Genghong Lu,Dongqin Feng,Biao Huang

DOI: https://doi.org/10.1109/tie.2020.2965467

IF: 7.7

2021-01-01

IEEE Transactions on Industrial Electronics

Abstract:The problem of attack detection for Stuxnet in the industrial control system is discussed in this article. Different operating modes (normal and hazard modes) may occur in the nominal process. In this article, we consider that the transition between different modes follows a Markov chain model with a certain transition probability. However, when the Stuxnet attack is launched, the attack signals with random multitude and frequency will be injected to trigger more hazard modes, and finally, hasten fatigue of control devices. Under this unpredictable attack, the transition between operating modes will not follow the regular transition probabilities. Therefore, a hidden Markov model with time-varying transition probabilities is utilized to describe the Stuxnet attack. The transition probabilities are estimated based on the measurements. By recognizing operating modes and predicting the number of the occurrence of hazard modes, the Stuxnet attack can be detected earlier if the predicted value exceeds the threshold. In the operating mode recognition, the expectation maximization algorithm is used to estimate the parameters considering random packet dropouts caused by the unreliable network. A simulation is conducted to verify the effectiveness of the proposed method.

Sheng Xu,Yongxiang Xia,Hui-Liang Shen

DOI: https://doi.org/10.1109/tcsii.2020.2999875

2020-01-01

Abstract:In this brief, we analyze the damage caused by malware-induced cyber attacks in Cyber-Physical Power Systems (CPPSs). Incubation period and detection probability of the malware are considered in our analytical framework. From attacker's perspective, the trade-off between attack effectiveness and detection risk is studied to help choose the best attack timing and obtain the maximum payoff. Moreover, we conduct case studies in CPPSs formed by coupling IEEE 118-Bus System with scale-free communication networks. Simulation results reveal that the maximum expected payoff for the attacker is affected by the coupling pattern and the structure of communication network in CPPSs.

Wenting Wang,Dongqin Feng,Mingliang Chen,Shuxian Yang

DOI: https://doi.org/10.1109/ccdc62350.2024.10588015

2024-01-01

Abstract:This work investigates the problem of detecting and localizing attacks on a class of power cyber-physical systems (CPSs) in the presence of dynamic load alteration attacks (D-LAA). The power CPS is modeled as a discrete-time system with an unknown input, assuming that the sampling process is periodic and the D-LAA is bounded. This study delves into the investigation of attack detection and localization within a specific category of power cyber-physical systems (CPSs) when dealing with dynamic load alteration attacks (D-LAA). A novel Maximum Correntropy Robust Two-Stage Kalman Filter (MCRTSKF) is proposed so that the accurate state estimation for power CPS is achieved in spite of anomalous noise. Meanwhile, some essential parameters for the designed filter are obtained through the fixed-point iteration-stop parameter selection method. Furthermore, based on the state estimate value, the attack detection and localization procedure is presented. Finally, the validity and effectiveness of the proposed attack detection and localization schemes are illustrated by case studies on an IEEE 9-bus system.

Subhash Lakshminarayana,E. Veronica Belmega,H. Vincent Poor

DOI: https://doi.org/10.48550/arXiv.1908.02392

2019-08-07

Abstract:This work proposes a moving target defense (MTD) strategy to detect coordinated cyber-physical attacks (CCPAs) against power grids. A CCPA consists of a physical attack, such as disconnecting a transmission line, followed by a coordinated cyber attack that injects false data into the sensor measurements to mask the effects of the physical attack. Such attacks can lead to undetectable line outages and cause significant damage to the grid. The main idea of the proposed approach is to invalidate the knowledge that the attackers use to mask the effects of the physical attack by actively perturbing the grid's transmission line reactances using distributed flexible AC transmission system (D-FACTS) devices. We identify the MTD design criteria in this context to thwart CCPAs. The proposed MTD design consists of two parts. First, we identify the subset of links for D-FACTS device deployment that enables the defender to detect CCPAs against any link in the system. Then, in order to minimize the defense cost during the system's operational time, we use a game-theoretic approach to identify the best subset of links (within the D-FACTS deployment set) to perturb which will provide adequate protection. Extensive simulations performed using the MATPOWER simulator on IEEE bus systems verify the effectiveness of our approach in detecting CCPAs and reducing the operator's defense cost.

