detection framework based on data reconstruction, AT-GVAE, which seamlessly integrates the variational autoencoders (VAEs) and generative adversarial network paradigm. Specifically, our contributions are threefold. First, the proposed AT-GVAE framework is novelly composed of two main modules: the generative VAE_G and discriminative VAE_D that both play dual roles: reconstruct data from jointly learning distributions of data and latent feature space, and meanwhile play Minmax game with adversarial way. Second, multiple-layer gated recurrent units (GRUs) are utilized as the basic structure of the encoder and decoders in both VAEs, to characterize the temporal correlations of measurement data sequence. Additionally, the self-attention mechanism is used to enhance the expressive ability of GRU based VAEs. Then, the anomaly score for each busbar in the smart grid is determined by comparing the residual between the observed measurement and the outputs of VAE_G and VAE_D, enabling the localization of FDIA. Finally, thorough experiments on multiple power systems with series data of total 3456 measurements demonstrate that, in terms of multiple typical metrics, including false alarm rate vs. detection probability, AUC-ROC, and AUC-PR, our proposed framework outperforms the state-of-the-art GRU, VAE and adversarial training based FDIA detection schemes.

Detection of Data Integrity Attack Using Model and Data-Driven-Based Approach in CPPS

The cyber-physical power system (CPPS) is a modern infrastructure utilising information and communication technology that has become more vulnerable to cyberattacks in recent years. The attack magnitude injected by the adversary is stealthier and it cannot be detected using conventional bad data detection techniques. Protecting sensitive data from data integrity attacks (DIA) is essential for ensuring system security and reliability. A tragic event will occur if the attack goes unreported. Therefore, DIA detection is highly vital for the operator in the control centre to make important decisions. This paper addresses the attack impact on WAC applications and attack detection using the model-based method and data-driven-based methods. On the basis of the validation of performance indicators, various detection approaches are simulated and compared to determine the best detection strategy. Simulation results show that in the model-based anomaly detection method, the recursive polynomial model estimator (RPME) has better detection performance than the recursive least square estimator (RLSE). The convolutional neural network- (CNN-) based data-driven anomaly detection technique outperforms other machine learning (ML) techniques such as support vector machine (SVM), K-nearest neighbour (KNN), and random forest (RF). On the WSCC 3 machine 9-bus system, the efficacy of the suggested methods is evaluated.

Enhancing smart grid resilience with deep learning anomaly detection prior to state estimation

State estimation is a critical process in modern power system control centers that operate under strict real-time requirements. Among its key post-processing components are bad data detection and identification, with the latter being more complex and potentially compromising the system’s real-time performance. This paper proposes a novel component in the state estimation process called Anomaly Detection and Identification Module (ADIM), whose goal is to detect anomalies, or erroneous data points, prior to the state estimation process. Our work presents a deep learning-based method that exhibits a commendable level of accuracy in detecting anomalies within a continuous stream of measurements. ADIM’s capabilities are demonstrated through comprehensive experiments on a set of test cases that effectively encompass various network configurations, transformer types, and load scenarios. It is shown that ADIM can detect and identify anomalies effectively, significantly reducing the need for the bad data detection component and improving overall state estimation responsiveness. Our work lays the foundation for developing a detection- and identification-based anomaly system for power system measurements.

Modified Matrix Completion-Based Detection of Stealthy Data Manipulation Attacks in Low Observable Distribution Systems

A composite detection technique against stealthy data manipulations is developed in this paper for distribution networks that are low observable. Attack detection strategies typically rely on state estimation which becomes challenging when limited measurements are available. In this paper, a modified matrix completion approach provides estimates of the system state and its error variances for the locations in the network where measurements are unavailable. Using the error statistics and their corresponding state estimates, bad data detection can be carried out using the chi-squared test. The proposed approach employs a moving target defence strategy (MTD) where the network parameters are perturbed through distributed flexible AC transmission system (D-FACTS) devices such that stealthy data manipulation attacks can be exposed in the form of bad data. Thus, the bad data detection approach developed in this paper can detect stealthy attacks using the MTD strategy. This technique is implemented on 37-bus and 123-bus three-phase unbalanced distribution networks to demonstrate the attack detection accuracy even for a low observable system.

