• Corpus ID: 215415897

A Moving-target Cyber-Attack Detection Strategy for Large-scale Power Systems using Dynamic Clustering

  title={A Moving-target Cyber-Attack Detection Strategy for Large-scale Power Systems using Dynamic Clustering},
  author={Ana Jevti'c and Marija Ili'c},
In recent years, cyber-security of power systems has become a growing concern. To protect power systems from malicious adversaries, advanced defense strategies that exploit sophisticated detection algorithms are required. Motivated by this, in this paper we introduce an active defense method based on dynamic clustering. Our detection strategy uses a moving-target approach where information about the system's varying operating point is first used to cluster measurements according to their… 
1 Citations

Figures and Tables from this paper

Distributed Conditions for Small-Signal Stability of Power Grids and Local Control Design

A distributed methodology for certifying small-signal stability of power grids and designing the local controllers and a distributed control design algorithm (DCDA) that can guide the local control design so that stability of the interconnected system is guaranteed.



Model-Based Attack Detection and Mitigation for Automatic Generation Control

A general framework to the application of attack resilient control to power systems as a composition of smart attack detection and mitigation is proposed and a model-based anomaly detection and attack mitigation algorithm is developed for AGC.

Integrity Data Attacks in Power Market Operations

This paper shows how an attack could systematically construct a profitable attacking strategy, in the meantime being undetected by the system operator, and formalizes the economic impact of malicious data attacks on real-time market operations.

False data injection attacks against state estimation in electric power grids

A new class of attacks, called false data injection attacks, against state estimation in electric power grids are presented, showing that an attacker can exploit the configuration of a power system to launch such attacks to successfully introduce arbitrary errors into certain state variables while bypassing existing techniques for bad measurement detection.

Attack Detection and Identification in Cyber-Physical Systems

This paper proposes a mathematical framework for cyber-physical systems, attacks, and monitors, and describes fundamental monitoring limitations from system-theoretic and graph- theoretic perspectives and designs centralized and distributed attack detection and identification monitors.

An Online Detection Framework for Cyber Attacks on Automatic Generation Control

An online framework to detect cyberattacks on automatic generation control is proposed based on the approach of dynamic watermarking and provides a theoretical guarantee of detection of cyberattacks launched by sophisticated attackers possessing extensive knowledge of the physical and statistical models of targeted power systems.

Limiting false data attacks on power system state estimation

An easily computable heuristic is developed to find bad adversarial attacks in all cases, and a new L∞ norm detector is introduced that outperforms more standard L2 norm based detectors by taking advantage of the inherent sparsity of the false data injection.

Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks

A new simple characterization of the maximum number of attacks that can be detected and corrected as a function of the pair (A,C) of the system is given and it is shown that it is impossible to accurately reconstruct the state of a system if more than half the sensors are attacked.

Dynamic Watermarking: Active Defense of Networked Cyber–Physical Systems

A general technique is addressed by which the actuators can detect the actions of malicious sensors in the system and disable closed-loop control based on their information, called watermarking, which employs the technique of actuators injecting private excitation into the system, which will reveal malicious tampering with signals.

Security in cyber-physical systems: Controller design against Known-Plaintext Attack

  • Ye YuanYilin Mo
  • Computer Science, Mathematics
    2015 54th IEEE Conference on Decision and Control (CDC)
  • 2015
This paper argues that an assumption that the physical system model is available to the adversary can be relaxed, given that the adversary might still be able to identify the system model by observing the control input and sensory data from the system.

Secure control against replay attacks

  • Yilin MoB. Sinopoli
  • Computer Science, Mathematics
    2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton)
  • 2009
This paper analyzes the effect of replay attacks on a control system and proposes a countermeasure that guarantees a desired probability of detection by trading off either detection delay or LQG performance, either by decreasing control accuracy or increasing control effort.