Defense against Joint Poison and Evasion Attacks: A Case Study of DERMS

arXiv - CS - Systems and Control Pub Date : 2024-05-05 DOI:arxiv-2405.02989

Zain ul Abdeen, Padmaksha Roy, Ahmad Al-Tawaha, Rouxi Jia, Laura Freeman, Peter Beling, Chen-Ching Liu, Alberto Sangiovanni-Vincentelli, Ming Jin

{"title":"Defense against Joint Poison and Evasion Attacks: A Case Study of DERMS","authors":"Zain ul Abdeen, Padmaksha Roy, Ahmad Al-Tawaha, Rouxi Jia, Laura Freeman, Peter Beling, Chen-Ching Liu, Alberto Sangiovanni-Vincentelli, Ming Jin","doi":"arxiv-2405.02989","DOIUrl":null,"url":null,"abstract":"There is an upward trend of deploying distributed energy resource management\nsystems (DERMS) to control modern power grids. However, DERMS controller\ncommunication lines are vulnerable to cyberattacks that could potentially\nimpact operational reliability. While a data-driven intrusion detection system\n(IDS) can potentially thwart attacks during deployment, also known as the\nevasion attack, the training of the detection algorithm may be corrupted by\nadversarial data injected into the database, also known as the poisoning\nattack. In this paper, we propose the first framework of IDS that is robust\nagainst joint poisoning and evasion attacks. We formulate the defense mechanism\nas a bilevel optimization, where the inner and outer levels deal with attacks\nthat occur during training time and testing time, respectively. We verify the\nrobustness of our method on the IEEE-13 bus feeder model against a diverse set\nof poisoning and evasion attack scenarios. The results indicate that our\nproposed method outperforms the baseline technique in terms of accuracy,\nprecision, and recall for intrusion detection.","PeriodicalId":501062,"journal":{"name":"arXiv - CS - Systems and Control","volume":"27 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-05-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Systems and Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2405.02989","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

There is an upward trend of deploying distributed energy resource management systems (DERMS) to control modern power grids. However, DERMS controller communication lines are vulnerable to cyberattacks that could potentially impact operational reliability. While a data-driven intrusion detection system (IDS) can potentially thwart attacks during deployment, also known as the evasion attack, the training of the detection algorithm may be corrupted by adversarial data injected into the database, also known as the poisoning attack. In this paper, we propose the first framework of IDS that is robust against joint poisoning and evasion attacks. We formulate the defense mechanism as a bilevel optimization, where the inner and outer levels deal with attacks that occur during training time and testing time, respectively. We verify the robustness of our method on the IEEE-13 bus feeder model against a diverse set of poisoning and evasion attack scenarios. The results indicate that our proposed method outperforms the baseline technique in terms of accuracy, precision, and recall for intrusion detection.

查看原文本刊更多论文

防御联合投毒和规避攻击：DERMS 案例研究

部署分布式能源资源管理系统（DERMS）来控制现代电网已成为一种趋势。然而，DERMS 控制器通信线路很容易受到网络攻击，从而对运行可靠性造成潜在影响。虽然数据驱动的入侵检测系统（IDS）有可能在部署过程中挫败攻击（也称为 "入侵攻击"），但检测算法的训练可能会被注入数据库的反向数据破坏（也称为 "中毒攻击"）。在本文中，我们首次提出了可稳健抵御联合中毒和规避攻击的 IDS 框架。我们将防御机制表述为双层优化，其中内层和外层分别处理发生在训练时间和测试时间的攻击。我们在 IEEE-13 总线馈线模型上针对一系列不同的中毒和规避攻击场景验证了我们方法的稳健性。结果表明，我们提出的方法在入侵检测的准确度、精确度和召回率方面都优于基准技术。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Systems and Control

自引率

0.00%

发文量