Cryptography and Security,Information Theory,Systems and Control

Xiaoyu Jiang,Zhiqiang Ge

DOI: https://doi.org/10.1109/tai.2022.3145335

2022-01-01

IEEE Transactions on Artificial Intelligence

Abstract:With the rapid development of information technology, intelligent upgrading of the manufacturing industry has broken the closed environment of traditional industrial control systems (ICS); thus, the information security of ICS has been seriously threatened. As part of ICS, the process monitoring system (PMS) is heavily subject to external risks. Data-driven PMSs have been widely used as initial lines of defense to ensure ICS safety. Once the PMS is under attack, the consequences on the whole ICS will be unimaginable. Unfortunately, the safety issues of the PMS have received inadequate attention. This article reveals PMS’s vulnerabilities through effective attacks. A novel method called subspace transfer network (STN) is proposed to conduct adversarial and poisoning attacks on the PMS simultaneously. Then the attack task flow is defined and explained to make online adversarial attacks and data poisoning on PMS. Meanwhile, aiming at two poisoning goals, targeted and untargeted attacks of STN are designed, respectively. Finally, the PMS’s fragility is verified in two industrial benchmarks.

Paul Griffioen,Sean Weerakkody,Bruno Sinopoli

DOI: https://doi.org/10.1109/tac.2020.3005686

IF: 6.549

2021-05-01

IEEE Transactions on Automatic Control

Abstract:This article considers the design and analysis of multiple moving target defenses for recognizing and isolating attacks on cyber-physical systems. We consider attackers who perform integrity attacks on some set of sensors and actuators in a control system. In such cases, it has been shown that a model aware adversary can carefully design attack vectors to bypass bad data detection and identification filters while causing damage to the control system. To counter such an attacker, we propose the moving target defense which introduces stochastic, time-varying parameters in the control system. The underlying random dynamics of the system limit an attacker's knowledge of the model and inhibit his or her ability to construct stealthy attack sequences. Moreover, the time-varying nature of the dynamics thwarts adaptive adversaries. We explore three main designs. First, we consider a hybrid system where parameters within the existing plant are switched among multiple modes. We demonstrate how such an approach can enable both the detection and identification of malicious nodes. Next, we investigate the addition of an extended system with dynamics that are coupled to the original plant but do not affect the system performance. Here, an attack on the original system will affect the authenticating subsystem and in turn be revealed by a set of sensors measuring the extended plant. Finally, we propose the use of sensor nonlinearities to enhance the effectiveness of the moving target defense. The nonlinear dynamics act to conceal normal operational behavior from an attacker who has tampered with the system state, further hindering an attacker's ability to glean information about the time-varying dynamics. In all cases mechanisms for analysis and design are proposed. Finally, we analyze attack detectability for each moving target defense by investigating expected lower bounds on the detection statistic. Our contributions are also tested via simulation.

automation & control systems,engineering, electrical & electronic

Zhenyong Zhang,Ke Zuo,Ruilong Deng,Fei Teng,Mingyang Sun

DOI: https://doi.org/10.1109/jiot.2023.3264492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Machine learning-based intelligent systems enhanced with Internet of Things (IoT) technologies have been widely developed and exploited to enable the real-time stability assessment of a large-scale electricity grid. However, it has been extensively recognized that the IoT-enabled communication network of power systems is vulnerable to cyberattacks. In particular, system operating states, critical attributes that act as input to the data-driven stability assessment, can be manipulated by malicious actors to mislead the system operator into making disastrous decisions and thus cause major blackouts and cascading events. In this article, we explore the vulnerability of the data-driven power system stability assessment, with a special emphasis on decision tree-based stability assessment (DTSA) approaches, and investigate the feasibility of constructing a physics-constrained adversarial attack (PCAA) to undermine the DTSA. The PCAA is formulated as a nonlinear programming problem considering the misclassification constraint, power limits, and bad data detection, computing potential adversarial perturbations that reverse the “stable/unstable” prediction of the real-time input while remaining invisible/stealthy. Extensive experiments based on the IEEE 68-bus system are conducted to evaluate the impact of PCAAs on predictions of DTSA and their transferability.

