Cost-Benefit Analysis of Moving-Target Defense in Power Grids

We study moving-target defense (MTD) that actively perturbs transmission line reactances to thwart stealthy false data injection (FDI) attacks against state estimation in a power grid. Prior work on this topic has proposed MTD based on randomly selected reactance perturbations, but these perturbations cannot guarantee effective attack detection. To address the issue, we present formal design criteria to select MTD reactance perturbations that are truly effective. However, based on a key optimal power flow (OPF) formulation, we find that the effective MTD may incur a non-trivial operational cost that has not hitherto received attention. Accordingly, we characterize important tradeoffs between the MTD's detection capability and its associated required cost. Extensive simulations, using the MATPOWER simulator and benchmark IEEE bus systems, verify and illustrate the proposed design approach that for the first time addresses both key aspects of cost and effectiveness of the MTD.

[1]  Lang Tong,et al.  Subspace Methods for Data Attack on State Estimation: A Data Driven Approach , 2014, IEEE Transactions on Signal Processing.

[2]  Henrik Sandberg,et al.  Stealth Attacks and Protection Schemes for State Estimators in Power Systems , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[3]  Katherine R. Davis,et al.  Power flow cyber attacks and perturbation-based defense , 2012, 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm).

[4]  H. Vincent Poor,et al.  Blind topology identification for power systems , 2013, 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[5]  Evangelos P. Markatos,et al.  Defending against hitlist worms using network address space randomization , 2005, WORM '05.

[6]  Klara Nahrstedt,et al.  Detecting False Data Injection Attacks on DC State Estimation , 2010 .

[7]  Karl Henrik Johansson,et al.  Cyber security analysis of state estimators in electric power systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[8]  Gene H. Golub,et al.  Numerical methods for computing angles between linear subspaces , 1971, Milestones in Matrix Computation.

[9]  R. Muirhead Aspects of Multivariate Statistical Theory , 1982, Wiley Series in Probability and Statistics.

[10]  Ehab Al-Shaer,et al.  Moving Target Defense for Hardening the Security of the Power System State Estimation , 2014, MTD '14.

[11]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[12]  R D Zimmerman,et al.  MATPOWER: Steady-State Operations, Planning, and Analysis Tools for Power Systems Research and Education , 2011, IEEE Transactions on Power Systems.

[13]  H. Vincent Poor,et al.  Strategic Protection Against Data Injection Attacks on Power Grids , 2011, IEEE Transactions on Smart Grid.

[14]  D. Divan,et al.  Distributed FACTS—A New Concept for Realizing Grid Power Flow Control , 2005, IEEE Transactions on Power Electronics.

[15]  Zuyi Li,et al.  Modeling Load Redistribution Attacks in Power Systems , 2011, IEEE Transactions on Smart Grid.

[16]  Zuyi Li,et al.  Quantitative Analysis of Load Redistribution Attacks in Power Systems , 2012, IEEE Transactions on Parallel and Distributed Systems.

[17]  David K. Y. Yau,et al.  Optimal False Data Injection Attack against Automatic Generation Control in Power Grids , 2016, 2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS).

[18]  Thomas J. Overbye,et al.  Topology Perturbation for Detecting Malicious Data Injection , 2012, 2012 45th Hawaii International Conference on System Sciences.

[19]  Bruno Sinopoli,et al.  Integrity Data Attacks in Power Market Operations , 2011, IEEE Transactions on Smart Grid.

[20]  Lang Tong,et al.  Malicious Data Attacks on the Smart Grid , 2011, IEEE Transactions on Smart Grid.

[21]  Dijiang Huang,et al.  Moving Target Defense , 2018, Software-Defined Networking and Security.

[22]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[23]  Zhu Han,et al.  Detecting False Data Injection Attacks on Power Grid by Sparse Optimization , 2014, IEEE Transactions on Smart Grid.

[24]  Carl D. Meyer,et al.  Matrix Analysis and Applied Linear Algebra , 2000 .

[25]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[26]  T.J. Overbye,et al.  Some applications of Distributed Flexible AC Transmission System (D-FACTS) devices in power systems , 2008, 2008 40th North American Power Symposium.