基于深度强化学习的智能电网隐身攻击检测鲁棒ConvLSTM模型

IF 4.3 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

IEEE Open Journal of the Industrial Electronics Society Pub Date : 2025-07-31 DOI:10.1109/OJIES.2025.3594618

Ahmad N. Alkuwari;Abdullatif Albaseer;Saif Al-Kuwari;Marwa Qaraqe

{"title":"基于深度强化学习的智能电网隐身攻击检测鲁棒ConvLSTM模型","authors":"Ahmad N. Alkuwari;Abdullatif Albaseer;Saif Al-Kuwari;Marwa Qaraqe","doi":"10.1109/OJIES.2025.3594618","DOIUrl":null,"url":null,"abstract":"The advent of modern electricity distribution systems, comprising digital communication technologies and principles, has triggered a new era of smart grids, in which advanced metering infrastructure plays a crucial role in functions, such as digital monitoring and billing. However, this advancement gave rise to vulnerabilities, mainly in the form of energy theft and adversarial attacks to falsify energy consumption data. In response, anomaly detection models have been tested and evaluated against machine-generated adversarial attacks, such as the fast gradient sign method (FGSM) and Carlini and Wagner (C&W). However, these types of attacks are mainly designed to prevent anomaly detection without considering a possible reduction in the reported energy consumption, thus overlooking the energy theft problem. Furthermore, the lack of generalization of adversarial attacks evaluated to other models remains a concern. In fact, conventional anomaly detection methods do not detect new adversarial attacks generated by artificial intelligence. Thus, this article introduces a state-of-the-art deep reinforcement learning (DRL) through a deep deterministic policy gradient, which produces novel adversarial samples that dramatically reduce reported energy consumption while evading the anomaly detection mechanism. The ConvLSTM uses the adversarial data to evaluate and enhance its resilience against such adversarial attacks. Experimental results show that conventional models experience substantial degradation in detecting such advanced attacks, achieving 17% accuracy under the evaluated adversarial attacks. In benchmarking, the proposed DRL framework against adversarial attacks generated through functions, such as FGSM and C&W. As a defensive strategy, the ConvLSTM trained with DRL-generated adversarial samples increases the model robustness against AI-driven threats in smart grids by improving its detection capabilities, achieving a 95.12% detection rate on adversarial samples. This work showcases adaptive anomaly detection methodologies and the implementation of AI-driven approaches to enhance cybersecurity in modern digital power systems.","PeriodicalId":52675,"journal":{"name":"IEEE Open Journal of the Industrial Electronics Society","volume":"6 ","pages":"1298-1311"},"PeriodicalIF":4.3000,"publicationDate":"2025-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11105704","citationCount":"0","resultStr":"{\"title\":\"Robust ConvLSTM Model With Deep Reinforcement Learning for Stealth Attack Detection in Smart Grids\",\"authors\":\"Ahmad N. Alkuwari;Abdullatif Albaseer;Saif Al-Kuwari;Marwa Qaraqe\",\"doi\":\"10.1109/OJIES.2025.3594618\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The advent of modern electricity distribution systems, comprising digital communication technologies and principles, has triggered a new era of smart grids, in which advanced metering infrastructure plays a crucial role in functions, such as digital monitoring and billing. However, this advancement gave rise to vulnerabilities, mainly in the form of energy theft and adversarial attacks to falsify energy consumption data. In response, anomaly detection models have been tested and evaluated against machine-generated adversarial attacks, such as the fast gradient sign method (FGSM) and Carlini and Wagner (C&W). However, these types of attacks are mainly designed to prevent anomaly detection without considering a possible reduction in the reported energy consumption, thus overlooking the energy theft problem. Furthermore, the lack of generalization of adversarial attacks evaluated to other models remains a concern. In fact, conventional anomaly detection methods do not detect new adversarial attacks generated by artificial intelligence. Thus, this article introduces a state-of-the-art deep reinforcement learning (DRL) through a deep deterministic policy gradient, which produces novel adversarial samples that dramatically reduce reported energy consumption while evading the anomaly detection mechanism. The ConvLSTM uses the adversarial data to evaluate and enhance its resilience against such adversarial attacks. Experimental results show that conventional models experience substantial degradation in detecting such advanced attacks, achieving 17% accuracy under the evaluated adversarial attacks. In benchmarking, the proposed DRL framework against adversarial attacks generated through functions, such as FGSM and C&W. As a defensive strategy, the ConvLSTM trained with DRL-generated adversarial samples increases the model robustness against AI-driven threats in smart grids by improving its detection capabilities, achieving a 95.12% detection rate on adversarial samples. This work showcases adaptive anomaly detection methodologies and the implementation of AI-driven approaches to enhance cybersecurity in modern digital power systems.\",\"PeriodicalId\":52675,\"journal\":{\"name\":\"IEEE Open Journal of the Industrial Electronics Society\",\"volume\":\"6 \",\"pages\":\"1298-1311\"},\"PeriodicalIF\":4.3000,\"publicationDate\":\"2025-07-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11105704\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Open Journal of the Industrial Electronics Society\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/11105704/\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, ELECTRICAL & ELECTRONIC\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of the Industrial Electronics Society","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/11105704/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