Ke Sun,Iñaki Esnaola,H. Vincent Poor

2024-11-25

Abstract:Data injection attacks (DIAs) pose a significant cybersecurity threat to the Smart Grid by enabling an attacker to compromise the integrity of data acquisition and manipulate estimated states without triggering bad data detection procedures. To mitigate this vulnerability, the moving target defense (MTD) alters branch admittances to mismatch the system information that is available to an attacker, thereby inducing an imperfect DIA construction that results in degradation of attack performance. In this paper, we first analyze the existence of stealth attacks for the case in which the MTD strategy only changes the admittance of a single branch. Equipped with this initial insight, we then extend the results to the case in which multiple branches are protected by the MTD strategy. Remarkably, we show that stealth attacks can be constructed with information only about which branches are protected, without knowledge about the particular admittance value changes. Furthermore, we provide a sufficient protection condition for the MTD strategy via graph-theoretic tools that guarantee that the system is not vulnerable to DIAs. Numerical simulations are implemented on IEEE test systems to validate the obtained results.

Systems and Control,Signal Processing,Optimization and Control

Shaodong Wang,Chao Li,Qinmin Yang,Wenchao Meng,Yunpeng Li

DOI: https://doi.org/10.1109/CSIS-IAC60628.2023.10364018

2023-01-01

Abstract:This paper mainly focuses on the problem of detecting stealthy attacks in power systems with unknown-but-bounded (UBB) disturbances and noises based on switching and zonotopes. A switching-based moving target defense (MTD) strategy, which is characterized by the average dwell time (ADT) property, is presented in order to enhance the uncertainty of the power system. In addition, sufficient conditions are given for the switched power system to be robust with the degree of <tex xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">$H$</tex> disturbance attenuation. The impact of MTD strategy on stealthy assaults is then analyzed in two scenarios, in which the adversary can attack either all measurement output channels or a subset of them. Meanwhile, a novel detector based on MTD and zonotopes is designed to detect stealthy attacks for the switched power system. Finally, a three-generator and six-load-bus power system is provided to illustrate the effectiveness of the main results.

Yifan Hu,Peidong Zhu,Peng Xun,Bo Liu,Wenjie Kang,Yinqiao Xiong,Weiheng Shi

DOI: https://doi.org/10.1016/j.cose.2021.102465

2021-12-01

Abstract:Cyber-physical system (CPS) like smart grid deeply integrated with communication networks are often subjected to sophisticated cyber-attacks like false data injection attack (FDIA) with a strong capability of strategic reconnaissance required to learn the environment, where the static characteristics of the system enable easier profiling of the critical infrastructure resources by the adversary. In this paper, we propose a cyber-physical moving target defense (CPMTD) mechanism that focuses on both attack prevention and detection to mitigate such static vulnerabilities and provide combined protections for power system. For attack prevention, we design the Cyber-MTD strategy to disrupt and mislead attack preparation by randomizing data acquisitions with controlled change across multiple system dimensions based on protocol oblivious forwarding (POF) among trusted peer devices in SCADA networks. For attack detection, we design the Physical-MTD strategy to improve the detection probability of FDIAs by periodically changing the measurement matrix of state estimation based on the D-FACTS devices' capability of perturbing the transmission line susceptances in power grids and explore the optimal perturbation in transmission line susceptances based on a cost-benefit analysis. Finally, we discuss two attack cases for network security analysis and evaluate the impact on network performance. Simulations on IEEE 14-bus and 57-bus systems verify the improvement of FDIA detection without significantly increasing operation cost.

