A Review of False Data Injection Attacks Against Modern Power Systems
TL;DR: A comprehensive review of state-of-the-art in FDIAs against modern power systems is given and some potential future research directions in this field are discussed.
Abstract: With rapid advances in sensor, computer, and communication networks, modern power systems have become complicated cyber-physical systems. Assessing and enhancing cyber-physical system security is, therefore, of utmost importance for the future electricity grid. In a successful false data injection attack (FDIA), an attacker compromises measurements from grid sensors in such a way that undetected errors are introduced into estimates of state variables such as bus voltage angles and magnitudes. In evading detection by commonly employed residue-based bad data detection tests, FDIAs are capable of severely threatening power system security. Since the first published research on FDIAs in 2009, research into FDIA-based cyber-attacks has been extensive. This paper gives a comprehensive review of state-of-the-art in FDIAs against modern power systems. This paper first summarizes the theoretical basis of FDIAs, and then discusses both the physical and the economic impacts of a successful FDIA. This paper presents the basic defense strategies against FDIAs and discusses some potential future research directions in this field.
Citations
More filters
TL;DR: In this paper, the authors consider some implications for FDIAs arising from the late 2015 Ukraine Blackout event, and propose a false data injection attack (FDIA) framework.
Abstract: In a false data injection attack (FDIA), an adversary stealthily compromises measurements from electricity grid sensors in a coordinated fashion, with a view to evading detection by the power system bad data detection module. A successful FDIA can cause the system operator to perform control actions that compromise either the physical or economic operation of the power system. In this letter, we consider some implications for FDIAs arising from the late 2015 Ukraine Blackout event.
816 citations
Cites background or methods from "A Review of False Data Injection At..."
...Research on FDIAs has been extensive [3]–[7], typically relying on three key assumptions [3], [4], namely that the attacker:...
[...]
...There are three approaches to manipulating meter measurements for FDIAs: (i) compromising meters locally; (ii) intercepting and forging data packets when transferring to the control center; and (iii) modifying control center database [4]....
[...]
TL;DR: A unique taxonomy is provided, which sheds the light on IoT vulnerabilities, their attack vectors, impacts on numerous security objectives, attacks which exploit such vulnerabilities, corresponding remediation methodologies and currently offered operational cyber security capabilities to infer and monitor such weaknesses.
Abstract: The security issue impacting the Internet-of-Things (IoT) paradigm has recently attracted significant attention from the research community. To this end, several surveys were put forward addressing various IoT-centric topics, including intrusion detection systems, threat modeling, and emerging technologies. In contrast, in this paper, we exclusively focus on the ever-evolving IoT vulnerabilities. In this context, we initially provide a comprehensive classification of state-of-the-art surveys, which address various dimensions of the IoT paradigm. This aims at facilitating IoT research endeavors by amalgamating, comparing, and contrasting dispersed research contributions. Subsequently, we provide a unique taxonomy, which sheds the light on IoT vulnerabilities, their attack vectors, impacts on numerous security objectives, attacks which exploit such vulnerabilities, corresponding remediation methodologies and currently offered operational cyber security capabilities to infer and monitor such weaknesses. This aims at providing the reader with a multidimensional research perspective related to IoT vulnerabilities, including their technical details and consequences, which is postulated to be leveraged for remediation objectives. Additionally, motivated by the lack of empirical (and malicious) data related to the IoT paradigm, this paper also presents a first look on Internet-scale IoT exploitations by drawing upon more than 1.2 GB of macroscopic, passive measurements’ data. This aims at practically highlighting the severity of the IoT problem, while providing operational situational awareness capabilities, which undoubtedly would aid in the mitigation task, at large. Insightful findings, inferences and outcomes in addition to open challenges and research problems are also disclosed in this paper, which we hope would pave the way for future research endeavors addressing theoretical and empirical aspects related to the imperative topic of IoT security.
451 citations
Cites background from "A Review of False Data Injection At..."
...For instance, lunching such attacks could mislead the state estimation process of a IoT device, causing dramatic economic impact or even loss of human life [169]....
[...]
