More Web Proxy on the site http://driver.im/

research-article

Public Access

Robust Anomaly based Attack Detection in Smart Grids under Data Poisoning Attacks

Authors:

Shameek Bhattacharjee,

Mohammad Jaminur Islam,

Sahar AbedzadehAuthors Info & Claims

CPSS '22: Proceedings of the 8th ACM on Cyber-Physical System Security Workshop

Pages 3 - 14

https://doi.org/10.1145/3494107.3522778

Published: 30 May 2022 Publication History

Abstract

Anomaly-based attack detection methods are often used to detect data integrity or data falsification attacks in advanced metering infrastructure (AMI) of smart grids. However, there is a lack of studies on the effect of data poisoning attacks against the anomaly based attack detectors that depend on some form of machine learning. In this paper, we introduce some data poisoning attack strategies against anomaly-based attack detectors in smart metering infrastructure and show its impact. Specifically, we propose a whitebox and black box approach to poisoning attacks. Then, we propose modifications to improve the robustness of previous anomaly detection algorithms by modifying certain design choices for learning the thresholds for the anomaly detector. Specifically, we offer theoretical insights and experimental proof to explain why and when they mitigate data poisoning. These design choices include both the regression type and the loss function choice. We measure attack mitigation performance with two NIST specified metrics for CPS systems in the test set using a real smart metering dataset. Finally, we offer recommendations on energy utility's best anomaly detector design choices under varying attack parameters.

References

[1]

S. Bhattacharjee, S.K. Das, “Detection and Forensics against Stealthy Data Falsification in Smart Metering Infrastructure", IEEE Trans. of Dependable and Secure Computing, Vol. 18, Jan. 2021.

Digital Library

[2]

S. Bhattacharjee, P. Madhavarapu, S. Silvestri, S. K. Das, “Attack Context Embedded Data Driven Trust Diagnostics in Smart Metering Infrastructure" ACM Transactions on Privacy and Security, Apr. 2021.

Digital Library

[3]

D. Urbina, J. Giraldo, A. Cardenas, N. Tippenhauer, J. Valente, M. Faisal, J. Ruths, R. Candell and H. Sandberg, “Limiting the Impact of Stealthy Attacks on Industrial Control Systems", ACM CCS), pp. 1092--1105, 2016.

[4]

P. Roy, S. Bhattacharjee, S.K. Das, “Real Time Stream Mining based Attack Detection in Distribution Level PMUs for Smart Grid", IEEE Globecomm 2020.

Digital Library

[5]

S. Bhattacharjee, A. Thakur, S.K. Das, “Towards Fast and Semi-Supervised Identification of Smart Meters launching Data Falsification", ACM Asia CCS, 2018.

Digital Library

[6]

M. Wilbur, A. Dubey, B. Leao, S. Bhattacharjee, “A Decentralized Approach For Real Time Anomaly Detection In Transportation Networks, IEEE SMARTCOMP), 2019

[7]

I. Goodfellow, J. Shlens, and C. Szegedy, “Explaining and harnessing adversarial examples", ICLR, 2015.

[8]

A. Kurakin, I. J. Goodfellow, and S. Bengio, ?Adversarial machine learning at scale," ICLR 2017.

[9]

F. Tramer, A. Kurakin, N. Papernot, I. Goodfellow, D. Boneh, P. McDaniel, “Ensemble adversarial training: Attacks and defenses," ICLR 2018.

[10]

P. Roy, S. Bhattacharjee, S.K. Das, “Real Time Stream Mining based Attack Detection in Distribution Level PMUs", IEEE GLOBECOM, Dec. 2020.

Digital Library

[11]

D. Urbina, J. Giraldo, A. A. Cardenas, N. Tippenhauer, J. Valente, M. Faisal, R. Candell, H. Sandberg, “Limiting the Impact of Stealthy Attacks on Industrial Control Systems" ACM CCS, 2016.

[12]

D. Urbina, J. Giraldo, A. A. Cardenas, N. Tippenhauer, J. Valente, M. Faisal, J. Ruths, R. Candell, H. Sandberg, “Survey and New Directions for Physics-Based Attack Detection in Cyber-Physical Systems", ACM Computing Surveys, Vol. 51(10), 2018.

[13]

G. Jiraldo, A. Cardenas, “ Adversarial Classification under Differential Privacy", NDSS, 2020.

[14]

N. Dalvi P. Domingos, M. Mausam, S. Sanghai, D. Verma “Adversarial Classification" ACM SIGKDD, 2004.

[15]

P. Huber, E. Ronchetti, “Robust Statistics", Wiley Probability and Statistics, ISBN 978-0470129906, Feb. 2009.

[16]

M. Jaglieski, A. Oprea, C. Liu, C. Rotaru, B. Li, “Manipulating Machine Learning: Poisoning Attacks and Countermeasures for Regression Learning", IEEE S & P Oakland, 2018.

[17]

A. Ghafouri, Y. Vorobeychik, X. Koutsoukos, “Adversarial Regression for Detecting Attacks in Cyber-Physical Systems" IJCAI, 2018.

[18]

X. Li, Q. Lu, Y. Dong and D. Tao, “Robust Subspace Clustering by Cauchy Loss Function," IEEE Transactions on Neural Networks and Learning Systems, Vol. 30(7), pp. 2067--2078, 2019.

