Detection and Forensics against Stealthy Data Falsification in Smart Metering Infrastructure
False power consumption data injected from compromised smart meters in Advanced Metering Infrastructure (AMI) of smart grids is a threat that negatively affects both customers and utilities. In particular, organized and stealthy adversaries can launch various types of data falsification attacks from multiple meters using smart or persistent strategies. In this paper, we propose a real time, two tier attack detection scheme to detect orchestrated data falsification under a sophisticated threat model in decentralized micro-grids. The first detection tier monitors whether the Harmonic to Arithmetic Mean Ratio of aggregated daily power consumption data is outside a normal range known as safe margin. To confirm whether discrepancies in the first detection tier is indeed an attack, the second detection tier monitors the sum of the residuals (difference) between the proposed ratio metric and the safe margin over a frame of multiple days. If the sum of residuals is beyond a standard limit range, the presence of a data falsification attack is confirmed. Both the 'safe margins' and the 'standard limits' are designed through a 'system identification phase' where the signature of proposed metrics under normal conditions are studied using real AMI micro-grid data sets from two different countries over multiple years. Subsequently, we show how the proposed metrics trigger unique signatures under various attacks which aids in attack reconstruction and also limit the impact of persistent attacks. Unlike metrics such as CUSUM or EWMA, the stability of the proposed metrics under normal conditions allows successful real time detection of various stealthy attacks with ultra-low false alarms.
S. Bhattacharjee and S. K. Das, "Detection and Forensics against Stealthy Data Falsification in Smart Metering Infrastructure," IEEE Transactions on Dependable and Secure Computing, Institute of Electrical and Electronics Engineers (IEEE), Dec 2018.
The definitive version is available at https://doi.org/10.1109/TDSC.2018.2889729
Keywords and Phrases
Advanced metering infrastructures; Aggregates; Crime; Digital forensics; Electric power transmission networks; Electric power utilization; Instruments; Interactive computer systems; Measurement; Network security; Real time systems; Smart meters; Standards; Underground structures; Cyber-Physical securities; Data Falsification; False data injection; Power demands; Smart grid; Statistical anomaly detection; Smart power grids; Measurement; Meters; Real-time systems
International Standard Serial Number (ISSN)
Article - Journal
© 2018 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.