Statistical security incident forensics against data falsification in smart grid advanced metering infrastructure

Shameek Bhattacharjee, Aditya Thakur, Simone Silvestri, Sajal K. Das

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

25 Scopus citations

Abstract

Compromised smart meters reporting false power consump-Tion data in Advanced Metering Infrastructure (AMI) may have drastic consequences on a smart grid's operations. Most existing works only deal with electricity theft from customers. However, several other types of data falsification attacks are possible, when meters are compromised by organized rivals. In this paper, we first propose a taxonomy of possible data falsification strategies such as additive, deductive, camouflage and conflict, in AMI micro-grids. Then, we devise a statistical anomaly detection technique to identify the incidence of proposed attack types, by studying their impact on the observed data. Subsequently, a trust model based on Kullback-Leibler divergence is proposed to identify com- promised smart meters for additive and deductive attacks. The resultant detection rates and false alarms are minimized through a robust aggregate measure that is calculated based on the detected attack type and successfully discriminating legitimate changes from malicious ones. For conflict and camouflage attacks, a generalized linear model and Weibull function based kernel trick is used over the trust score to facilitate more accurate classification. Using real data sets collected from AMI, we investigate several trade-offs that occur between attacker's revenue and costs, as well as the margin of false data and fraction of compromised nodes. Experimental results show that our model has a high true positive detection rate, while the average false alarm rate is just 8%, for most practical attack strategies, without depending on the expensive hardware based monitoring.

Original languageEnglish
Title of host publicationCODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy
Pages35-45
Number of pages11
ISBN (Electronic)9781450345231
DOIs
StatePublished - Mar 22 2017
Event7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017 - Scottsdale, United States
Duration: Mar 22 2017Mar 24 2017

Publication series

NameCODASPY 2017 - Proceedings of the 7th ACM Conference on Data and Application Security and Privacy

Conference

Conference7th ACM Conference on Data and Application Security and Privacy, CODASPY 2017
Country/TerritoryUnited States
CityScottsdale
Period3/22/173/24/17

Bibliographical note

Publisher Copyright:
© 2017 ACM.

Funding

The work is partially supported by the NSF grants under award numbers CNS-1545037, CNS- 1545050 and DGE-1433659.

FundersFunder number
National Science Foundation (NSF)DGE-1433659, CNS- 1545050, CNS-1545037

    Keywords

    • Advanced metering infras-Tructure
    • Data falsification
    • Information theory
    • Relative entropy
    • Security incident forensics
    • Smart grid
    • Statistical anomaly detection
    • Su- pervised learning
    • Trust models

    ASJC Scopus subject areas

    • Computer Science Applications
    • Information Systems
    • Software

    Fingerprint

    Dive into the research topics of 'Statistical security incident forensics against data falsification in smart grid advanced metering infrastructure'. Together they form a unique fingerprint.

    Cite this