[19]

[Online] Pecan Street Project Datasethttps://www.pecanstreet.org/

[20]

[Online] https://www.globalsign.com/en/blog/cyber-autopsy-series-ukranian-power-grid-attack-makes-history

Cited By

Barsha NHubballi N(2024)Anomaly Detection in SCADA Systems: A State Transition ModelingIEEE Transactions on Network and Service Management10.1109/TNSM.2024.337388121:3(3511-3521)Online publication date: Jun-2024
https://doi.org/10.1109/TNSM.2024.3373881
Abedzadeh SBhattacharjee S(2024)On the Role of Re-Descending M-Estimators in Resilient Anomaly Detection for Smart Living CPS2024 IEEE International Conference on Smart Computing (SMARTCOMP)10.1109/SMARTCOMP61445.2024.00047(198-205)Online publication date: 29-Jun-2024
https://doi.org/10.1109/SMARTCOMP61445.2024.00047
Shabbir AManzoor HAhmed RHalim Z(2024)Resilience of Federated Learning Against False Data Injection Attacks in Energy Forecasting2024 International Conference on Green Energy, Computing and Sustainable Technology (GECOST)10.1109/GECOST60902.2024.10475064(245-249)Online publication date: 17-Jan-2024
https://doi.org/10.1109/GECOST60902.2024.10475064
Show More Cited By

Recommendations

A Diversity Index based Scoring Framework for Identifying Smart Meters Launching Stealthy Data Falsification Attacks
ASIA CCS '21: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security

A challenging problem in Advanced Metering Infrastructure (AMI) of smart grids is the identification of smart meters under the control of a stealthy adversary, that inject very low margins of stealthy data falsification. The problem is challenging due ...
Securing Machine Learning Against Data Poisoning Attacks

The emergence of intelligent networks has revolutionized the use of machine learning (ML), allowing it to be applied in various domains of human life. This literature review paper provides in-depth analysis of the existing research on data poisoning ...
Poisoning attacks on cyber attack detectors for industrial control systems
SAC '21: Proceedings of the 36th Annual ACM Symposium on Applied Computing

Recently, neural network (NN)-based methods, including autoencoders, have been proposed for the detection of cyber attacks targeting industrial control systems (ICSs). Such detectors are often retrained, using data collected during system operation, to ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CPSS '22: Proceedings of the 8th ACM on Cyber-Physical System Security Workshop

May 2022

101 pages

ISBN:9781450391764

DOI:10.1145/3494107

Program Chairs:
Alvaro A. Cardenas
Unaiversity of California, Santa Cruz, USA
,
Daisuke Mashima
Illinois at Singapore Pte Ltd, Singapore & National University of Singapore, Singapore

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 May 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation

Conference

ASIA CCS '22

Sponsor:

SIGSAC

ASIA CCS '22: ACM Asia Conference on Computer and Communications Security

May 30, 2022

Nagasaki, Japan

Acceptance Rates

Overall Acceptance Rate 43 of 135 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
462
Total Downloads

Downloads (Last 12 months)223
Downloads (Last 6 weeks)29

Reflects downloads up to 19 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Barsha NHubballi N(2024)Anomaly Detection in SCADA Systems: A State Transition ModelingIEEE Transactions on Network and Service Management10.1109/TNSM.2024.337388121:3(3511-3521)Online publication date: Jun-2024
https://doi.org/10.1109/TNSM.2024.3373881
Abedzadeh SBhattacharjee S(2024)On the Role of Re-Descending M-Estimators in Resilient Anomaly Detection for Smart Living CPS2024 IEEE International Conference on Smart Computing (SMARTCOMP)10.1109/SMARTCOMP61445.2024.00047(198-205)Online publication date: 29-Jun-2024
https://doi.org/10.1109/SMARTCOMP61445.2024.00047
Shabbir AManzoor HAhmed RHalim Z(2024)Resilience of Federated Learning Against False Data Injection Attacks in Energy Forecasting2024 International Conference on Green Energy, Computing and Sustainable Technology (GECOST)10.1109/GECOST60902.2024.10475064(245-249)Online publication date: 17-Jan-2024
https://doi.org/10.1109/GECOST60902.2024.10475064
Cali UCatak FHalden U(2024)Trustworthy cyber-physical power systems using AI: dueling algorithms for PMU anomaly detection and cybersecurityArtificial Intelligence Review10.1007/s10462-024-10827-x57:7Online publication date: 21-Jun-2024
https://doi.org/10.1007/s10462-024-10827-x
Bouramdane A(2023)Cyberattacks in Smart Grids: Challenges and Solving the Multi-Criteria Decision-Making for Cybersecurity Options, Including Ones That Incorporate Artificial Intelligence, Using an Analytical Hierarchy ProcessJournal of Cybersecurity and Privacy10.3390/jcp30400313:4(662-705)Online publication date: 27-Sep-2023
https://doi.org/10.3390/jcp3040031
Forough JBhuyan MElmroth E(2023)Anomaly Detection and Resolution on the Edge: Solutions and Future Directions2023 IEEE International Conference on Service-Oriented System Engineering (SOSE)10.1109/SOSE58276.2023.00034(227-238)Online publication date: Jul-2023
https://doi.org/10.1109/SOSE58276.2023.00034

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents