-
FedDiSC: A Computation-efficient Federated Learning Framework for Power Systems Disturbance and Cyber Attack Discrimination
Authors:
Muhammad Akbar Husnoo,
Adnan Anwar,
Haftu Tasew Reda,
Nasser Hosseinzadeh,
Shama Naz Islam,
Abdun Naser Mahmood,
Robin Doss
Abstract:
With the growing concern about the security and privacy of smart grid systems, cyberattacks on critical power grid components, such as state estimation, have proven to be one of the top-priority cyber-related issues and have received significant attention in recent years. However, cyberattack detection in smart grids now faces new challenges, including privacy preservation and decentralized power…
▽ More
With the growing concern about the security and privacy of smart grid systems, cyberattacks on critical power grid components, such as state estimation, have proven to be one of the top-priority cyber-related issues and have received significant attention in recent years. However, cyberattack detection in smart grids now faces new challenges, including privacy preservation and decentralized power zones with strategic data owners. To address these technical bottlenecks, this paper proposes a novel Federated Learning-based privacy-preserving and communication-efficient attack detection framework, known as FedDiSC, that enables Discrimination between power System disturbances and Cyberattacks. Specifically, we first propose a Federated Learning approach to enable Supervisory Control and Data Acquisition subsystems of decentralized power grid zones to collaboratively train an attack detection model without sharing sensitive power related data. Secondly, we put forward a representation learning-based Deep Auto-Encoder network to accurately detect power system and cybersecurity anomalies. Lastly, to adapt our proposed framework to the timeliness of real-world cyberattack detection in SGs, we leverage the use of a gradient privacy-preserving quantization scheme known as DP-SIGNSGD to improve its communication efficiency. Extensive simulations of the proposed framework on publicly available Industrial Control Systems datasets demonstrate that the proposed framework can achieve superior detection accuracy while preserving the privacy of sensitive power grid related information. Furthermore, we find that the gradient quantization scheme utilized improves communication efficiency by 40% when compared to a traditional federated learning approach without gradient quantization which suggests suitability in a real-world scenario.
△ Less
Submitted 7 April, 2023;
originally announced April 2023.
-
FeDiSa: A Semi-asynchronous Federated Learning Framework for Power System Fault and Cyberattack Discrimination
Authors:
Muhammad Akbar Husnoo,
Adnan Anwar,
Haftu Tasew Reda,
Nasser Hosseizadeh,
Shama Naz Islam,
Abdun Naser Mahmood,
Robin Doss
Abstract:
With growing security and privacy concerns in the Smart Grid domain, intrusion detection on critical energy infrastructure has become a high priority in recent years. To remedy the challenges of privacy preservation and decentralized power zones with strategic data owners, Federated Learning (FL) has contemporarily surfaced as a viable privacy-preserving alternative which enables collaborative tra…
▽ More
With growing security and privacy concerns in the Smart Grid domain, intrusion detection on critical energy infrastructure has become a high priority in recent years. To remedy the challenges of privacy preservation and decentralized power zones with strategic data owners, Federated Learning (FL) has contemporarily surfaced as a viable privacy-preserving alternative which enables collaborative training of attack detection models without requiring the sharing of raw data. To address some of the technical challenges associated with conventional synchronous FL, this paper proposes FeDiSa, a novel Semi-asynchronous Federated learning framework for power system faults and cyberattack Discrimination which takes into account communication latency and stragglers. Specifically, we propose a collaborative training of deep auto-encoder by Supervisory Control and Data Acquisition sub-systems which upload their local model updates to a control centre, which then perform a semi-asynchronous model aggregation for a new global model parameters based on a buffer system and a preset cut-off time. Experiments on the proposed framework using publicly available industrial control systems datasets reveal superior attack detection accuracy whilst preserving data confidentiality and minimizing the adverse effects of communication latency and stragglers. Furthermore, we see a 35% improvement in training time, thus validating the robustness of our proposed method.
△ Less
Submitted 28 March, 2023;
originally announced March 2023.
-
A Secure Federated Learning Framework for Residential Short Term Load Forecasting
Authors:
Muhammad Akbar Husnoo,
Adnan Anwar,
Nasser Hosseinzadeh,
Shama Naz Islam,
Abdun Naser Mahmood,
Robin Doss
Abstract:
Smart meter measurements, though critical for accurate demand forecasting, face several drawbacks including consumers' privacy, data breach issues, to name a few. Recent literature has explored Federated Learning (FL) as a promising privacy-preserving machine learning alternative which enables collaborative learning of a model without exposing private raw data for short term load forecasting. Desp…
▽ More
Smart meter measurements, though critical for accurate demand forecasting, face several drawbacks including consumers' privacy, data breach issues, to name a few. Recent literature has explored Federated Learning (FL) as a promising privacy-preserving machine learning alternative which enables collaborative learning of a model without exposing private raw data for short term load forecasting. Despite its virtue, standard FL is still vulnerable to an intractable cyber threat known as Byzantine attack carried out by faulty and/or malicious clients. Therefore, to improve the robustness of federated short-term load forecasting against Byzantine threats, we develop a state-of-the-art differentially private secured FL-based framework that ensures the privacy of the individual smart meter's data while protect the security of FL models and architecture. Our proposed framework leverages the idea of gradient quantization through the Sign Stochastic Gradient Descent (SignSGD) algorithm, where the clients only transmit the `sign' of the gradient to the control centre after local model training. As we highlight through our experiments involving benchmark neural networks with a set of Byzantine attack models, our proposed approach mitigates such threats quite effectively and thus outperforms conventional Fed-SGD models.
