Novel cyber-physical collaborative detection and localization method against dynamic load altering attacks in smart energy grids

Owing to the integration of energy digitization and artificial intelligence technology,smart energy grids can realize the stable,efficient and clean operation of power systems.However,the emergence of cyber-physical attacks,such as dynamic load-altering attacks(DLAAs)has introduced great challenges to the security of smart energy grids.Thus,this study developed a novel cyber-physical collaborative security framework for DLAAs in smart energy grids.The proposed framework integrates attack prediction in the cyber layer with the detection and localization of attacks in the physical layer.First,a data-driven method was proposed to predict the DLAA sequence in the cyber layer.By designing a double radial basis function network,the influence of disturbances on attack prediction can be eliminated.Based on the prediction results,an unknown input observer-based detection and localization method was further developed for the physical layer.In addition,an adaptive threshold was designed to replace the traditional precomputed threshold and improve the detection performance of the DLAAs.Consequently,through the collaborative work of the cyber-physics layer,injected DLAAs were effectively detected and located.Compared with existing methodologies,the simulation results on IEEE 14-bus and 118-bus power systems verified the superiority of the proposed cyber-physical collaborative detection and localization against DLAAs.

Stochastic Models to Mitigate Sparse Sensor Attacks in Continuous-Time Non-Linear Cyber-Physical Systems

Cyber-Physical Systems are very vulnerable to sparse sensor attacks.But current protection mechanisms employ linear and deterministic models which cannot detect attacks precisely.Therefore,in this paper,we propose a new non-linear generalized model to describe Cyber-Physical Systems.This model includes unknown multivariable discrete and continuous-time functions and different multiplicative noises to represent the evolution of physical processes and randomeffects in the physical and computationalworlds.Besides,the digitalization stage in hardware devices is represented too.Attackers and most critical sparse sensor attacks are described through a stochastic process.The reconstruction and protectionmechanisms are based on aweighted stochasticmodel.Error probability in data samples is estimated through different indicators commonly employed in non-linear dynamics(such as the Fourier transform,first-return maps,or the probability density function).A decision algorithm calculates the final reconstructed value considering the previous error probability.An experimental validation based on simulation tools and real deployments is also carried out.Both,the new technology performance and scalability are studied.Results prove that the proposed solution protects Cyber-Physical Systems against up to 92%of attacks and perturbations,with a computational delay below 2.5 s.The proposed model shows a linear complexity,as recursive or iterative structures are not employed,just algebraic and probabilistic functions.In conclusion,the new model and reconstructionmechanism can protect successfully Cyber-Physical Systems against sparse sensor attacks,even in dense or pervasive deployments and scenarios.

Analysis of cascading failures of power cyber-physical systems considering false data injection attacks

This study considers the performance impacts of false data injection attacks on the cascading failures of a power cyber-physical system,and identifies vulnerable nodes.First,considering the monitoring and control functions of a cyber network and power flow characteristics of a power network,a power cyber-physical system model is established.Then,the influences of a false data attack on the decision-making and control processes of the cyber network communication processes are studied,and a cascading failure analysis process is proposed for the cyber-attack environment.In addition,a vulnerability evaluation index is defined from two perspectives,i.e.,the topology integrity and power network operation characteristics.Moreover,the effectiveness of a power flow betweenness assessment for vulnerable nodes in the cyberphysical environment is verified based on comparing the node power flow betweenness and vulnerability assessment index.Finally,an IEEE14-bus power network is selected for constructing a power cyber-physical system.Simulations show that both the uplink communication channel and downlink communication channel suffer from false data attacks,which affect the ability of the cyber network to suppress the propagation of cascading failures,and expand the scale of the cascading failures.The vulnerability evaluation index is calculated for each node,so as to verify the effectiveness of identifying vulnerable nodes based on the power flow betweenness.

Passivity-Based Robust Control Against Quantified False Data Injection Attacks in Cyber-Physical Systems

Secure control against cyber attacks becomes increasingly significant in cyber-physical systems(CPSs).False data injection attacks are a class of cyber attacks that aim to compromise CPS functions by injecting false data such as sensor measurements and control signals.For quantified false data injection attacks,this paper establishes an effective defense framework from the energy conversion perspective.Then,we design an energy controller to dynamically adjust the system energy changes caused by unknown attacks.The designed energy controller stabilizes the attacked CPSs and ensures the dynamic performance of the system by adjusting the amount of damping injection.Moreover,with the disturbance attenuation technique,the burden of control system design is simplified because there is no need to design an attack observer.In addition,this secure control method is simple to implement because it avoids complicated mathematical operations.The effectiveness of our control method is demonstrated through an industrial CPS that controls a permanent magnet synchronous motor.

