Jiaqi Ruan,Gaoqi Liang,Huan Zhao,Guolong Liu,Xianzhuo Sun,Jing Qiu,Zhao Xu,Fushuan Wen,Zhao Yang Dong

2024-01-24

Abstract:Applying large language models (LLMs) to modern power systems presents a promising avenue for enhancing decision-making and operational efficiency. However, this action may also incur potential security threats, which have not been fully recognized so far. To this end, this article analyzes potential threats incurred by applying LLMs to power systems, emphasizing the need for urgent research and development of countermeasures.

Artificial Intelligence,Human-Computer Interaction,Systems and Control

Zhenyong Zhang,Mengxiang Liu,Mingyang Sun,Ruilong Deng,Peng Cheng,Dusit Niyato,Mo-Yuen Chow,Jiming Chen

DOI: https://doi.org/10.1109/jiot.2024.3349381

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Machine learning (ML) sees an increasing prevalence of being used in the internet-of-things (IoT)-based smart grid. However, the trustworthiness of ML is a severe issue that must be addressed to accommodate the trend of ML-based smart grid applications (MLsgAPPs). The adversarial distortion injected into the power signal will greatly affect the system’s normal control and operation. Therefore, it is imperative to conduct vulnerability assessment for MLsgAPPs applied in the safety-critical power systems. In this paper, we provide a comprehensive review of the recent progress in designing attack and defense methods for MLsgAPPs. Unlike the traditional survey about ML security, this is the first review work about the security of MLsgAPPs that focuses on the characteristics of power systems. We first highlight the specifics for constructing adversarial attacks on MLsgAPPs. Then, the vulnerability of MLsgAPP is analyzed from the perspective of the power system and ML model, respectively. Afterward, a comprehensive survey is conducted to review and compare existing studies about the adversarial attacks on MLsgAPPs in scenarios of generation, transmission, distribution, and consumption, and the countermeasures are reviewed according to the attacks that they defend against. Finally, the future research directions are discussed on the attacker’s and defender’s side, respectively. We also analyze the potential vulnerability of large language model-based (e.g., ChatGPT) smart grid applications. Overall, our purpose is to encourage more researchers to contribute to investigating the adversarial issues of MLsgAPPs.

computer science, information systems,telecommunications,engineering, electrical & electronic

Abdellah Chehri,Issouf Fofana,Xiaomin Yang

DOI: https://doi.org/10.3390/su13063196

IF: 3.9

2021-03-15

Sustainability

Abstract:Smart grids (SG) emerged as a response to the need to modernize the electricity grid. The current security tools are almost perfect when it comes to identifying and preventing known attacks in the smart grid. Still, unfortunately, they do not quite meet the requirements of advanced cybersecurity. Adequate protection against cyber threats requires a whole set of processes and tools. Therefore, a more flexible mechanism is needed to examine data sets holistically and detect otherwise unknown threats. This is possible with big modern data analyses based on deep learning, machine learning, and artificial intelligence. Machine learning, which can rely on adaptive baseline behavior models, effectively detects new, unknown attacks. Combined known and unknown data sets based on predictive analytics and machine intelligence will decisively change the security landscape. This paper identifies the trends, problems, and challenges of cybersecurity in smart grid critical infrastructures in big data and artificial intelligence. We present an overview of the SG with its architectures and functionalities and confirm how technology has configured the modern electricity grid. A qualitative risk assessment method is presented. The most significant contributions to the reliability, safety, and efficiency of the electrical network are described. We expose levels while proposing suitable security countermeasures. Finally, the smart grid’s cybersecurity risk assessment methods for supervisory control and data acquisition are presented.

environmental sciences,environmental studies,green & sustainable science & technology

