Detecting Time Synchronization Attacks in Cyber-Physical Systems with Machine Learning Techniques

Recently, researchers found a new type of attacks, called time synchronization attack (TS attack), in cyber-physical systems. Instead of modifying the measurements from the system, this attack only changes the time stamps of the measurements. Studies show that these attacks are realistic and practical. However, existing detection techniques, e.g. bad data detection (BDD) and machine learning methods, may not be able to catch these attacks. In this paper, we develop a "first difference aware" machine learning (FDML) classifier to detect this attack. The key concept behind our classifier is to use the feature of "first difference", borrowed from economics and statistics. Simulations on IEEE 14-bus system with real data from NYISO have shown that our FDML classifier can effectively detect both TS attacks and other cyber attacks.

[1]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[2]  Husheng Li,et al.  Time Synchronization Attack in Smart Grid: Impact and Analysis , 2013, IEEE Transactions on Smart Grid.

[3]  Mark Goadrich,et al.  The relationship between Precision-Recall and ROC curves , 2006, ICML.

[4]  Mourad Debbabi,et al.  Security Assessment of Time Synchronization Mechanisms for the Smart Grid , 2016, IEEE Communications Surveys & Tutorials.

[5]  Lck Hui,et al.  System-state-free false data injection attack for nonlinear state estimation in smart grid , 2015 .

[6]  Husheng Li,et al.  Combating time synchronization attack: A cross layer defense mechanism , 2013, 2013 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[7]  H. Vincent Poor,et al.  Machine Learning Methods for Attack Detection in the Smart Grid , 2015, IEEE Transactions on Neural Networks and Learning Systems.

[8]  Siu-Ming Yiu,et al.  A Survey on the Cyber Attacks Against Non-linear State Estimation in Smart Grids , 2016, ACISP.

[9]  Bo Tang,et al.  Detection of false data attacks in smart grid with supervised learning , 2016, 2016 International Joint Conference on Neural Networks (IJCNN).

[10]  A. G. Expósito,et al.  Power system state estimation : theory and implementation , 2004 .

[11]  Daniel T. Larose,et al.  Discovering Knowledge in Data: An Introduction to Data Mining , 2005 .

[12]  Siu-Ming Yiu,et al.  Data Framing Attacks against Nonlinear State Estimation in Smart Grid , 2015, 2015 IEEE Globecom Workshops (GC Wkshps).

[13]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[14]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[15]  Mehul Motani,et al.  Detecting False Data Injection Attacks in AC State Estimation , 2015, IEEE Transactions on Smart Grid.

[16]  Todd E. Humphreys,et al.  Attackers can spoof navigation signals without our knowledge. Here's how to fight back GPS lies , 2016, IEEE Spectrum.

[17]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).