Deep Learning-based Detection of Stealth False Data Injection Attacks in Large-Scale Synthetic Power Grids | Grant individual record
date/time interval
2018 - 2021
The proposed research aims to strengthen national security by improving the resilience of power grid critical infrastructure with respect to data manipulation attacks. A comprehensive methodology referred to as DEFENDA - DEtection of FalsE and uNexpected Data Attacks - is proposed to quantify the integrity of data and to characterize the impact of false data on power systems. These attacks are referred to as unobservable or stealth false data injection (FDI) attacks, and they are crafted to bypass traditional bad data detection. DEFENDA's vision is to quickly detect sensor manipulation attacks and correct the false data. The project aims to contribute enhanced state-of-the-art cyber-physical security strategies for transmission system operation, where results will inform solution of similar problems including cyber-physical attack detection at generation, transmission, and distribution levels as well as in communication networks, banking systems, cloud computing and storage, and other critical infrastructures. DEFENDA will contribute attack detection strategies for real-world power grids via deep neural network (DNN) architectures known to offer superior representational power and improved detection performance. Specifically, DEFENDA aims to develop an efficient and robust FDI attack detection mechanism based on a deep long-short-term-memory (LSTM) recurrent neural network (RNN) that captures the time series nature of the status and measurement data and learns their respective normal and malicious patterns. To ensure detection efficiency, DEFENDA investigates optimal selection of the deep architecture and underlying hyper-parameters. Furthermore, DEFENDA ensures detection robustness through three measures. First, DEFENDA enables replacement of any missing status and measurement data via a deep LSTM auto-encoder (LSTM-AE) to enhance detection performance even in presence of jamming attacks. Second, using a deep variational LSTM auto-encoder (V-LSTM-AE) DEFENDA is capable to detect attacks that have not been characterized via an anomaly detector. Finally, DEFENDA carries out detection decision fusion based on centralized, semi-centralized, and decentralized detection architectures. DEFENDA will also create and make available synthetic cases with scenarios designed to promote research in cyber-physical analysis and attack detection. By demonstrating the importance of cyber security and data integrity though the scenarios developed, the project will prepare a generation to solve the problems facing society. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.