Jing Cui,Yishi Xu,Zhewei Huang,Shuchang Zhou,Jianbin Jiao,Junge Zhang

2024-09-06

Abstract:Large Language Models (LLMs) have revolutionized artificial intelligence and machine learning through their advanced text processing and generating capabilities. However, their widespread deployment has raised significant safety and reliability concerns. Established vulnerabilities in deep neural networks, coupled with emerging threat models, may compromise security evaluations and create a false sense of security. Given the extensive research in the field of LLM security, we believe that summarizing the current state of affairs will help the research community better understand the present landscape and inform future developments. This paper reviews current research on LLM vulnerabilities and threats, and evaluates the effectiveness of contemporary defense mechanisms. We analyze recent studies on attack vectors and model weaknesses, providing insights into attack mechanisms and the evolving threat landscape. We also examine current defense strategies, highlighting their strengths and limitations. By contrasting advancements in attack and defense methodologies, we identify research gaps and propose future directions to enhance LLM security. Our goal is to advance the understanding of LLM safety challenges and guide the development of more robust security measures.

Cryptography and Security,Artificial Intelligence

Xinyu Yang,Xiaofei He,Jie Lin,Wei Yu,Qingyu Yang

DOI: https://doi.org/10.1109/trustcom.2016.0094

2016-01-01

Abstract:The diverse cyber attacks, that make operation of the smart grid challenging, must be addressed before wide adoption of smart grids can be fully realized. Although a number of research efforts have been devoted to defending against these threats, a majority of existing schemes focus on the design of a specific defensive strategy to deal with a specific threat. In this paper we address the issue of coalitional attacks that can be launched by multiple adversaries cooperatively in the smart grid. We propose a game-theoretic based model to capture the interaction among multiple adversaries and quantify the capacity of the defender based on the extended Iterated Public Goods Game (IPGG) model. In the formalized game model, each participant can either cooperate by participating in the coalitional attack, or defect by standing aside in each round of the attack. We consider the generic defensive strategy that has a probability to detect the coalitional attack. When the coalitional attack is detected, all the participating adversaries are penalized. The expected payoff of each participant is derived through the zero-determinant strategy that provides the participants competitive benefits. Via a combination of theoretical analysis and experiments, our results show that our formalized game model can enable the defender to greatly reduce the maximum value of the expected average payoff to the adversaries via provisioning sufficient defensive resources, which is reflected by setting a proper penalty factor against the adversaries.

Zhenyong Zhang,Zhibo Yang,David K.Y. Yau,Youliang Tian,Jianfeng Ma

DOI: https://doi.org/10.1016/j.apenergy.2023.121405

IF: 11.2

2023-06-24

Applied Energy

Abstract:Towards the low-carbon goal, a smart grid features remote connection, data sharing, and cyber–physical integration to increase the flexibility of energy supplies, to reduce electricity wastage, and to enhance safety under intermittent renewables. In this context, machine learning (ML) is increasingly employed in smart grids to solve tasks that require deep data analytics. However, it is well recognized that ML models are vulnerable to adversarial examples that might be contained in open shared data, which creates opportunities for potential attackers to launch cyberattacks. In particular, system operating states acting as critical inputs to ML-based smart grid applications (MLsgAPPs) can be manipulated by malicious actors to mislead the system operator into making wrong decisions that in turn may cause major blackouts and other damaging cascading events. It is thus imperative to advance vulnerability assessment for MLsgAPPs. In this paper, we propose a physics-constrained robustness evaluation framework for MLsgAPPs, which is a first attempt of using tree ensemble (TE) models. Unlike adversarial attacks against prior studied image-classification tasks, adversarial examples against TE-based smart grid applications (TEsgAPPs) must not only cheat human intuition but also follow laws of physics and bypass error-checking mechanisms for power systems. Thus, formulation of the traditional robustness evaluation problem must be reconsidered to account for domain-specific misclassification, physical limit, power balance, and error-bypass constraints, in order to obtain tight lower bounds of the magnitudes of tolerated adversarial perturbations. We adopt a formal modeling approach to construct a discrete tree structure and to specify the model evasion conditions. We propose an efficient robustness evaluation method by transforming variables considering l1 and l∞ norms, followed by a generalization that expands the variable space to admit other types of norms. Using TE-based power system security assessment as an example, comprehensive simulations are conducted for evaluating the physics-constrained robustness under different TE models and model parameters.

