Attack Context Embedded Data Driven Trust Diagnostics in Smart Metering Infrastructure

Shameek Bhattacharjee, Venkata Praveen Kumar Madhavarapu, Simone Silvestri, Sajal K. Das

Research output: Contribution to journalArticlepeer-review

9 Scopus citations

Abstract

Spurious power consumption data reported from compromised meters controlled by organized adversaries in the Advanced Metering Infrastructure (AMI) may have drastic consequences on a smart grid's operations. While existing research on data falsification in smart grids mostly defends against isolated electricity theft, we introduce a taxonomy of various data falsification attack types, when smart meters are compromised by organized or strategic rivals. To counter these attacks, we first propose a coarse-grained and a fine-grained anomaly-based security event detection technique that uses indicators such as deviation and directional change in the time series of the proposed anomaly detection metrics to indicate: (i) occurrence, (ii) type of attack, and (iii) attack strategy used, collectively known asattack context. Leveraging the attack context information, we propose three attack response metrics to the inferred attack context: (a) an unbiased mean indicating a robust location parameter; (b) a median absolute deviation indicating a robust scale parameter; and (c) an attack probability time ratio metric indicating the active time horizon of attacks. Subsequently, we propose a trust scoring model based on Kullback-Leibler (KL) divergence, that embeds the appropriate unbiased mean, the median absolute deviation, and the attack probability ratio metric at runtime to produce trust scores for each smart meter. These trust scores help classify compromised smart meters from the non-compromised ones. The embedding of the attack context, into the trust scoring model, facilitates accurate and rapid classification of compromised meters, even under large fractions of compromised meters, generalize across various attack strategies and margins of false data. Using real datasets collected from two different AMIs, experimental results show that our proposed framework has a high true positive detection rate, while the average false alarm and missed detection rates are much lesser than 10% for most attack combinations for two different real AMI micro-grid datasets. Finally, we also establish fundamental theoretical limits of the proposed method, which will help assess the applicability of our method to other domains.

Original languageEnglish
Article number9
JournalACM Transactions on Privacy and Security
Volume24
Issue number2
StatePublished - Feb 2021

Bibliographical note

Publisher Copyright:
© 2021 ACM.

Keywords

  • Advanced metering infrastructure
  • anomaly detection
  • artificial-intelligence-based security
  • data falsification attacks
  • data integrity
  • smart metering
  • smart-grid security
  • trust

ASJC Scopus subject areas

  • General Computer Science
  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Attack Context Embedded Data Driven Trust Diagnostics in Smart Metering Infrastructure'. Together they form a unique fingerprint.

Cite this