Representation-Learning-Based CNN for Intelligent Attack Localization and Recovery of Cyber-Physical Power Systems

• Published in: IEEE transaction on neural networks and learning systems Vol. 35; no. 5; pp. 6145 - 6155
• Main Authors: Lu, Kang-Di, Zhou, Le, Wu, Zheng-Guang
• Format: Journal Article
• Language: English
• Published: United States IEEE 01.05.2024; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Artificial neural networks; Classifiers; Communication networks; Control systems; Convolutional neural network (CNN); cyber-physical power systems (CPPSs); Cyber-physical systems; Cyberattack; Cybersecurity; Denial of service attacks; intelligent attack localization; Jamming; Learning; Localization; Location awareness; Neural networks; Pollutant removal; Pollution measurement; Power flow; Power measurement; Power systems; Recovery; representation learning; Representations; State estimation; Stochasticity; System recovery
• ISSN: 2162-237X; 2162-2388
• DOI: 10.1109/TNNLS.2023.3257225

Enabled by the advances in communication networks, computational units, and control systems, cyber-physical power systems (CPPSs) are anticipated to be complex and smart systems in which a large amount of data are generated, exchanged, and processed for various purposes. Due to these strong interactions, CPPSs will introduce new security vulnerabilities. To ensure secure operation and control of CPPSs, it is essential to detect the locations of the attacked measurements and remove the state bias caused by malicious cyber-attacks such as false data inject attack, jamming attack, denial of service attack, or hybrid attack. Accordingly, this article makes the first contribution concerning the representation-learning-based convolutional neural network (RL-CNN) for intelligent attack localization and system recovery of CPPSs. In the proposed method, the cyber-attacks' locational detection problem is formulated as a multilabel classification problem for CPPSs. An RL-CNN is originally adopted as the multilabel classifier to explore and exploit the implicit information of measurements. By comparing with previous multilabel classifiers, the RL-CNN improves the performance of attack localization for complex CPPSs. Then, to automatically filter out the cyber-attacks for system recovery, a mean-squared estimator is used to handle the difficulty in state estimation with the removal of contaminated measurements. In this scheme, prior knowledge of the system state is obtained based on the outputs of the stochastic power flow or historical measurements. The extensive simulation results in three IEEE bus systems show that the proposed method is able to provide high accuracy for attack localization and perform automatic attack filtering for system recovery under various cyber-attacks.