Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Mitigating Adversarial Effects of False Data Injection Attacks in Power Grid

Farhin Farhad Riya, Shahinul Hoque, Yingyuan Yang, Jiangnan Li, Jinyuan Stella Sun, Hairong Qi

TL;DR

This work tackles FDIA threats to DC state estimation in power grids by strengthening DNN-based detectors with a randomized input padding defense. The method adds a padding layer that generates multiple padded input patterns, training on them and randomly selecting one pattern during inference to reduce adversarial transferability. Key contributions include a general, hardware-agnostic defense compatible with various neural networks, negligible training overhead, and demonstrated robustness on IEEE 14-, 30-, 118-, and 300-bus systems, with increased $L2$-norm gaps for adversaries. The approach offers practical impact for CPS security by slowing down adversaries while preserving legitimate performance, and it establishes a foundation for deploying robust FDIA detectors in real-time power-system operations.

Abstract

Deep Neural Networks have proven to be highly accurate at a variety of tasks in recent years. The benefits of Deep Neural Networks have also been embraced in power grids to detect False Data Injection Attacks (FDIA) while conducting critical tasks like state estimation. However, the vulnerabilities of DNNs along with the distinct infrastructure of the cyber-physical-system (CPS) can favor the attackers to bypass the detection mechanism. Moreover, the divergent nature of CPS engenders limitations to the conventional defense mechanisms for False Data Injection Attacks. In this paper, we propose a DNN framework with an additional layer that utilizes randomization to mitigate the adversarial effect by padding the inputs. The primary advantage of our method is when deployed to a DNN model it has a trivial impact on the model's performance even with larger padding sizes. We demonstrate the favorable outcome of the framework through simulation using the IEEE 14-bus, 30-bus, 118-bus, and 300-bus systems. Furthermore to justify the framework we select attack techniques that generate subtle adversarial examples that can bypass the detection mechanism effortlessly.

Mitigating Adversarial Effects of False Data Injection Attacks in Power Grid

TL;DR

This work tackles FDIA threats to DC state estimation in power grids by strengthening DNN-based detectors with a randomized input padding defense. The method adds a padding layer that generates multiple padded input patterns, training on them and randomly selecting one pattern during inference to reduce adversarial transferability. Key contributions include a general, hardware-agnostic defense compatible with various neural networks, negligible training overhead, and demonstrated robustness on IEEE 14-, 30-, 118-, and 300-bus systems, with increased -norm gaps for adversaries. The approach offers practical impact for CPS security by slowing down adversaries while preserving legitimate performance, and it establishes a foundation for deploying robust FDIA detectors in real-time power-system operations.

Abstract

Deep Neural Networks have proven to be highly accurate at a variety of tasks in recent years. The benefits of Deep Neural Networks have also been embraced in power grids to detect False Data Injection Attacks (FDIA) while conducting critical tasks like state estimation. However, the vulnerabilities of DNNs along with the distinct infrastructure of the cyber-physical-system (CPS) can favor the attackers to bypass the detection mechanism. Moreover, the divergent nature of CPS engenders limitations to the conventional defense mechanisms for False Data Injection Attacks. In this paper, we propose a DNN framework with an additional layer that utilizes randomization to mitigate the adversarial effect by padding the inputs. The primary advantage of our method is when deployed to a DNN model it has a trivial impact on the model's performance even with larger padding sizes. We demonstrate the favorable outcome of the framework through simulation using the IEEE 14-bus, 30-bus, 118-bus, and 300-bus systems. Furthermore to justify the framework we select attack techniques that generate subtle adversarial examples that can bypass the detection mechanism effortlessly.
Paper Structure (15 sections, 8 equations, 6 figures, 2 tables)

This paper contains 15 sections, 8 equations, 6 figures, 2 tables.

Table of Contents

  1. INTRODUCTION
  2. Related Work
  3. Background
  4. State Estimation in Power System
  5. False Data Injection Attack
  6. Approach
  7. Overview of Generating Adversarial Examples
  8. Overview of Proposed Framework
  9. Experiments
  10. Experimental Setup
  11. Dataset
  12. Defense Model
  13. Target Model
  14. Results
  15. Conclusion

Figures (6)

  • Figure 1: Structure of communication and control system of power grids
  • Figure 2: Number of compromised meters in different bus test cases
  • Figure 3: Overview of the proposed framework during training time
  • Figure 4: The pipeline of the proposed randomization-based defense mechanism. The input sample z first goes through the random padding layer that pads the samples with all the unique padding combinations z'. From the resulting padded samples for each vector z, one random pattern z" is used for classification.
  • Figure 5: Results for Bias L2 norm for bus case14, case30 and case118
  • ...and 1 more figures