computer science, information systems

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tii.2021.3129487

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:As the next-generation power grids, smart grids are integrated with advanced information and communication technology (ICT) to make the grid more efficient and stable than conventional power systems. Given the mounting cyber-attack threats, these critical ICT systems create great security issues for smart grids. Additionally, the clever attackers have the ability to not only access and monitor the smart grid, but also hack it by launching well-established cyber-attacks. Thus, this article is devoted to understanding the potential stealthy cyber-attack and its countermeasure. First, this article proposes a stealthy sparse cyber-attack model in an ac smart grid by considering both the residual test-based detector and the interval-state-estimation-based detector, which is not considered in previous studies. The design model is formulated as a constrained optimization problem by minimizing the number of contaminated meters, where the characteristics of two types of detector are considered simultaneously as the constraints for the first time. A constrained differential evolution (CDE) is proposed as the solver because the optimization problem is NP-hard. Then, a generalized-cumulative-sum-based detector is developed to detect the proposed cyber-attacks, where a fractional-order state transition matrix is originally introduced into the estimator to describe the dynamics of the power system. Numerical studies illustrate the feasibility of CDE-based stealthy sparse cyber-attacks and the effectiveness of the proposed countermeasure.

Subhash Lakshminarayana,Yexiang Chen,Charalambos Konstantinou,Daisuke Mashima,Anurag K. Srivastava

2024-09-27

Abstract:Moving target defense (MTD) in power grids is an emerging defense technique that has gained prominence in the recent past. It aims to solve the long-standing problem of securing the power grid against stealthy attacks. The key idea behind MTD is to introduce periodic/event-triggered controlled changes to the power grid's SCADA network/physical plant, thereby invalidating the knowledge attackers use for crafting stealthy attacks. In this paper, we provide a comprehensive overview of this topic and classify the different ways in which MTD is implemented in power grids. We further introduce the guiding principles behind the design of MTD, key performance metrics, and the associated trade-offs in MTD and identify the future development of MTD for power grid security.

Systems and Control

z zhang,y tian,r deng,j ma

DOI: https://doi.org/10.1109/JIOT.2022.3161790

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:The smart grid (SG), as one of the largest evolutionary critical infrastructures, witnesses the deep integration of electricity facilities and Internet of Things (IoT). But recent events show that the vulnerabilities exposed in IoT devices can be exploited by adversaries to construct the cyberattacks on SG. To address this threat, plenty of countermeasures have been proposed to enhance the SG’s security. However, the additional costs introduced by some countermeasures make the utilities hesitate to implement them practically. To alleviate this concern, in this article, we propose a double-benefit moving target defense (dB-MTD) to protect the SG from cyber–physical attacks (CPAs) and also gain generation-cost benefits. The dB-MTD enables the prevention of stealthy CPAs on the transmission lines by perturbing the reactances with the distributed flexible AC transmission system (D-FACTS). To reduce the infrastructure cost, we minimize the number of required D-FACTS devices for a specific protection goal. Although it needs investment on D-FACTS, we find that the utility can make profits from the generation costs by appropriately setting the reactance perturbations. Therefore, we formulate an optimization problem to compute the optimal reactance perturbations to maximize the generation-cost benefits, without sacrificing the protection performance of dB-MTD. Finally, using the real-world load profiles, we conduct extensive simulations to evaluate the impact of CPA on the system operation and the benefits obtained by the dB-MTD from the aspects of the D-FACTS deployment and the generation-cost profits.