energy & fuels,engineering, chemical

Yazeed Yasin Ghadi,Tehseen Mazhar,Khursheed Aurangzeb,Inayatul Haq,Tariq Shahzad,Asif Ali Laghari,Muhammad Shahid Anwar

DOI: https://doi.org/10.7717/peerj-cs.1840

2024-04-27

PeerJ Computer Science

Abstract:The need to update the electrical infrastructure led directly to the idea of smart grids (SG). Modern security technologies are almost perfect for detecting and preventing numerous attacks on the smart grid. They are unable to meet the challenging cyber security standards, nevertheless. We need many methods and techniques to effectively defend against cyber threats. Therefore, a more flexible approach is required to assess data sets and identify hidden risks. This is possible for vast amounts of data due to recent developments in artificial intelligence, machine learning, and deep learning. Due to adaptable base behavior models, machine learning can recognize new and unexpected attacks. Security will be significantly improved by combining new and previously released data sets with machine learning and predictive analytics. Artificial Intelligence (AI) and big data are used to learn more about the current situation and potential solutions for cybersecurity issues with smart grids. This article focuses on different types of attacks on the smart grid. Furthermore, it also focuses on the different challenges of AI in the smart grid. It also focuses on using big data in smart grids and other applications like healthcare. Finally, a solution to smart grid security issues using artificial intelligence and big data methods is discussed. In the end, some possible future directions are also discussed in this article. Researchers and graduate students are the audience of our article.

computer science, information systems, artificial intelligence, theory & methods

Kian Hamedani,Lingjia Liu,Jithin Jagannath,Yang

DOI: https://doi.org/10.48550/arXiv.2106.03209

2021-06-07

Abstract:Smart grids are vulnerable to cyber-attacks. This paper proposes a game-theoretic approach to evaluate the variations caused by an attacker on the power measurements. Adversaries can gain financial benefits through the manipulation of the meters of smart grids. On the other hand, there is a defender that tries to maintain the accuracy of the meters. A zero-sum game is used to model the interactions between the attacker and defender. In this paper, two different defenders are used and the effectiveness of each defender in different scenarios is evaluated. Multi-layer perceptrons (MLPs) and traditional state estimators are the two defenders that are studied in this paper. The utility of the defender is also investigated in adversary-aware and adversary-unaware situations. Our simulations suggest that the utility which is gained by the adversary drops significantly when the MLP is used as the defender. It will be shown that the utility of the defender is variant in different scenarios, based on the defender that is being used. In the end, we will show that this zero-sum game does not yield a pure strategy, and the mixed strategy of the game is calculated.

Machine Learning

Omer Sen,Bozhidar Ivanov,Christian Kloos,Christoph Zol_,Philipp Lutat,Martin Henze,Andreas Ulbig

DOI: https://doi.org/10.1016/j.ijcip.2024.100727

2024-12-09

Abstract:The power grid is a critical infrastructure essential for public safety and welfare. As its reliance on digital technologies grows, so do its vulnerabilities to sophisticated cyber threats, which could severely disrupt operations. Effective protective measures, such as intrusion detection and decision support systems, are essential to mitigate these risks. Machine learning offers significant potential in this field, yet its effectiveness is constrained by the limited availability of high-quality data due to confidentiality and access restrictions. To address this, we introduce a simulation environment that replicates the power grid's infrastructure and communication dynamics. This environment enables the modeling of complex, multi-stage cyber attacks and defensive responses, using attack trees to outline attacker strategies and game-theoretic approaches to model defender actions. The framework generates diverse, realistic attack data to train machine learning algorithms for detecting and mitigating cyber threats. It also provides a controlled, flexible platform to evaluate emerging security technologies, including advanced decision support systems. The environment is modular and scalable, facilitating the integration of new scenarios without dependence on external components. It supports scenario generation, data modeling, mapping, power flow simulation, and communication traffic analysis in a cohesive chain, capturing all relevant data for cyber security investigations under consistent conditions. Detailed modeling of communication protocols and grid operations offers insights into attack propagation, while datasets undergo validation in laboratory settings to ensure real-world applicability. These datasets are leveraged to train machine learning models for intrusion detection, focusing on their ability to identify complex attack patterns within power grid operations.