TL;DR: An intensive summary of several detection algorithms for false data injection attacks by categorizing them and elaborating on the pros and cons of each category is provided.
Abstract: Cyber-physical attacks are the main substantial threats facing the utilization and development of the various smart grid technologies. Among these attacks, false data injection attack represents a main category with its widely varied types and impacts that have been extensively reported recently. In addressing this threat, several detection algorithms have been developed in the last few years. These were either model-based or data-driven algorithms. This paper provides an intensive summary of these algorithms by categorizing them and elaborating on the pros and cons of each category. The paper starts by introducing the various cyber-physical attacks along with the main reported incidents in history. The significance and the impacts of the false data injection attacks are then reported. The concluding remarks present the main criteria that should be considered in developing future detection algorithms for the false data injection attacks.
362 citations
Cites background from "A Review of False Data Injection At..."
...Authors of [26] illustrate several possible cyber-based FDIA and the associated impacts in the power grid....
[...]
01 Dec 2016
TL;DR: This paper provides a comprehensive and systematic review of the critical attack threats and defence strategies in the smart grid, and focuses on prominent CP attack schemes with significant impact on the smartgrid operation and corresponding defense solutions.
Abstract: The smart grid is arguably one of the most complex cyber-physical systems (CPS). Complex security challenges have been revealed in both the physical and the cyber parts of the smart grid, and an integrative analysis on the cyber-physical (CP) security is emerging. This paper provides a comprehensive and systematic review of the critical attack threats and defence strategies in the smart grid. We start this survey with an overview of the smart grid security from the CP perspective, and then focuses on prominent CP attack schemes with significant impact on the smart grid operation and corresponding defense solutions. With an in-depth review of the attacks and defences, we then discuss the opportunities and challenges along the smart grid CP security. We hope this paper raises awareness of the CP attack threats and defence strategies in complex CPS-based infrastructures such as the smart grid and inspires research effort toward the development of secure and resilient CP infrastructures.
349 citations
TL;DR: A survey of systems and control methods proposed for the security of Cyber-Physical Systems, a field that has recently garnered increased attention, classifies these methods into three categories based on the type of defense proposed against the cyberattacks: prevention, resilience, and detection & isolation.
312 citations
References
More filters
TL;DR: A new method for estimation in linear models called the lasso, which minimizes the residual sum of squares subject to the sum of the absolute value of the coefficients being less than a constant, is proposed.
Abstract: SUMMARY We propose a new method for estimation in linear models. The 'lasso' minimizes the residual sum of squares subject to the sum of the absolute value of the coefficients being less than a constant. Because of the nature of this constraint it tends to produce some coefficients that are exactly 0 and hence gives interpretable models. Our simulation studies suggest that the lasso enjoys some of the favourable properties of both subset selection and ridge regression. It produces interpretable models like subset selection and exhibits the stability of ridge regression. There is also an interesting relationship with recent work in adaptive function estimation by Donoho and Johnstone. The lasso idea is quite general and can be applied in a variety of statistical models: extensions to generalized regression models and tree-based models are briefly described.
40,785 citations
"A Review of False Data Injection At..." refers background in this paper
...The problem is known to be NP-hard for arbitrary H, but is often solved using the mixed-integer linear programming (MILP) method [15], matching pursuit [16], or LASSO algorithm [17]....
[...]
TL;DR: The authors introduce an algorithm, called matching pursuit, that decomposes any signal into a linear expansion of waveforms that are selected from a redundant dictionary of functions, chosen in order to best match the signal structures.
Abstract: The authors introduce an algorithm, called matching pursuit, that decomposes any signal into a linear expansion of waveforms that are selected from a redundant dictionary of functions. These waveforms are chosen in order to best match the signal structures. Matching pursuits are general procedures to compute adaptive signal representations. With a dictionary of Gabor functions a matching pursuit defines an adaptive time-frequency transform. They derive a signal energy distribution in the time-frequency plane, which does not include interference terms, unlike Wigner and Cohen class distributions. A matching pursuit isolates the signal structures that are coherent with respect to a given dictionary. An application to pattern extraction from noisy signals is described. They compare a matching pursuit decomposition with a signal expansion over an optimized wavepacket orthonormal basis, selected with the algorithm of Coifman and Wickerhauser see (IEEE Trans. Informat. Theory, vol. 38, Mar. 1992). >
9,380 citations
"A Review of False Data Injection At..." refers background in this paper
...The problem is known to be NP-hard for arbitrary H, but is often solved using the mixed-integer linear programming (MILP) method [15], matching pursuit [16], or LASSO algorithm [17]....