Subhash Lakshminarayana,E. Veronica Belmega,H. Vincent Poor

DOI: https://doi.org/10.48550/arXiv.2006.07697

2021-07-27

Abstract:This work proposes a moving target defense (MTD) strategy to detect coordinated cyber-physical attacks (CCPAs) against power grids. The main idea of the proposed approach is to invalidate the knowledge that the attackers use to mask the effects of their physical attack by actively perturbing the grid's transmission line reactances via distributed flexible AC transmission system (D-FACTS) devices. The proposed MTD design consists of two parts. First, we identify the subset of links for D-FACTS device deployment that enables the defender to detect CCPAs against any link in the system. Then, in order to minimize the defense cost during the system's operational time, we formulate a zero-sum game to identify the best subset of links to perturb (which will provide adequate protection) against a strategic attacker. The Nash equilibrium robust solution is computed via exponential weights, which does not require complete knowledge of the game but only the observed payoff at each iteration. Extensive simulations performed using the MATPOWER simulator on IEEE bus systems verify the effectiveness of our approach in detecting CCPAs and reducing the operator's defense cost.

Cryptography and Security,Information Theory,Systems and Control

Jichao Bi,Shibo He,Fengji Luo,Wenchao Meng,Luyue Ji,Da-Wen Huang

DOI: https://doi.org/10.1109/TII.2022.3231406

IF: 12.3

2023-01-01

IEEE Transactions on Industrial Informatics

Abstract:Industrial Internet of Things (IIoT) is vulnerable to advanced persistent threat (APT). In this article, we study a scenario in which APT is launched to attack IIoT devices. Considering the APTs lateral movement, a node-level state evolution model is established to calculate the probability of every device in an IIoT system to be compromised by APT. Based on this, a Stackelberg game model is proposed for the APT attacker and defender, which can accurately describe the gaming process. An effective computational approach is developed to obtain the potential Stackelberg equilibrium strategy pair of the game. Extensive case studies and comparison studies are conducted to validate the effectiveness of the proposed method.

Qi Wang,Shutan Wu,Zhong Wu,Jianxiong Hu,Quanpeng He,Yujian Ye,Yi Tang

DOI: https://doi.org/10.1016/j.ijepes.2024.110350

IF: 5.659

2024-11-16

International Journal of Electrical Power & Energy Systems

Abstract:False data injection attacks (FDIAs), as strategically designed cyberattacks, can bypass bad data detection mechanisms and thus pose potential economic and stability risks to power systems. In addition to increasing the detection capability of the system, the proactive property transformation of the system can effectively utilize the information gap between the attacker and the system operator, increasing the detection rate against FDIAs. In this paper, a moving target defense (MTD) method based on topology switching (TS) actions is proposed to overcome FDIAs. Specifically, we investigated the feasibility of proactive defense via TS actions, which reconfigured the topology via busbar switching. To make sequential defense decisions on the basis of the perceived current state of the system, the game between the attacker and the defender was modeled as a Markov decision process (MDP). Finally, the deep reinforcement learning-based MTD optimal algorithm was designed to achieve a fast and efficient decision-making strategy. The simulation results demonstrated the effects of the proposed method against FDIAs.

engineering, electrical & electronic

Mengxiang Liu,Chengcheng Zhao,Jinhui Xia,Ruilong Deng,Peng Cheng,Jiming Chen

DOI: https://doi.org/10.1109/tsg.2022.3188489

IF: 10.275

2022-01-01

IEEE Transactions on Smart Grid

Abstract:With the rapid development of the information and communication technology in DC microgrids (DCmGs), the threat of deception attacks has been widely recognized. However, the stealthy deception attacks, which can hide the actual attack impact from the system operator as in the Stuxnet accident, have not yet been well studied. Towards this end, this paper proposes a proactive distributed detection and localization (PDDL) framework to defend against the stealthy deception attacks. The attack detection is achieved by observing the attack impact that is quantified as the voltage balancing deviation (VBD) and current sharing deviation (CSD) in DCmGs. Once any anomaly is perceived, the proactive perturbation on primary control gains (PCGs) will be activated to invalidate the previously inferred PCGs of the attacker, under which the constructed stealthy deception attacks may be located by the unknown input observer (UIO) based locators. To maximize the locatability of attacks while limiting the induced transient fluctuations on system states, an optimization problem is formulated to determine the PCG perturbation magnitude. Finally, the effectiveness of the PDDL framework is verified through extensive hardware-in-the-loop (HIL) based simulations and systematic full-hardware experimental studies.

