Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Protection Against Graph-Based False Data Injection Attacks on Power Systems

Gal Morgenstern, Jip Kim, James Anderson, Gil Zussman, Tirza Routtenberg

TL;DR

This article proposes a graph FDI (GFDI) attack that minimizes the Laplacian-based graph total variation under practical constraints and presents the GFDI attack as the solution for a nonconvex constrained optimization problem.

Abstract

Graph signal processing (GSP) has emerged as a powerful tool for practical network applications, including power system monitoring. Recent research has focused on developing GSP-based methods for state estimation, attack detection, and topology identification using the representation of the power system voltages as smooth graph signals. Within this framework, efficient methods have been developed for detecting false data injection (FDI) attacks, which until now were perceived as non-smooth with respect to the graph Laplacian matrix. Consequently, these methods may not be effective against smooth FDI attacks. In this paper, we propose a graph FDI (GFDI) attack that minimizes the Laplacian-based graph total variation (TV) under practical constraints. We present the GFDI attack as the solution for a non-convex constrained optimization problem. The solution to the GFDI attack problem is obtained through approximating it using $\ell_1$ relaxation. A series of quadratic programming problems that are classified as convex optimization problems are solved to obtain the final solution. We then propose a protection scheme that identifies the minimal set of measurements necessary to constrain the GFDI output to a high graph TV, thereby enabling its detection by existing GSP-based detectors. Our numerical simulations on the IEEE-57 and IEEE-118 bus test cases reveal the potential threat posed by well-designed GSP-based FDI attacks. Moreover, we demonstrate that integrating the proposed protection design with GSP-based detection can lead to significant hardware cost savings compared to previous designs of protection methods against FDI attacks.

Protection Against Graph-Based False Data Injection Attacks on Power Systems

TL;DR

This article proposes a graph FDI (GFDI) attack that minimizes the Laplacian-based graph total variation under practical constraints and presents the GFDI attack as the solution for a nonconvex constrained optimization problem.

Abstract

Graph signal processing (GSP) has emerged as a powerful tool for practical network applications, including power system monitoring. Recent research has focused on developing GSP-based methods for state estimation, attack detection, and topology identification using the representation of the power system voltages as smooth graph signals. Within this framework, efficient methods have been developed for detecting false data injection (FDI) attacks, which until now were perceived as non-smooth with respect to the graph Laplacian matrix. Consequently, these methods may not be effective against smooth FDI attacks. In this paper, we propose a graph FDI (GFDI) attack that minimizes the Laplacian-based graph total variation (TV) under practical constraints. We present the GFDI attack as the solution for a non-convex constrained optimization problem. The solution to the GFDI attack problem is obtained through approximating it using relaxation. A series of quadratic programming problems that are classified as convex optimization problems are solved to obtain the final solution. We then propose a protection scheme that identifies the minimal set of measurements necessary to constrain the GFDI output to a high graph TV, thereby enabling its detection by existing GSP-based detectors. Our numerical simulations on the IEEE-57 and IEEE-118 bus test cases reveal the potential threat posed by well-designed GSP-based FDI attacks. Moreover, we demonstrate that integrating the proposed protection design with GSP-based detection can lead to significant hardware cost savings compared to previous designs of protection methods against FDI attacks.
Paper Structure (31 sections, 1 theorem, 37 equations, 5 figures, 2 algorithms)

This paper contains 31 sections, 1 theorem, 37 equations, 5 figures, 2 algorithms.

Table of Contents

  1. Introduction
  2. GSP-based fdi attack detection
  3. GSP background
  4. GSP smoothness measures
  5. Unobservable FDI attacks
  6. GSP-based fdi attack detection
  7. Graph False Data Injection (gfdi) Attacks
  8. Attack design
  9. GFDI attack implementation
  10. Remarks
  11. Attack Unobservability
  12. Known topology
  13. Generalization to graph filters
  14. Applicability of the gfdi attack for the ac model
  15. Strategic protection of the power network
  16. ...and 16 more sections

Key Result

Theorem 1

The solution of the gfdi attack optimization problem in eq; gfdi start, $\hat{{\bf{c}}}$, can be obtained by solving the following series of optimization problems:

Figures (5)

  • Figure 1: Illustration of GSP-based detection of fdi attacks for the IEEE-30 bus system: the system states are presented in block [a] in both the vertex and graph frequency domains, where it can be seen that the states are smooth, low-frequency graph signals. In block [b], the state attack (${\bf{c}}$ from \ref{['eq; FDI attack']}) is presented, and block [c] presents the contaminated states. It can be seen that, in contrast to the states, the state attack in [b] and the contaminated states in [c] are not smooth graph signals and they have significant energy at the higher graph frequencies. After filtering the contaminated states by the GHPF defined in \ref{['eq; GHPF ideal']} (shown in block [d]), the filtered signal in block [e] contains only energy at the higher graph frequencies. Consequently, the attack can be discovered by the detector in \ref{['eq; detection GFT2']}.
  • Figure 2: Example of a gfdi attack on the IEEE $30$-bus test case from Fig. \ref{['fig; FDI schematic']}. It can be seen that the attack energy is located at the lower graph frequencies. Therefore, in contrast to the unobservable fdi attack in Fig. \ref{['fig; FDI schematic']}[b], when added to the system states, the output will not obtain abnormal energy in the high graph frequencies and, thus, may bypass the gsp-based detectors.
  • Figure 3: The gfdi attack is compared to Attacks \ref{['Attack; random']}-\ref{['Attack; sparsest average']}. In (a) and (b), the graph tv of the attacks and the probability of detection, respectively, are presented versus $\tau$. The curves of the probability of detection are generated w.r.t. to the GTV-GHPF detector for the DC model.
  • Figure 4: The gfdi attack is compared to Attacks \ref{['Attack; random']}-\ref{['Attack; sparsest average']}. In (a) and (b), the roc curves of the attacks are generated w.r.t. to the GTV-GHPF detector for the DC model and the AC model, respectively.
  • Figure 5: The gsp-based protection policy is compared to Policies \ref{['P; random']}-\ref{['P; sparsest']}. The IEEE-$57$ bus test case is observed in (a) and (b), where in (a), the GFDI attack graph tv and in (b), the probability of detecting the GFDI attack by the GTV-detector, are presented versus the ratio of the secured state variables out of the total number of states, $\frac{\lvert\mathcal{D}\rvert}{N}$. In (c), the case in (b) is examined over the IEEE-$118$ bus test case.

Theorems & Definitions (2)

  • Theorem 1
  • proof