A Profit-Oriented Attack by Virtual Power Plants for Economic Risk Transfer: Profitability Analysis and Defense Strategy

IF 4.4 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Systems Journal Pub Date : 2025-03-16 DOI:10.1109/JSYST.2025.3566018

Luyu Wang;Jiping Wu;Zhetong Ding;Kaifeng Zhang;Biplab Sikdar

{"title":"A Profit-Oriented Attack by Virtual Power Plants for Economic Risk Transfer: Profitability Analysis and Defense Strategy","authors":"Luyu Wang;Jiping Wu;Zhetong Ding;Kaifeng Zhang;Biplab Sikdar","doi":"10.1109/JSYST.2025.3566018","DOIUrl":null,"url":null,"abstract":"Virtual power plants (VPP) may face the risk of economic losses arising from the deviation between day-ahead schedule and real-time energy delivery. This article introduces a novel profit-oriented attack by some greedy VPP (G-VPP) for the first time, which aims to transfer its risk of economic losses to other normal VPPs (N-VPPs) and obtain a risk-free profit. Particularly, the G-VPP launches the load-altering attack (LAA) on N-VPPs to fail their real-time (RT) generation schedule via modifying the generation instructions of the managed resources. The optimal LAA strategy considering stealthiness is proposed to avoid priori detection and the optimal bidding strategy using CVaR is proposed to quantify bidding risk and maximize profit. To defend against such profit-oriented attacks, this article constitutes the first attack traceability research. A defense scheme with attack detection and attacker identification is proposed, which is executed by VPPs and the independent system operator (ISO). VPPs employ an attack detection algorithm based on complex features, and if any, report it to the ISO. The ISO constructs a knowledge graph of electricity market transactions and embeds a rules-based identification algorithm to identify suspected attackers. Simulation results show the effectiveness of the defense scheme and Neo4j is used to visualize.","PeriodicalId":55017,"journal":{"name":"IEEE Systems Journal","volume":"19 2","pages":"507-517"},"PeriodicalIF":4.4000,"publicationDate":"2025-03-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Systems Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/11005882/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Virtual power plants (VPP) may face the risk of economic losses arising from the deviation between day-ahead schedule and real-time energy delivery. This article introduces a novel profit-oriented attack by some greedy VPP (G-VPP) for the first time, which aims to transfer its risk of economic losses to other normal VPPs (N-VPPs) and obtain a risk-free profit. Particularly, the G-VPP launches the load-altering attack (LAA) on N-VPPs to fail their real-time (RT) generation schedule via modifying the generation instructions of the managed resources. The optimal LAA strategy considering stealthiness is proposed to avoid priori detection and the optimal bidding strategy using CVaR is proposed to quantify bidding risk and maximize profit. To defend against such profit-oriented attacks, this article constitutes the first attack traceability research. A defense scheme with attack detection and attacker identification is proposed, which is executed by VPPs and the independent system operator (ISO). VPPs employ an attack detection algorithm based on complex features, and if any, report it to the ISO. The ISO constructs a knowledge graph of electricity market transactions and embeds a rules-based identification algorithm to identify suspected attackers. Simulation results show the effectiveness of the defense scheme and Neo4j is used to visualize.

查看原文本刊更多论文

面向经济风险转移的虚拟电厂盈利攻击：盈利能力分析与防御策略

虚拟电厂（VPP）可能会因日前计划与实时供能的偏差而面临经济损失的风险。本文首次提出了一种贪婪VPP （G-VPP）的新型利润导向攻击，其目的是将自身的经济损失风险转移给其他正常VPP (n -VPP)，从而获得无风险的利润。特别是，G-VPP通过修改被管理资源的生成指令，对n - vpp发起负载改变攻击（load-alter attack， LAA），破坏n - vpp的实时生成计划。提出了考虑隐身性的最优LAA策略，避免了先验检测；提出了基于CVaR的最优竞价策略，量化了竞价风险，实现了利润最大化。为了防范这种以盈利为目的的攻击，本文首次对攻击的可追溯性进行了研究。提出了一种基于攻击检测和攻击者识别的防御方案，该方案由vpp和独立系统操作符（ISO）执行。vpp采用基于复杂特征的攻击检测算法，如果有攻击，则上报给ISO。ISO构建了一个电力市场交易的知识图谱，并嵌入了一个基于规则的识别算法来识别可疑的攻击者。仿真结果表明了该防御方案的有效性，并使用Neo4j进行了可视化。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Systems Journal 工程技术-电信学

CiteScore

9.80

自引率

6.80%

发文量

572

审稿时长

4.9 months

期刊介绍： This publication provides a systems-level, focused forum for application-oriented manuscripts that address complex systems and system-of-systems of national and global significance. It intends to encourage and facilitate cooperation and interaction among IEEE Societies with systems-level and systems engineering interest, and to attract non-IEEE contributors and readers from around the globe. Our IEEE Systems Council job is to address issues in new ways that are not solvable in the domains of the existing IEEE or other societies or global organizations. These problems do not fit within traditional hierarchical boundaries. For example, disaster response such as that triggered by Hurricane Katrina, tsunamis, or current volcanic eruptions is not solvable by pure engineering solutions. We need to think about changing and enlarging the paradigm to include systems issues.