AI-Driven Approach for Detecting Cyber-Attacks Targeting Two-Area Four-Machine System

With the increased dependency on Wide Area Network (WAN) signals in power systems for critical functions, cyber-attacks on the communication lines can lead to catastrophic results, such as the complete shutdown of a country's power grid. Detecting these potential attacks on WAN signals is of ut...

Full description

Saved in:
Bibliographic Details
Published in2024 IEEE Kansas Power and Energy Conference (KPEC) pp. 1 - 6
Main Authors Elshamy, Ahmed, Abughali, Ahmed, Alansari, Mohamad, Habash, Obadah, Sumaiti, Ameena Al, Svetinovic, Davor
Format Conference Proceeding
LanguageEnglish
Published IEEE 25.04.2024
Subjects
Online AccessGet full text

Cover

Loading…
More Information
Summary:With the increased dependency on Wide Area Network (WAN) signals in power systems for critical functions, cyber-attacks on the communication lines can lead to catastrophic results, such as the complete shutdown of a country's power grid. Detecting these potential attacks on WAN signals is of utmost importance. In this work, we explore several data-driven approaches for detecting stealthy false data injection attacks on a critical component of the power system, the Wide Area Damping Control (WADC). After extensive simulations on the two-area test system for data collection, we test four machine/deep learning approaches to detect the attack injections in real time. The four techniques are eXtreme Gradient Boosting (XGBoost), Gradient Boosting Classifier (GBC), Long Short Term Memory (LSTM), and Convolutional Neural Networks (CNNs). We consider two cases; the first is where all voltage and current signals are sent to the central WADC. The second is when only the required tie line power measurement is sent. In both cases, LSTM results in the highest detection accuracy, exceeding 99.5% in the first case and 94.2% in the second case. These results reflect the importance of redundant data availability.
ISSN:2997-7460
DOI:10.1109/KPEC61529.2024.10676155