Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Defense against Joint Poison and Evasion Attacks: A Case Study of DERMS

Zain ul Abdeen, Padmaksha Roy, Ahmad Al-Tawaha, Rouxi Jia, Laura Freeman, Peter Beling, Chen-Ching Liu, Alberto Sangiovanni-Vincentelli, Ming Jin

TL;DR

The paper tackles the security of DERMS in cyber-physical power systems by addressing both training-time data poisoning and deployment-time evasion attacks on IDS. It introduces a bilevel, end-to-end defense where the inner level performs robust training against corrupted data and the outer level tunes the prediction-threshold to account for evasion, leveraging a gradient-based implicit approach with a Hub er-loss reformulation. Empirical results on an IEEE-13 bus feeder show that the proposed method outperforms a baseline in accuracy, precision, and recall, particularly under stronger poisoning scenarios. The approach enhances operational reliability by mitigating false alarms and missed detections in intrusion events, with practical implications for resilient DERMS deployment in smart grids.

Abstract

There is an upward trend of deploying distributed energy resource management systems (DERMS) to control modern power grids. However, DERMS controller communication lines are vulnerable to cyberattacks that could potentially impact operational reliability. While a data-driven intrusion detection system (IDS) can potentially thwart attacks during deployment, also known as the evasion attack, the training of the detection algorithm may be corrupted by adversarial data injected into the database, also known as the poisoning attack. In this paper, we propose the first framework of IDS that is robust against joint poisoning and evasion attacks. We formulate the defense mechanism as a bilevel optimization, where the inner and outer levels deal with attacks that occur during training time and testing time, respectively. We verify the robustness of our method on the IEEE-13 bus feeder model against a diverse set of poisoning and evasion attack scenarios. The results indicate that our proposed method outperforms the baseline technique in terms of accuracy, precision, and recall for intrusion detection.

Defense against Joint Poison and Evasion Attacks: A Case Study of DERMS

TL;DR

The paper tackles the security of DERMS in cyber-physical power systems by addressing both training-time data poisoning and deployment-time evasion attacks on IDS. It introduces a bilevel, end-to-end defense where the inner level performs robust training against corrupted data and the outer level tunes the prediction-threshold to account for evasion, leveraging a gradient-based implicit approach with a Hub er-loss reformulation. Empirical results on an IEEE-13 bus feeder show that the proposed method outperforms a baseline in accuracy, precision, and recall, particularly under stronger poisoning scenarios. The approach enhances operational reliability by mitigating false alarms and missed detections in intrusion events, with practical implications for resilient DERMS deployment in smart grids.

Abstract

There is an upward trend of deploying distributed energy resource management systems (DERMS) to control modern power grids. However, DERMS controller communication lines are vulnerable to cyberattacks that could potentially impact operational reliability. While a data-driven intrusion detection system (IDS) can potentially thwart attacks during deployment, also known as the evasion attack, the training of the detection algorithm may be corrupted by adversarial data injected into the database, also known as the poisoning attack. In this paper, we propose the first framework of IDS that is robust against joint poisoning and evasion attacks. We formulate the defense mechanism as a bilevel optimization, where the inner and outer levels deal with attacks that occur during training time and testing time, respectively. We verify the robustness of our method on the IEEE-13 bus feeder model against a diverse set of poisoning and evasion attack scenarios. The results indicate that our proposed method outperforms the baseline technique in terms of accuracy, precision, and recall for intrusion detection.
Paper Structure (14 sections, 2 theorems, 14 equations, 2 figures, 2 tables, 1 algorithm)

This paper contains 14 sections, 2 theorems, 14 equations, 2 figures, 2 tables, 1 algorithm.

Table of Contents

  1. Introduction
  2. Related work
  3. Power system and attack model
  4. Cyber-physical power system
  5. Attack model
  6. Defense strategy
  7. Decentralized detection
  8. Bilevel formulation of defense
  9. Algorithm
  10. Numerical evaluation
  11. Conclusion
  12. Proofs
  13. Proof of Proposition \ref{['prop1']}
  14. Proof of Theorem \ref{['th1']}

Key Result

Proposition 1

Suppose that $(\bar{\alpha},\delta^*)$ is the solution to eq2 and let $\bar{\alpha}'$ be the solution to $\min_{\alpha}\sum_{(x_i,p_i)\in \mathcal{D}_1}f_{\text{Huber}}(\alpha\cdot x_{i}-p_{i};\lambda)$. Then, we have $\bar{\alpha}=\bar{\alpha}'$, and the $i$-th component of $\delta^*$ is given by:

Figures (2)

  • Figure 1: Cyber-physical power system and its vulnerability.
  • Figure 2: Visualization of the detection performance. Top plot: time series of the difference between predicted and actual commands (blue: ours, red: baseline). Middle/bottom plots: detection of anomaly based on the proposed method/baseline technique (stem plots). The ground truth is marked with the square wave.

Theorems & Definitions (2)

  • Proposition 1
  • Theorem IV.1