摘要

包含数字通信技术和原理的现代配电系统的出现，开启了智能电网的新时代，其中先进的计量基础设施在数字监控和计费等功能中发挥着至关重要的作用。然而，这一进步带来了漏洞，主要以能源盗窃和对抗性攻击的形式伪造能源消耗数据。作为回应，异常检测模型已经针对机器生成的对抗性攻击进行了测试和评估，例如快速梯度符号方法（FGSM）和Carlini and Wagner （C&W）。然而，这些类型的攻击主要是为了防止异常检测，而没有考虑可能减少报告的能源消耗，从而忽略了能源盗窃问题。此外，缺乏对其他模型进行评估的对抗性攻击的泛化仍然是一个问题。事实上，传统的异常检测方法并不能检测到人工智能产生的新的对抗性攻击。因此，本文通过深度确定性策略梯度引入了最先进的深度强化学习（DRL），该方法产生了新的对抗性样本，在避开异常检测机制的同时显着减少了报告的能量消耗。ConvLSTM使用对抗性数据来评估和增强其对这种对抗性攻击的弹性。实验结果表明，传统模型在检测这种高级攻击时出现了明显的下降，在评估的对抗性攻击下，准确率仅为17%。在基准测试中，提出了针对FGSM和C&W等功能产生的对抗性攻击的DRL框架。作为一种防御策略，使用drl生成的对抗样本训练的ConvLSTM通过提高其检测能力，提高了模型对智能电网中ai驱动威胁的鲁棒性，在对抗样本上实现了95.12%的检测率。这项工作展示了自适应异常检测方法和人工智能驱动方法的实施，以增强现代数字电力系统的网络安全。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Robust ConvLSTM Model With Deep Reinforcement Learning for Stealth Attack Detection in Smart Grids

The advent of modern electricity distribution systems, comprising digital communication technologies and principles, has triggered a new era of smart grids, in which advanced metering infrastructure plays a crucial role in functions, such as digital monitoring and billing. However, this advancement gave rise to vulnerabilities, mainly in the form of energy theft and adversarial attacks to falsify energy consumption data. In response, anomaly detection models have been tested and evaluated against machine-generated adversarial attacks, such as the fast gradient sign method (FGSM) and Carlini and Wagner (C&W). However, these types of attacks are mainly designed to prevent anomaly detection without considering a possible reduction in the reported energy consumption, thus overlooking the energy theft problem. Furthermore, the lack of generalization of adversarial attacks evaluated to other models remains a concern. In fact, conventional anomaly detection methods do not detect new adversarial attacks generated by artificial intelligence. Thus, this article introduces a state-of-the-art deep reinforcement learning (DRL) through a deep deterministic policy gradient, which produces novel adversarial samples that dramatically reduce reported energy consumption while evading the anomaly detection mechanism. The ConvLSTM uses the adversarial data to evaluate and enhance its resilience against such adversarial attacks. Experimental results show that conventional models experience substantial degradation in detecting such advanced attacks, achieving 17% accuracy under the evaluated adversarial attacks. In benchmarking, the proposed DRL framework against adversarial attacks generated through functions, such as FGSM and C&W. As a defensive strategy, the ConvLSTM trained with DRL-generated adversarial samples increases the model robustness against AI-driven threats in smart grids by improving its detection capabilities, achieving a 95.12% detection rate on adversarial samples. This work showcases adaptive anomaly detection methodologies and the implementation of AI-driven approaches to enhance cybersecurity in modern digital power systems.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Open Journal of the Industrial Electronics Society ENGINEERING, ELECTRICAL & ELECTRONIC-

CiteScore

10.80

自引率

2.40%

发文量

审稿时长

12 weeks

期刊介绍： The IEEE Open Journal of the Industrial Electronics Society is dedicated to advancing information-intensive, knowledge-based automation, and digitalization, aiming to enhance various industrial and infrastructural ecosystems including energy, mobility, health, and home/building infrastructure. Encompassing a range of techniques leveraging data and information acquisition, analysis, manipulation, and distribution, the journal strives to achieve greater flexibility, efficiency, effectiveness, reliability, and security within digitalized and networked environments. Our scope provides a platform for discourse and dissemination of the latest developments in numerous research and innovation areas. These include electrical components and systems, smart grids, industrial cyber-physical systems, motion control, robotics and mechatronics, sensors and actuators, factory and building communication and automation, industrial digitalization, flexible and reconfigurable manufacturing, assistant systems, industrial applications of artificial intelligence and data science, as well as the implementation of machine learning, artificial neural networks, and fuzzy logic. Additionally, we explore human factors in digitalized and networked ecosystems. Join us in exploring and shaping the future of industrial electronics and digitalization.