Impact and detection of cyber attacks in wide area control application of cyber-physical power system (CPPS)

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-06-06 DOI:10.1016/j.cose.2025.104547

G.Y. Sree Varshini , S. Latha , G.Y. Rajaa Vikhram

{"title":"Impact and detection of cyber attacks in wide area control application of cyber-physical power system (CPPS)","authors":"G.Y. Sree Varshini , S. Latha , G.Y. Rajaa Vikhram","doi":"10.1016/j.cose.2025.104547","DOIUrl":null,"url":null,"abstract":"<div><div>The most important factor of a comprehensive power grid cybersecurity strategy is the assessment of the effects of cyberattacks. Its insights facilitate the development of resilience, proactive risk management, and effective response plans to emerging cyber threats. To evaluate the potential consequences of a cyberattack on grid infrastructure, it is essential to examine the extensive impact of cyberattacks within the framework of cyber-physical power systems (CPPS). The article investigates the extensive impacts of cyberattacks across three unique scenarios, namely single cyberattack (SCA), coordinated cyber-physical attack (CCPA), and multiple cyberattacks (MCA). These attack scenarios are tested in the wide-area control application of the New England 39-bus test system. Classifiers such as Random Forest (RF), K-Nearest Neighbour (KNN), Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM) and Support Vector Machine (SVM) identify threats using a learning-based approach. We assess attack detection by multiple performance indicators, including accuracy, precision, and the F-score. Simulation results indicate that MCA is more harmful than a single cyberattack or a coordinated attack. Furthermore, the CNN classifier surpasses other classifiers in attack detection efficacy.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104547"},"PeriodicalIF":4.8000,"publicationDate":"2025-06-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825002366","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The most important factor of a comprehensive power grid cybersecurity strategy is the assessment of the effects of cyberattacks. Its insights facilitate the development of resilience, proactive risk management, and effective response plans to emerging cyber threats. To evaluate the potential consequences of a cyberattack on grid infrastructure, it is essential to examine the extensive impact of cyberattacks within the framework of cyber-physical power systems (CPPS). The article investigates the extensive impacts of cyberattacks across three unique scenarios, namely single cyberattack (SCA), coordinated cyber-physical attack (CCPA), and multiple cyberattacks (MCA). These attack scenarios are tested in the wide-area control application of the New England 39-bus test system. Classifiers such as Random Forest (RF), K-Nearest Neighbour (KNN), Convolutional Neural Network (CNN), Long Short-Term Memory (LSTM) and Support Vector Machine (SVM) identify threats using a learning-based approach. We assess attack detection by multiple performance indicators, including accuracy, precision, and the F-score. Simulation results indicate that MCA is more harmful than a single cyberattack or a coordinated attack. Furthermore, the CNN classifier surpasses other classifiers in attack detection efficacy.

查看原文本刊更多论文

网络攻击对网络物理电力系统广域控制应用的影响及检测

综合电网网络安全战略的最重要因素是对网络攻击影响的评估。它的见解有助于制定弹性、主动风险管理和有效应对新出现的网络威胁的计划。为了评估网络攻击对电网基础设施的潜在影响，有必要在网络物理电力系统（CPPS）框架内检查网络攻击的广泛影响。本文研究了网络攻击在三种独特场景下的广泛影响，即单一网络攻击（SCA）、协调网络物理攻击（CCPA）和多重网络攻击（MCA）。这些攻击场景在新英格兰39总线测试系统的广域控制应用中进行了测试。随机森林（RF）、k近邻（KNN）、卷积神经网络（CNN）、长短期记忆（LSTM）和支持向量机（SVM）等分类器使用基于学习的方法识别威胁。我们通过多个性能指标评估攻击检测，包括准确性，精度和f分数。仿真结果表明，MCA比单个网络攻击或协同攻击的危害更大。此外，CNN分类器在攻击检测效率上优于其他分类器。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.