Localizing False Data Injection Attacks in Smart Grid: A Spectrum-Based Neural Network Approach

Smart grid is confronted with cyberattacks due to the increasing dependence on cyberspace. False data injection attacks (FDIAs) represent a major type of cyberattacks that cannot be detected by the traditional bad data detection (BDD). The majority of existing researches focus on how to detect FDIAs, while little attention has been paid to obtaining the exact attack locations, which are crucial for deploying countermeasures in time. In this paper, we propose a neural network-based approach for online localizing FDIAs in AC power systems. The approach transforms the multi-dimensional time series measurements to their time-frequency and spectral graph representations, to jointly capture the temporal and spatial correlations in the spectral domain. The spectral decomposition could better characterize the latent properties of measurements, such as auto-correlations of a bus and key dependency between buses, which would be poorly represented in the time domain and vertex domain. Specifically, the proposed approach first adopts the short-time Fourier transform (STFT) and a two-channel convolutional neural network (2C-CNN) to model the spectral-temporal correlations. Then the spectral-spatial relationships are modeled with a graph convolutional network (GCN), which combines the nodal admittance matrix and physical property of power systems. The prior physical knowledge further improves our approach’s interpretability and localization performance. We evaluate the effectiveness of our proposed approach with comprehensive case studies on various standard test systems. Numerical results indicate the superiority of our approach over baselines.

Paired Swarm Optimized Relational Vector Learning for FDI Attack Detection in IoT-Aided Smart Grid

IoT-aided smart grid heavily depends on the most innovative communication technologies that could make the grid system susceptible to False Data Injection Attacks (FDIA). The main objective of the FDI attackers remains in damaging or corrupting the state estimation strategy in the smart grid resulting in blackouts and/or to influence the electricity market. With a number of features involved in the smart grid system, FDIA detection is said to be complicated. By the conventional bad data detection systems, the FDIA detection accuracy and validation made by Receiver Operating Characteristic (ROC) curve were marginally acceptable. However, due to the time complexity and overhead incurred, the detection of FDIA is a hot research topic. In this work, we design an efficient FDIA detection method by coupling Cooperative Paired Swarm Optimization and Relational Vector Learning techniques (CPSO-RVL), to address the above-said issues. First, the cooperative paired particle swarm optimization model is proposed to attain an appropriate feature for improving the computational efficiency of FDIA detection. Next, with the obtained significant features, the relational vector learning-based FDIA detection model is designed for robust classification between FDIA and non-FDIA with minimum overhead. The extensive experiments show that the proposed method outperforms existing baseline approaches by 16%, and 34% in terms of computation time, and computation overhead respectively.

Detection of False Data Injection Attacks in a Smart Grid Based on WLS and an Adaptive Interpolation Extended Kalman Filter

An accurate power state is the basis of the normal functioning of the smart grid. However, false data injection attacks (FDIAs) take advantage of the vulnerability in the bad data detection mechanism of the power system to manipulate the process of state estimation. By attacking the measurements, then affecting the estimated state, FDIAs have become a serious hidden danger that affects the security and stable operation of the power system. To address the bad data detection vulnerability, in this paper, a false data attack detection method based on weighted least squares (WLS) and an adaptive interpolation extended Kalman filter (AIEKF) is proposed. On the basis of applying WLS and AIEKF, the Euclidean distance is used to calculate the deviation values of the two-state estimations to determine whether the current moment is subjected to a false data injection attack in the power system. Extensive experiments were conducted to simulate an IEEE-14-bus power system, showing that the adaptive interpolation extended Kalman filter can compensate for the deficiency in the bad data detection mechanism and successfully detect FDIAs.

Data-driven load frequency cooperative control for multi-area power system integrated with VSCs and EV aggregators under cyber-attacks

This paper proposes a cooperative load frequency control (LFC) strategy based on a multi-agent deep reinforcement learning (MADRL) framework for the multi-area power system in the presence of voltage source converters (VSCs) and electric vehicle (EV) aggregators under cyber-attacks. Different from the existing LFC model, a novel transfer function of VSCs is first improved by the space-vector technique and integrated with EV aggregators to develop a multi-area training environment. By installing the agent in different control areas and interacting state transition information between agents and the new environment, the MADRL-based control strategy is achieved for centralized training and decentralized execution. Thus, the proposed MADRL method can coordinate thermal turbines, VSCs, as well as EV aggregators in the different control areas. Furthermore, a suitable cyber-attack model that can circumvent bad data detection (BDD) is reconstructed according to the perspective of adversaries for the LFC system. Then the double critic networks and parameter updating policy are designed to eliminate and mitigate the fluctuations caused by cyber-attacks. The comparative simulation with other control strategies on a three-area test power system demonstrates the superior performance of the proposed MADRL-based approach.

Vulnerability analysis and modeling false data injection attack against voltage source converter in renewable generation power system

With the increasing penetration of renewable resources, more power electronic devices that need communication with control centers may bring a novel risk of cyber attacks. This paper investigates the vulnerability of the hierarchical control and proposes a false data injection attack (FDIA) constructing algorithm against voltage source converters. The attack can be accomplished via a physical attack generator or falsification via attacking supervisory control and data acquisition system. By developing the FDIA model against state estimation, the proposed attack model can circumvent bad data detection in the secondary control loop. The tests are carried out on a single converter infinite bus benchmark and an IEEE 34-bus system. The results show that the proposed attack model can mislead the system to produce threatening oscillation.