[...]
TL;DR: In this article, a new class of attacks, called false data injection attacks, against state estimation in electric power grids is presented and analyzed, under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations.
Abstract: A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, and state estimation is used in system monitoring to best estimate the power grid state through analysis of meter measurements and power system models. Various techniques have been developed to detect and identify bad measurements, including interacting bad measurements introduced by arbitrary, nonrandom causes. At first glance, it seems that these techniques can also defeat malicious measurements injected by attackers.In this article, we expose an unknown vulnerability of existing bad measurement detection algorithms by presenting and analyzing a new class of attacks, called false data injection attacks, against state estimation in electric power grids. Under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations, such attacks can introduce arbitrary errors into certain state variables without being detected by existing algorithms. Moreover, we look at two scenarios, where the attacker is either constrained to specific meters or limited in the resources required to compromise meters. We show that the attacker can systematically and efficiently construct attack vectors in both scenarios to change the results of state estimation in arbitrary ways. We also extend these attacks to generalized false data injection attacks, which can further increase the impact by exploiting measurement errors typically tolerated in state estimation. We demonstrate the success of these attacks through simulation using IEEE test systems, and also discuss the practicality of these attacks and the real-world constraints that limit their effectiveness.
2,064 citations
01 Jan 2012
TL;DR: The significance of cyber infrastructure security in conjunction with power application security to prevent, mitigate, and tolerate cyber attacks is highlighted and a layered approach is introduced to evaluating risk based on the security of both the physical power applications and the supporting cyber infrastructure.
Abstract: The development of a trustworthy smart grid requires a deeper understanding of potential impacts resulting from successful cyber attacks. Estimating feasible attack impact requires an evaluation of the grid's dependency on its cyber infrastructure and its ability to tolerate potential failures. A further exploration of the cyber-physical relationships within the smart grid and a specific review of possible attack vectors is necessary to determine the adequacy of cybersecurity efforts. This paper highlights the significance of cyber infrastructure security in conjunction with power application security to prevent, mitigate, and tolerate cyber attacks. A layered approach is introduced to evaluating risk based on the security of both the physical power applications and the supporting cyber infrastructure. A classification is presented to highlight dependencies between the cyber-physical controls required to support the smart grid and the communication and computations that must be protected from cyber attack. The paper then presents current research efforts aimed at enhancing the smart grid's application and infrastructure security. Finally, current challenges are identified to facilitate future research efforts.
1,012 citations
TL;DR: Malicious attacks against power systems are investigated, in which an adversary controls a set of meters and is able to alter the measurements from those meters, and an optimal attack based on minimum energy leakage is proposed.
Abstract: Malicious attacks against power systems are investigated, in which an adversary controls a set of meters and is able to alter the measurements from those meters. Two regimes of attacks are considered. The strong attack regime is where the adversary attacks a sufficient number of meters so that the network state becomes unobservable by the control center. For attacks in this regime, the smallest set of attacked meters capable of causing network unobservability is characterized using a graph theoretic approach. By casting the problem as one of minimizing a supermodular graph functional, the problem of identifying the smallest set of vulnerable meters is shown to have polynomial complexity. For the weak attack regime where the adversary controls only a small number of meters, the problem is examined from a decision theoretic perspective for both the control center and the adversary. For the control center, a generalized likelihood ratio detector is proposed that incorporates historical data. For the adversary, the trade-off between maximizing estimation error at the control center and minimizing detection probability of the launched attack is examined. An optimal attack based on minimum energy leakage is proposed.
770 citations
"A Review of False Data Injection At..." refers background in this paper
...Moreover, weaknesses in cyber security can also threaten the physical security of the power systems due to the deep integration of the physical and cyber systems [1]–[6]....
[...]