TY - GEN
T1 - AI-Driven Approach for Detecting Cyber-Attacks Targeting Two-Area Four-Machine System
AU - Elshamy, Ahmed Refaat
AU - Abughali, Ahmed Mousa
AU - Alansari, Mohamad Yousif Abdulkareem
AU - Habash, Obadah
AU - Sumaiti, Ameena Al
AU - Svetinovic, Davor
N1 - Publisher Copyright:
© 2024 IEEE.
PY - 2024
Y1 - 2024
N2 - With the increased dependency on Wide Area Network (WAN) signals in power systems for critical functions, cyber-attacks on the communication lines can lead to catastrophic results, such as the complete shutdown of a country's power grid. Detecting these potential attacks on WAN signals is of utmost importance. In this work, we explore several data-driven approaches for detecting stealthy false data injection attacks on a critical component of the power system, the Wide Area Damping Control (WADC). After extensive simulations on the two-area test system for data collection, we test four machine/deep learning approaches to detect the attack injections in real time. The four techniques are eXtreme Gradient Boosting (XGBoost), Gradient Boosting Classifier (GBC), Long Short Term Memory (LSTM), and Convolutional Neural Networks (CNNs). We consider two cases; the first is where all voltage and current signals are sent to the central WADC. The second is when only the required tie line power measurement is sent. In both cases, LSTM results in the highest detection accuracy, exceeding 99.5% in the first case and 94.2% in the second case. These results reflect the importance of redundant data availability.
AB - With the increased dependency on Wide Area Network (WAN) signals in power systems for critical functions, cyber-attacks on the communication lines can lead to catastrophic results, such as the complete shutdown of a country's power grid. Detecting these potential attacks on WAN signals is of utmost importance. In this work, we explore several data-driven approaches for detecting stealthy false data injection attacks on a critical component of the power system, the Wide Area Damping Control (WADC). After extensive simulations on the two-area test system for data collection, we test four machine/deep learning approaches to detect the attack injections in real time. The four techniques are eXtreme Gradient Boosting (XGBoost), Gradient Boosting Classifier (GBC), Long Short Term Memory (LSTM), and Convolutional Neural Networks (CNNs). We consider two cases; the first is where all voltage and current signals are sent to the central WADC. The second is when only the required tie line power measurement is sent. In both cases, LSTM results in the highest detection accuracy, exceeding 99.5% in the first case and 94.2% in the second case. These results reflect the importance of redundant data availability.
KW - Cyber-attacks
KW - Deep Learning (DL)
KW - False Data Injection Attacks (FDIAs)
KW - Long Short-Term Memory (LSTM)
KW - Power Systems
KW - Wide Area Damping Control (WADC)
UR - https://www.scopus.com/pages/publications/85205777222
U2 - 10.1109/KPEC61529.2024.10676155
DO - 10.1109/KPEC61529.2024.10676155
M3 - Conference contribution
AN - SCOPUS:85205777222
T3 - 2024 IEEE Kansas Power and Energy Conference, KPEC 2024
BT - 2024 IEEE Kansas Power and Energy Conference, KPEC 2024
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 5th IEEE Kansas Power and Energy Conference, KPEC 2024
Y2 - 25 April 2024 through 26 April 2024
ER -