Statistical Security Incident Forensics against Data Falsification in Smart Grid Advanced Metering Infrastructure
Abstract
Compromised smart meters reporting false power consumption data in Advanced Metering Infrastructure (AMI) may have drastic consequences on a smart grid's operations. Most existing works only deal with electricity theft from customers. However, several other types of data falsification attacks are possible, when meters are compromised by organized rivals. In this paper, we first propose a taxonomy of possible data falsification strategies such as additive, deductive, camouflage and conflict, in AMI micro-grids. Then, we devise a statistical anomaly detection technique to identify the incidence of proposed attack types, by studying their impact on the observed data. Subsequently, a trust model based on Kullback-Leibler divergence is proposed to identify compromised smart meters for additive and deductive attacks. The resultant detection rates and false alarms are minimized through a robust aggregate measure that is calculated based on the detected attack type and successfully discriminating legitimate changes from malicious ones. For conflict and camouflage attacks, a generalized linear model and Weibull function based kernel trick is used over the trust score to facilitate more accurate classification. Using real data sets collected from AMI, we investigate several trade-offs that occur between attacker's revenue and costs, as well as the margin of false data and fraction of compromised nodes. Experimental results show that our model has a high true positive detection rate, while the average false alarm rate is just 8%, for most practical attack strategies, without depending on the expensive hardware based monitoring.
Recommended Citation
S. Bhattacharjee et al., "Statistical Security Incident Forensics against Data Falsification in Smart Grid Advanced Metering Infrastructure," Proceedings of the 7th ACM Conference on Data and Application Security and Privacy (2017, Scottsdale, AZ), pp. 35 - 45, Association for Computing Machinery (ACM), Mar 2017.
The definitive version is available at https://doi.org/10.1145/3029806.3029833
Meeting Name
7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017 (2017: Mar. 22-24, Scottsdale, AZ)
Department(s)
Computer Science
Research Center/Lab(s)
Center for High Performance Computing Research
Keywords and Phrases
Advanced metering infrastructures; Crime; Data privacy; Economic and social effects; Electric power transmission networks; Errors; Information theory; Smart meters; Weibull distribution; Advanced metering; Data falsification; Relative entropy; Security incident; Smart grid; Statistical anomaly detection; Trust models; Smart power grids; Security incident forensics; Supervised learning
International Standard Book Number (ISBN)
978-1-4503-4523-1
Document Type
Article - Conference proceedings
Document Version
Citation
File Type
text
Language(s)
English
Rights
© 2017 Association for Computing Machinery (ACM), All rights reserved.
Publication Date
01 Mar 2017
Comments
The work is partially supported by the NSF grants under award numbers CNS-1545037, CNS- 1545050 and DGE-1433659.