Cryptography and Security

Aydin Zaboli,Seong Lok Choi,Tai-Jin Song,Junho Hong

2024-02-26

Abstract:Cybersecurity breaches targeting electrical substations constitute a significant threat to the integrity of the power grid, necessitating comprehensive defense and mitigation strategies. Any anomaly in information and communication technology (ICT) should be detected for secure communications between devices in digital substations. This paper proposes large language models (LLM), e.g., ChatGPT, for the cybersecurity of IEC 61850-based digital substation communications. Multicast messages such as generic object oriented system event (GOOSE) and sampled value (SV) are used for case studies. The proposed LLM-based cybersecurity framework includes, for the first time, data pre-processing of communication systems and human-in-the-loop (HITL) training (considering the cybersecurity guidelines recommended by humans). The results show a comparative analysis of detected anomaly data carried out based on the performance evaluation metrics for different LLMs. A hardware-in-the-loop (HIL) testbed is used to generate and extract dataset of IEC 61850 communications.

Cryptography and Security,Systems and Control

Sunitha Basodi,Song Tan,WenZhan Song,Yi Pan

DOI: https://doi.org/10.1504/ijsn.2020.106506

2020-01-01

Abstract:Cybersecurity in smart grids plays a crucial role in determining its reliable functioning and availability. Data integrity attacks at the physical layer of smart grids are mainly addressed in this paper. State vector estimation (SVE) methods are widely used to detect such attacks, but such methods fail to identify attacks that comply with physical properties of the grid, known as unobservable attacks. In this paper, we formulate a distance measure to be employed as the cost function in deep-learning models using feed-forward neural network architectures to classify malicious and secured measurements. Efficiency and performance of these models are compared with existing state-of-the-art detection algorithms and supervised machine learning models. Our analysis shows better performance for deep learning models in detecting centralised data attacks.

Carmelo Ardito,Yashar Deldjoo,Tommaso Di Noia,Eugenio Di Sciascio,Fatemeh Nazary,Giovanni Servedio

DOI: https://doi.org/10.48550/arXiv.2303.18136

2024-01-30

Abstract:In smart electrical grids, fault detection tasks may have a high impact on society due to their economic and critical implications. In the recent years, numerous smart grid applications, such as defect detection and load forecasting, have embraced data-driven methodologies. The purpose of this study is to investigate the challenges associated with the security of machine learning (ML) applications in the smart grid scenario. Indeed, the robustness and security of these data-driven algorithms have not been extensively studied in relation to all power grid applications. We demonstrate first that the deep neural network method used in the smart grid is susceptible to adversarial perturbation. Then, we highlight how studies on fault localization and type classification illustrate the weaknesses of present ML algorithms in smart grids to various adversarial attacks