Decentralized Resilient H_∞Load Frequency Control for Cyber-Physical Power Systems Under DoS Attacks

This paper designs a decentralized resilient H_(∞)load frequency control(LFC)scheme for multi-area cyber-physical power systems(CPPSs).Under the network-based control framework,the sampled measurements are transmitted through the communication networks,which may be attacked by energylimited denial-of-service(DoS)attacks with a characterization of the maximum count of continuous data losses(resilience index).Each area is controlled in a decentralized mode,and the impacts on one area from other areas via their interconnections are regarded as the additional load disturbance of this area.Then,the closed-loop LFC system of each area under DoS attacks is modeled as an aperiodic sampled-data control system with external disturbances.Under this modeling,a decentralized resilient H_(∞)scheme is presented to design the state-feedback controllers with guaranteed H∞performance and resilience index based on a novel transmission interval-dependent loop functional method.When given the controllers,the proposed scheme can obtain a less conservative H_(∞)performance and resilience index that the LFC system can tolerate.The effectiveness of the proposed LFC scheme is evaluated on a one-area CPPS and two three-area CPPSs under DoS attacks.

Variance-Constrained Filtering Fusion for Nonlinear Cyber-Physical Systems With the Denial-of-Service Attacks and Stochastic Communication Protocol

In this paper,a new filtering fusion problem is studied for nonlinear cyber-physical systems under errorvariance constraints and denial-of-service attacks.To prevent data collision and reduce communication cost,the stochastic communication protocol is adopted in the sensor-to-filter channels to regulate the transmission order of sensors.Each sensor is allowed to enter the network according to the transmission priority decided by a set of independent and identicallydistributed random variables.From the defenders’view,the occurrence of the denial-of-service attack is governed by the randomly Bernoulli-distributed sequence.At the local filtering stage,a set of variance-constrained local filters are designed where the upper bounds(on the filtering error covariances)are first acquired and later minimized by appropriately designing filter parameters.At the fusion stage,all local estimates and error covariances are combined to develop a variance-constrained fusion estimator under the federated fusion rule.Furthermore,the performance of the fusion estimator is examined by studying the boundedness of the fused error covariance.A simulation example is finally presented to demonstrate the effectiveness of the proposed fusion estimator.

Residual-Based False Data Injection Attacks Against Multi-Sensor Estimation Systems

This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.

Game-theoretical Model for Dynamic Defense Resource Allocation in Cyber-physical Power Systems Under Distributed Denial of Service Attacks

Electric power grids are evolving into complex cyber-physical power systems(CPPSs)that integrate advanced information and communication technologies(ICTs)but face increasing cyberspace threats and attacks.This study considers CPPS cyberspace security under distributed denial of service(DDoS)attacks and proposes a nonzero-sum game-theoretical model with incomplete information for appropriate allocation of defense resources based on the availability of limited resources.Task time delay is applied to quantify the expected utility as CPPSs have high time requirements and incur massive damage DDoS attacks.Different resource allocation strategies are adopted by attackers and defenders under the three cases of attack-free,failed attack,and successful attack,which lead to a corresponding consumption of resources.A multidimensional node value analysis is designed to introduce physical and cybersecurity indices.Simulation experiments and numerical results demonstrate the effectiveness of the proposed model for the appropriate allocation of defense resources in CPPSs under limited resource availability.

Adaptive security control of time-varying constraints nonlinear cyber-physical systems with false data injection attacks

In this article,an adaptive security control scheme is presented for cyber-physical systems(CPSs)suffering from false data injection(FDI)attacks and time-varying state constraints.Firstly,an adaptive bound estimation mechanism is introduced in the backstepping control design to mitigate the effect of FDI attacks.Secondly,to solve the unknown sign time-varying statefeedback gains aroused by the FDI attacks,a type of Nussbaum function is employed in the adaptive security control.Then,by constructing a barrier Lyapunov function,it can be ensured that all signals of controlled system are bounded and the time-varying state constraints are not transgressed.Finally,the provided simulation examples demonstrate the effectiveness of the proposed controller.

Robust Wavelet-Based Facial Image Watermarking Against Geometric Attacks Using Coordinate System Recovery

A coordinate system of the original image is established using a facial feature point localization technique. After the original image transformed into a new image with the standard coordinate system, a redundant watermark is adaptively embedded in the discrete wavelet transform（DWT） domain based on the statistical characteristics of the wavelet coefficient block. The coordinate system of watermarked image is reestablished as a calibration system. Regardless of the host image rotated, scaled, or translated（RST）, all the geometric attacks are eliminated while the watermarked image is transformed into the standard coordinate system. The proposed watermark detection is a blind detection. Experimental results demonstrate the proposed scheme is robust against common and geometric image processing attacks, particularly its robustness against joint geometric attacks.

