@PAD

Abstract

In this work, we study the vulnerabilities of protection systems that can detect cyber-attacks in power grid systems. We show that machine learning-based discriminators are not resilient against Denial-of-Service (DoS) attacks. In particular, we demonstrate that an adversarial actor can launch DoS attacks on specific sensors, render their measurements useless and cause the attack detector to classify a more sophisticated cyber-attack as a normal event. As a result of this, the system operator may fail to take action against attack-related faults leading to a decrease in the operation performance. To realize a DoS attack, we present an optimization problem to determine which sensors to attack within a given budget such that the existing classifier can be deceived. For linear classifiers, this optimization problem can be formulated as a mixed-integer linear programming problem. In this paper, we extend this optimization problem to find attacks for more complex classifiers such as neural networks. We demonstrate that a neural network, in particular, with RELU activation functions, can be represented as a set of logic formulas using Disjunctive Normal Form, and the optimization problem can be used to efficiently compute a DoS attack. In addition, we propose a defense model that improves the resilience of neural networks against DoS through adversarial training. Finally, we evaluate the efficiency of the approach using a dataset for classification in power systems.