Cryptography and Security,Artificial Intelligence,Machine Learning

Yifan Yao,Jinhao Duan,Kaidi Xu,Yuanfang Cai,Zhibo Sun,Yue Zhang

DOI: https://doi.org/10.1016/j.hcc.2024.100211

2024-03-01

High-Confidence Computing

Abstract:Large Language Models (LLMs), such as ChatGPT and Bard, have revolutionized natural language understanding and generation. They possess deep language comprehension, human-like text generation capabilities, contextual awareness, and robust problem-solving skills, making them invaluable in various domains (e.g., search engines, customer support, translation). In the meantime, LLMs have also gained traction in the security community, revealing security vulnerabilities and showcasing their potential in security-related tasks. This paper explores the intersection of LLMs with security and privacy. Specifically, we investigate how LLMs positively impact security and privacy, potential risks and threats associated with their use, and inherent vulnerabilities within LLMs. Through a comprehensive literature review, the paper categorizes the papers into “The Good” (beneficial LLM applications), “The Bad” (offensive applications), and “The Ugly” (vulnerabilities of LLMs and their defenses). We have some interesting findings. For example, LLMs have proven to enhance code security (code vulnerability detection) and data privacy (data confidentiality protection), outperforming traditional methods. However, they can also be harnessed for various attacks (particularly user-level attacks) due to their human-like reasoning abilities. We have identified areas that require further research efforts. For example, Research on model and parameter extraction attacks is limited and often theoretical, hindered by LLM parameter scale and confidentiality. Safe instruction tuning, a recent development, requires more exploration. We hope that our work can shed light on the LLMs’ potential to both bolster and jeopardize cybersecurity.

English Else

Arastoo Zibaeirad,Farnoosh Koleini,Shengping Bi,Tao Hou,Tao Wang

2024-07-11

Abstract:In this study, we conduct a comprehensive review of smart grid security, exploring system architectures, attack methodologies, defense strategies, and future research opportunities. We provide an in-depth analysis of various attack vectors, focusing on new attack surfaces introduced by advanced components in smart grids. The review particularly includes an extensive analysis of coordinated attacks that incorporate multiple attack strategies and exploit vulnerabilities across various smart grid components to increase their adverse impact, demonstrating the complexity and potential severity of these threats. Following this, we examine innovative detection and mitigation strategies, including game theory, graph theory, blockchain, and machine learning, discussing their advancements in counteracting evolving threats and associated research challenges. In particular, our review covers a thorough examination of widely used machine learning-based mitigation strategies, analyzing their applications and research challenges spanning across supervised, unsupervised, semi-supervised, ensemble, and reinforcement learning. Further, we outline future research directions and explore new techniques and concerns. We first discuss the research opportunities for existing and emerging strategies, and then explore the potential role of new techniques, such as large language models (LLMs), and the emerging threat of adversarial machine learning in the future of smart grid security.

Cryptography and Security,Artificial Intelligence

Javier Sande Ríos,Jesús Canal Sánchez,Carmen Manzano Hernandez,Sergio Pastrana

2024-06-18

Abstract:The power grid is a critical infrastructure that allows for the efficient and robust generation, transmission, delivery and consumption of electricity. In the recent years, the physical components have been equipped with computing and network devices, which optimizes the operation and maintenance of the grid. The cyber domain of this smart power grid opens a new plethora of threats, which adds to classical threats on the physical domain. Accordingly, different stakeholders including regulation bodies, industry and academy, are making increasing efforts to provide security mechanisms to mitigate and reduce cyber-risks. Despite these efforts, there have been various cyberattacks that have affected the smart grid, leading in some cases to catastrophic consequences, showcasing that the industry might not be prepared for attacks from high profile adversaries. At the same time, recent work shows a lack of agreement among grid practitioners and academic experts on the feasibility and consequences of academic-proposed threats. This is in part due to inadequate simulation models which do not evaluate threats based on attackers full capabilities and goals. To address this gap, in this work we first analyze the main attack surfaces of the smart grid, and then conduct a threat analysis from the adversarial model perspective, including different levels of knowledge, goals, motivations and capabilities. To validate the model, we provide real-world examples of the potential capabilities by studying known vulnerabilities in critical components, and then analyzing existing cyber-attacks that have affected the smart grid, either directly or indirectly.