Coordinated Bayesian optimal approach for the integrated decision between electronic countermeasure and firepower attack

The coordinated Bayesian optimization algorithm（CBOA） is proposed according to the characteristics of the function independence,conformity and supplementary between the electronic countermeasure（ECM） and the firepower attack systems.The selection criteria are combinations of probabilities of individual fitness and coordinated degree and can select choiceness individual to construct Bayesian network that manifest population evolution by producing the new chromosome.Thus the CBOA cannot only guarantee the effective pattern coordinated decision-making mechanism between the populations,but also maintain the population multiplicity,and enhance the algorithm performance.The simulation result confirms the algorithm validity.

Research on Coordinated Antisumarine Attack Effeciency of Two Helicopters Under Countermeasures

The organization of coordinated attack and the selection of aiming point which affect hit probability were analyzed for the countermeasures taken by the hostile submarines at two helicopters' coordinated attack.A computational model of coordinated attack parameters,a model of submarine maneuver,and a model of noise jammer were established.Compared to single helicopter' torpedo attack,the coordinated attack of two helicopters can effectively increase the hit probability of torpedo and achieve the higher target detecting probability under counterwork condition.

Kinematic Control of Serial Manipulators Under False Data Injection Attack

With advanced communication technologies,cyberphysical systems such as networked industrial control systems can be monitored and controlled by a remote control center via communication networks.While lots of benefits can be achieved with such a configuration,it also brings the concern of cyber attacks to the industrial control systems,such as networked manipulators that are widely adopted in industrial automation.For such systems,a false data injection attack on a control-center-to-manipulator(CC-M)communication channel is undesirable,and has negative effects on the manufacture quality.In this paper,we propose a resilient remote kinematic control method for serial manipulators undergoing a false data injection attack by leveraging the kinematic model.Theoretical analysis shows that the proposed method can guarantee asymptotic convergence of the regulation error to zero in the presence of a type of false data injection attack.The efficacy of the proposed method is validated via simulations.

A Privacy-preserving Algorithm for AC Microgrid Cyber-physical System Against False Data Injection Attacks

A new privacy-preserving algorithm based on the Paillier cryptosystem including a new cooperative control strategy is proposed in this paper, which can resist the false data injection(FDI) attack based on the finite-time control theory and the data encryption strategy. Compared with the existing algorithms, the proposed privacy-preserving algorithm avoids the direct transmission of the ciphertext of frequency data in communication links while avoiding complex iterations and communications. It builds a secure data transmission environment that can ensure data security in the AC microgrid cyber-physical system(CPS). This algorithm provides effective protection for AC microgrid CPS in different cases of FDI attacks. At the same time, it can completely eliminate the adverse effects caused by the FDI attack. Finally, the effectiveness, security, and advantages of this algorithm are verified in the improved IEEE 34-node test microgrid system with six distributed generators(DGs) in different cases of FDI attacks.

DEEPNOISE:Learning Sensor and Process Noise to Detect Data Integrity Attacks in CPS

Cyber-physical systems(CPS)have been widely deployed in critical infrastructures and are vulnerable to various attacks.Data integrity attacks manipulate sensor measurements and cause control systems to fail,which are one of the prominent threats to CPS.Anomaly detection methods are proposed to secure CPS.However,existing anomaly detection studies usually require expert knowledge(e.g.,system model-based)or are lack of interpretability(e.g.,deep learning-based).In this paper,we present DEEPNOISE,a deep learning-based anomaly detection method for CPS with interpretability.Specifically,we utilize the sensor and process noise to detect data integrity attacks.Such noise represents the intrinsic characteristics of physical devices and the production process in CPS.One key enabler is that we use a robust deep autoencoder to automatically extract the noise from measurement data.Further,an LSTM-based detector is designed to inspect the obtained noise and detect anomalies.Data integrity attacks change noise patterns and thus are identified as the root cause of anomalies by DEEPNOISE.Evaluated on the SWaT testbed,DEEPNOISE achieves higher accuracy and recall compared with state-of-the-art model-based and deep learningbased methods.On average,when detecting direct attacks,the precision is 95.47%,the recall is 96.58%,and F_(1) is 95.98%.When detecting stealthy attacks,precision,recall,and F_(1) scores are between 96% and 99.5%.

