Detecting smart meter false data attacks using hierarchical feature clustering and incentive weighted anomaly detection

IF 1.7 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Martin Higgins, Bruce Stephen, David Wallom
{"title":"Detecting smart meter false data attacks using hierarchical feature clustering and incentive weighted anomaly detection","authors":"Martin Higgins,&nbsp;Bruce Stephen,&nbsp;David Wallom","doi":"10.1049/cps2.12057","DOIUrl":null,"url":null,"abstract":"<p>Spot pricing is often suggested as a method of increasing demand-side flexibility in electrical power load. However, few works have considered the vulnerability of spot pricing to financial fraud via false data injection (FDI) style attacks. The authors consider attacks which aim to alter the consumer load profile to exploit intraday price dips. The authors examine an anomaly detection protocol for cyber-attacks that seek to leverage spot prices for financial gain. In this way the authors outline a methodology for detecting attacks on industrial load smart meters. The authors first create a feature clustering model of the underlying business, segregated by business type. The authors then use these clusters to create an incentive-weighted anomaly detection protocol for false data attacks against load profiles. This clustering-based methodology incorporates both the load profile and spot pricing considerations for the detection of injected load profiles. To reduce false positives, the authors model incentive-based detection, which includes knowledge of spot prices, into the anomaly tracking, enabling the methodology to account for changes in the load profile which are unlikely to be attacks.</p>","PeriodicalId":36881,"journal":{"name":"IET Cyber-Physical Systems: Theory and Applications","volume":"8 4","pages":"257-271"},"PeriodicalIF":1.7000,"publicationDate":"2023-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ietresearch.onlinelibrary.wiley.com/doi/epdf/10.1049/cps2.12057","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Cyber-Physical Systems: Theory and Applications","FirstCategoryId":"1085","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/cps2.12057","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Spot pricing is often suggested as a method of increasing demand-side flexibility in electrical power load. However, few works have considered the vulnerability of spot pricing to financial fraud via false data injection (FDI) style attacks. The authors consider attacks which aim to alter the consumer load profile to exploit intraday price dips. The authors examine an anomaly detection protocol for cyber-attacks that seek to leverage spot prices for financial gain. In this way the authors outline a methodology for detecting attacks on industrial load smart meters. The authors first create a feature clustering model of the underlying business, segregated by business type. The authors then use these clusters to create an incentive-weighted anomaly detection protocol for false data attacks against load profiles. This clustering-based methodology incorporates both the load profile and spot pricing considerations for the detection of injected load profiles. To reduce false positives, the authors model incentive-based detection, which includes knowledge of spot prices, into the anomaly tracking, enabling the methodology to account for changes in the load profile which are unlikely to be attacks.

Abstract Image

利用分层特征聚类和激励加权异常检测检测智能电表虚假数据攻击
人们经常建议将现货定价作为提高电力负荷需求方灵活性的一种方法。然而,很少有著作考虑到现货定价容易受到通过虚假数据注入 (FDI) 式攻击进行金融欺诈的影响。作者考虑了旨在改变用户负荷状况以利用日内价格下跌的攻击。作者研究了一种异常检测协议,用于检测试图利用现货价格获取经济利益的网络攻击。因此,作者概述了一种检测工业负荷智能电表攻击的方法。作者首先创建了一个按业务类型划分的底层业务特征聚类模型。然后,作者利用这些聚类创建了一个激励加权异常检测协议,用于检测针对负载配置文件的虚假数据攻击。这种基于聚类的方法同时考虑了负荷曲线和现货定价因素,用于检测注入的负荷曲线。为了减少误报,作者将基于激励的检测(包括现货价格知识)建模到异常跟踪中,使该方法能够考虑到不可能是攻击的负载曲线变化。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
IET Cyber-Physical Systems: Theory and Applications
IET Cyber-Physical Systems: Theory and Applications Computer Science-Computer Networks and Communications
CiteScore
5.40
自引率
6.70%
发文量
17
审稿时长
19 weeks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信