{"title":"需求方管理的黑箱对抗攻击","authors":"Eike Cramer , Ji Gao","doi":"10.1016/j.compchemeng.2024.108681","DOIUrl":null,"url":null,"abstract":"<div><p>Demand side management (DSM) contributes to the industry’s transition to renewables by shifting electricity consumption in time while maintaining feasible operations. Machine learning is promising for DSM with reasonable computation times and electricity price forecasting (EPF), which is paramount to obtaining the necessary data. Increased usage of machine learning makes production processes susceptible to so-called adversarial attacks. This work proposes a black-box attack on DSM and EPF based on an adversarial surrogate model that intercepts and modifies the data flow of load forecasts and forces the DSM to result in financial losses. Notably, adversaries can design the data modifications without knowledge of the EPF model or the DSM optimization model. The results show how barely noticeable modifications of the input data lead to significant deterioration of the decisions by the optimizer. The results implicate a significant threat, as attackers can design and implement powerful attacks without infiltrating secure company networks.</p></div>","PeriodicalId":286,"journal":{"name":"Computers & Chemical Engineering","volume":null,"pages":null},"PeriodicalIF":3.9000,"publicationDate":"2024-04-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0098135424000991/pdfft?md5=1daff4517cd47f17c42632dfccaacd9b&pid=1-s2.0-S0098135424000991-main.pdf","citationCount":"0","resultStr":"{\"title\":\"A black-box adversarial attack on demand side management\",\"authors\":\"Eike Cramer , Ji Gao\",\"doi\":\"10.1016/j.compchemeng.2024.108681\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Demand side management (DSM) contributes to the industry’s transition to renewables by shifting electricity consumption in time while maintaining feasible operations. Machine learning is promising for DSM with reasonable computation times and electricity price forecasting (EPF), which is paramount to obtaining the necessary data. Increased usage of machine learning makes production processes susceptible to so-called adversarial attacks. This work proposes a black-box attack on DSM and EPF based on an adversarial surrogate model that intercepts and modifies the data flow of load forecasts and forces the DSM to result in financial losses. Notably, adversaries can design the data modifications without knowledge of the EPF model or the DSM optimization model. The results show how barely noticeable modifications of the input data lead to significant deterioration of the decisions by the optimizer. The results implicate a significant threat, as attackers can design and implement powerful attacks without infiltrating secure company networks.</p></div>\",\"PeriodicalId\":286,\"journal\":{\"name\":\"Computers & Chemical Engineering\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.9000,\"publicationDate\":\"2024-04-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S0098135424000991/pdfft?md5=1daff4517cd47f17c42632dfccaacd9b&pid=1-s2.0-S0098135424000991-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Chemical Engineering\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0098135424000991\",\"RegionNum\":2,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Chemical Engineering","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0098135424000991","RegionNum":2,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}
A black-box adversarial attack on demand side management
Demand side management (DSM) contributes to the industry’s transition to renewables by shifting electricity consumption in time while maintaining feasible operations. Machine learning is promising for DSM with reasonable computation times and electricity price forecasting (EPF), which is paramount to obtaining the necessary data. Increased usage of machine learning makes production processes susceptible to so-called adversarial attacks. This work proposes a black-box attack on DSM and EPF based on an adversarial surrogate model that intercepts and modifies the data flow of load forecasts and forces the DSM to result in financial losses. Notably, adversaries can design the data modifications without knowledge of the EPF model or the DSM optimization model. The results show how barely noticeable modifications of the input data lead to significant deterioration of the decisions by the optimizer. The results implicate a significant threat, as attackers can design and implement powerful attacks without infiltrating secure company networks.
期刊介绍:
Computers & Chemical Engineering is primarily a journal of record for new developments in the application of computing and systems technology to chemical engineering problems.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