Security and Privacy Challenges in Cyber-Physical Systems

Cyber-Physical Systems, or Smart-Embedded Systems, are co-engineered for the integration of physical, computational and networking resources. These resources are used to develop an efficient base for enhancing the quality of services in all areas of life and achieving a classier lifestyle in terms of a required service’s functionality and timing. Cyber-Physical Systems (CPSs) complement the need to have smart products (e.g., homes, hospitals, airports, cities). In other words, regulate the three kinds of resources available: physical, computational, and networking. This regulation supports communication and interaction between the human word and digital word to find the required intelligence in all scopes of life, including Telecommunication, Power Generation and Distribution, and Manufacturing. Data Security is among the most important issues to be considered in recent technologies. Because Cyber-Physical Systems consist of interacting complex components and middle-ware, they face real challenges in being secure against cyber-attacks while functioning efficiently and without affecting or degrading their performance. This study gives a detailed description of CPSs, their challenges (including cyber-security attacks), characteristics, and related technologies. We also focus on the tradeoff between security and performance in CPS, and we present the most common Side Channel Attacks on the implementations of cryptographic algorithms (symmetric: AES and asymmetric: RSA) with the countermeasures against these attacks.

A Cyber-Attack Detection System Using Late Fusion Aggregation Enabled Cyber-Net

Today,securing devices connected to the internet is challenging as security threats are generated through various sources.The protection of cyber-physical systems from external attacks is a primary task.The presented method is planned on the prime motive of detecting cybersecurity attacks and their impacted parameters.The proposed architecture employs the LYSIS dataset and formulates Multi Variant Exploratory Data Analysis(MEDA)through Principle Component Analysis(PCA)and Singular Value Decompo-sition(SVD)for the extraction of unique parameters.The feature mappings are analyzed with Recurrent 2 Convolutional Neural Network(R2CNN)and Gradient Boost Regression(GBR)to identify the maximum correlation.Novel Late Fusion Aggregation enabled with Cyber-Net(LFAEC)is the robust derived algorithm.The quantitative analysis uses predicted threat points with actual threat variables from which mean and difference vectors areevaluated.The performance of the presented system is assessed against the parameters such as Accuracy,Precision,Recall,and F1 Score.The proposed method outperformed by 98% to 100% in all quality measures compared to existing methods.

无人机集群对地攻击时空协同控制策略

针对三维战场环境下无人机集群协同对地打击问题,提出了一种基于预设时间收敛的无人机集群时空协同控制方法.首先,对无人机集群对地攻击任务场景及其相关要素进行了分析,并建立了无人机集群、地面运动目标和攻击问题模型.在问题建模的基础上,考虑无人机集群的时空协同策略,设计三维空间无人机集群对地攻击的时空协同控制律.所提出的时空协同控制律能够控制无人机集群在指定的时间内到达期望的攻击位置,实现对地面运动目标的时空协同攻击.通过基于李雅普诺夫函数的理论分析,证明了所提出的控制律能够在预设时间条件下使攻击位置误差变量渐进稳定.仿真结果表明,在地面运动目标转弯运动的情况下,所提出的协同控制律能够实现无人机集群的时空协同,在指定的时间内完成对地面运动目标的多角度协同攻击.

Secure state estimation for cyber-physical systems with unknown input sliding mode observer

In recent years, cyber attacks have posed great challenges to the development of cyber-physical systems. It is of great significance to study secure state estimation methods to ensure the safe and stable operation of the system. This paper proposes a secure state estimation for multi-input and multi-output continuous-time linear cyber-physical systems with sparse actuator and sensor attacks. First, for sparse sensor attacks, we propose an adaptive switching mechanism to mitigate the impact of sparse sensor attacks by filtering out their attack modes. Second, an unknown input sliding mode observer is designed to not only observe the system states, sensor attack signals, and measurement noise present in the system but also counteract the effects of sparse actuator attacks through an unknown input matrix. Finally, for the design of an unknown input sliding mode state observer, the feasibility of the observing system is demonstrated by means of Lyapunov functions. Additionally, simulation experiments are conducted to show the effectiveness of this method.

A Review on Cybersecurity Analysis,Attack Detection,and Attack Defense Methods in Cyber-physical Power Systems

Potential malicious cyber-attacks to power systems which are connected to a wide range of stakeholders from the top to tail will impose significant societal risks and challenges.The timely detection and defense are of crucial importance for safe and reliable operation of cyber-physical power systems(CPPSs).This paper presents a comprehensive review of some of the latest attack detection and defense strategies.Firstly,the vulnerabilities brought by some new information and communication technologies(ICTs)are analyzed,and their impacts on the security of CPPSs are discussed.Various malicious cyber-attacks on cyber and physical layers are then analyzed within CPPSs framework,and their features and negative impacts are discussed.Secondly,two current mainstream attack detection methods including state estimation based and machine learning based methods are analyzed,and their benefits and drawbacks are discussed.Moreover,two current mainstream attack defense methods including active defense and passive defense methods are comprehensively discussed.Finally,the trends and challenges in attack detection and defense strategies in CPPSs are provided.