Wangkun Xu,Imad M. Jaimoukha,Fei Teng

DOI: https://doi.org/10.1109/TIFS.2022.3210864

2022-12-21

Abstract:Recently, moving target defence (MTD) has been proposed to thwart false data injection (FDI) attacks in power system state estimation by proactively triggering the distributed flexible AC transmission system (D-FACTS) devices. One of the key challenges for MTD in power grid is to design its real-time implementation with performance guarantees against unknown attacks. Converting from the noiseless assumptions in the literature, this paper investigates the MTD design problem in a noisy environment and proposes, for the first time, the concept of robust MTD to guarantee the worst-case detection rate against all unknown attacks. We theoretically prove that, for any given MTD strategy, the minimal principal angle between the Jacobian subspaces corresponds to the worst-case performance against all potential attacks. Based on this finding, robust MTD algorithms are formulated for the systems with both complete and incomplete configurations. Extensive simulations using standard IEEE benchmark systems demonstrate the improved average and worst-case performances of the proposed robust MTD against state-of-the-art algorithms. All codes are available at <a class="link-external link-https" href="https://github.com/xuwkk/Robust_MTD" rel="external noopener nofollow">this https URL</a>.

Systems and Control

Zhenyong Zhang,Ruilong Deng,Peng Cheng,Mo-Yuen Chow

DOI: https://doi.org/10.1109/tcns.2021.3100411

IF: 4.347

2021-01-01

IEEE Transactions on Control of Network Systems

Abstract:Moving target defense (MTD) is a new defensive strategy protecting the power system state estimation from cyberattacks. Using the distributed flexible ac transmission system (D-FACTS), MTD works by actively perturbing the branch parameters that are needed to construct the false data injection (FDI) attacks. Although there are many pioneer works on MTD, the relationship between the construction of MTD and detection of FDI attacks has not been revealed. In this article, we reveal the correlation between MTD design and FDI detection and optimize MTD's performance in terms of detecting FDI attacks. We provide a sufficient condition for a specially designed MTD to detect and identify the FDI attack and a necessary condition for general MTDs to protect the state estimates from being independently modified. With the aim to reduce the number of measurements that can be manipulated by the attacker after MTD, we develop a heuristic algorithm to compute a near-optimal solution for the deployment of D-FACTS devices. Moreover, we prove that the coordinated design of consecutive perturbation schemes within an MTD cycle can improve the performance of MTD in terms of detecting FDI attacks. Finally, we conduct extensive simulations with the IEEE power system test cases to validate our findings.

computer science, information systems,automation & control systems

Jue Tian,Rui Tan,Xiaohong Guan,Ting Liu

DOI: https://doi.org/10.1109/tsg.2018.2791512

IF: 10.275

2019-03-01

IEEE Transactions on Smart Grid

Abstract:Recent research has proposed a moving target defense (MTD) approach that actively changes transmission line susceptance to preclude stealthy false data injection (FDI) attacks against the state estimation of a smart grid. However, existing studies were often conducted under a weak adversarial setting, in that they ignore the possibility that alert attackers can also try to detect the activation of MTD before they launch the FDI attacks. We call this new threat as parameter confirming-first (PCF) FDI. To improve the stealthiness of MTD, we propose a hidden MTD approach that cannot be detected by the attackers and prove its equivalence to an MTD that maintains the power flows of the whole grid. Moreover, we analyze the completeness of MTD and show that any hidden MTD is incomplete in that FDI attacks may bypass the hidden MTD opportunistically. This result suggests that the stealthiness and completeness are two conflicting goals in MTD design. Finally, we propose an approach to enhancing the hidden MTD against a class of highly structured FDI attacks. We also discuss the MTD’s operational costs under the dc and ac models. We conduct simulations to show the effectiveness of the hidden MTD against PCF-FDI attacks under realistic settings.

engineering, electrical & electronic