Cryptography and Security

Qiang Hu,Xiaofei Xie,Sen Chen,Lei Ma

DOI: https://doi.org/10.48550/arXiv.2411.01604

2024-11-03

Abstract:Large Language Model (LLM) is changing the software development paradigm and has gained huge attention from both academia and industry. Researchers and developers collaboratively explore how to leverage the powerful problem-solving ability of LLMs for specific domain tasks. Due to the wide usage of LLM-based applications, e.g., ChatGPT, multiple works have been proposed to ensure the security of LLM systems. However, a comprehensive understanding of the entire processes of LLM system construction (the LLM supply chain) is crucial but relevant works are limited. More importantly, the security issues hidden in the LLM SC which could highly impact the reliable usage of LLMs are lack of exploration. Existing works mainly focus on assuring the quality of LLM from the model level, security assurance for the entire LLM SC is ignored. In this work, we take the first step to discuss the potential security risks in each component as well as the integration between components of LLM SC. We summarize 12 security-related risks and provide promising guidance to help build safer LLM systems. We hope our work can facilitate the evolution of artificial general intelligence with secure LLM ecosystems.

Cryptography and Security,Artificial Intelligence,Software Engineering

Herve Debar,Sven Dietrich,Pavel Laskov,Emil C. Lupu,Eirini Ntoutsi

2024-12-23

Abstract:Large language models (LLMs) have achieved record adoption in a short period of time across many different sectors including high importance areas such as education [4] and healthcare [23]. LLMs are open-ended models trained on diverse data without being tailored for specific downstream tasks, enabling broad applicability across various domains. They are commonly used for text generation, but also widely used to assist with code generation [3], and even analysis of security information, as Microsoft Security Copilot demonstrates [18]. Traditional Machine Learning (ML) models are vulnerable to adversarial attacks [9]. So the concerns on the potential security implications of such wide scale adoption of LLMs have led to the creation of this working group on the security of LLMs. During the Dagstuhl seminar on "Network Attack Detection and Defense - AI-Powered Threats and Responses", the working group discussions focused on the vulnerability of LLMs to adversarial attacks, rather than their potential use in generating malware or enabling cyberattacks. Although we note the potential threat represented by the latter, the role of the LLMs in such uses is mostly as an accelerator for development, similar to what it is in benign use. To make the analysis more specific, the working group employed ChatGPT as a concrete example of an LLM and addressed the following points, which also form the structure of this report: 1. How do LLMs differ in vulnerabilities from traditional ML models? 2. What are the attack objectives in LLMs? 3. How complex it is to assess the risks posed by the vulnerabilities of LLMs? 4. What is the supply chain in LLMs, how data flow in and out of systems and what are the security implications? We conclude with an overview of open challenges and outlook.

Cryptography and Security,Artificial Intelligence

Tarek Berghout,Mohamed Benbouzid,S.M. Muyeen

DOI: https://doi.org/10.1016/j.ijcip.2022.100547

IF: 3.683

2022-09-01

International Journal of Critical Infrastructure Protection

Abstract:In modern Smart Grids (SGs) ruled by advanced computing and networking technologies, condition monitoring relies on secure cyberphysical connectivity. Due to this connection, a portion of transported data, containing confidential information, must be protected as it is vulnerable and subject to several cyber threats. SG cyberspace adversaries attempt to gain access through networking platforms to commit several criminal activities such as disrupting or malicious manipulation of whole electricity delivery process including generation, distribution, and even customer services such as billing, leading to serious damage, including financial losses and loss of reputation. Therefore, human awareness training and software technologies are necessary precautions to ensure the reliability of data traffic and power transmission. By exploring the available literature, it is undeniable that Machine Learning (ML) has become the latest in the timeline and one of the leading artificial intelligence technologies capable of detecting, identifying, and responding by mitigating adversary attacks in SGs. In this context, the main objective of this paper is to review different ML tools used in recent years for cyberattacks analysis in SGs. It also provides important guidelines on ML model selection as a global solution when building an attack predictive model. A detailed classification is therefore developed with respect to data security triad, i.e., Confidentiality, Integrity, and Availability (CIA) within different types of cyber threats, systems, and datasets. Furthermore, this review highlights the various encountered challenges, drawbacks, and possible solutions as future prospects for ML cybersecurity applications in SGs.

engineering, multidisciplinary,computer science, information systems