△ Less
Submitted 28 March, 2023; v1 submitted 29 September, 2022;
originally announced September 2022.
-
Deep Learning Models for Detecting Malware Attacks
Authors:
Pascal Maniriho,
Abdun Naser Mahmood,
Mohammad Jabed Morshed Chowdhury
Abstract:
Malware is one of the most common and severe cyber-attack today. Malware infects millions of devices and can perform several malicious activities including mining sensitive data, encrypting data, crippling system performance, and many more. Hence, malware detection is crucial to protect our computers and mobile devices from malware attacks. Deep learning (DL) is one of the emerging and promising t…
▽ More
Malware is one of the most common and severe cyber-attack today. Malware infects millions of devices and can perform several malicious activities including mining sensitive data, encrypting data, crippling system performance, and many more. Hence, malware detection is crucial to protect our computers and mobile devices from malware attacks. Deep learning (DL) is one of the emerging and promising technologies for detecting malware. The recent high production of malware variants against desktop and mobile platforms makes DL algorithms powerful approaches for building scalable and advanced malware detection models as they can handle big datasets. This work explores current deep learning technologies for detecting malware attacks on the Windows, Linux, and Android platforms. Specifically, we present different categories of DL algorithms, network optimizers, and regularization methods. Different loss functions, activation functions, and frameworks for implementing DL models are presented. We also present feature extraction approaches and a review of recent DL-based models for detecting malware attacks on the above platforms. Furthermore, this work presents major research issues on malware detection including future directions to further advance knowledge and research in this field.
△ Less
Submitted 29 January, 2024; v1 submitted 8 September, 2022;
originally announced September 2022.
-
MalDetConv: Automated Behaviour-based Malware Detection Framework Based on Natural Language Processing and Deep Learning Techniques
Authors:
Pascal Maniriho,
Abdun Naser Mahmood,
Mohammad Jabed Morshed Chowdhury
Abstract:
The popularity of Windows attracts the attention of hackers/cyber-attackers, making Windows devices the primary target of malware attacks in recent years. Several sophisticated malware variants and anti-detection methods have been significantly enhanced and as a result, traditional malware detection techniques have become less effective. This work presents MalBehavD-V1, a new behavioural dataset o…
▽ More
The popularity of Windows attracts the attention of hackers/cyber-attackers, making Windows devices the primary target of malware attacks in recent years. Several sophisticated malware variants and anti-detection methods have been significantly enhanced and as a result, traditional malware detection techniques have become less effective. This work presents MalBehavD-V1, a new behavioural dataset of Windows Application Programming Interface (API) calls extracted from benign and malware executable files using the dynamic analysis approach. In addition, we present MalDetConV, a new automated behaviour-based framework for detecting both existing and zero-day malware attacks. MalDetConv uses a text processing-based encoder to transform features of API calls into a suitable format supported by deep learning models. It then uses a hybrid of convolutional neural network (CNN) and bidirectional gated recurrent unit (CNN-BiGRU) automatic feature extractor to select high-level features of the API Calls which are then fed to a fully connected neural network module for malware classification. MalDetConv also uses an explainable component that reveals features that contributed to the final classification outcome, hel** the decision-making process for security analysts. The performance of the proposed framework is evaluated using our MalBehavD-V1 dataset and other benchmark datasets. The detection results demonstrate the effectiveness of MalDetConv over the state-of-the-art techniques with detection accuracy of 96.10%, 95.73%, 98.18%, and 99.93% achieved while detecting unseen malware from MalBehavD-V1, Allan and John, Brazilian, and Ki-D datasets, respectively. The experimental results show that MalDetConv is highly accurate in detecting both known and zero-day malware attacks on Windows devices.
△ Less
Submitted 7 September, 2022;
originally announced September 2022.
-
FedREP: Towards Horizontal Federated Load Forecasting for Retail Energy Providers
Authors:
Muhammad Akbar Husnoo,
Adnan Anwar,
Nasser Hosseinzadeh,
Shama Naz Islam,
Abdun Naser Mahmood,
Robin Doss
Abstract:
As Smart Meters are collecting and transmitting household energy consumption data to Retail Energy Providers (REP), the main challenge is to ensure the effective use of fine-grained consumer data while ensuring data privacy. In this manuscript, we tackle this challenge for energy load consumption forecasting in regards to REPs which is essential to energy demand management, load switching and infr…
▽ More
As Smart Meters are collecting and transmitting household energy consumption data to Retail Energy Providers (REP), the main challenge is to ensure the effective use of fine-grained consumer data while ensuring data privacy. In this manuscript, we tackle this challenge for energy load consumption forecasting in regards to REPs which is essential to energy demand management, load switching and infrastructure development. Specifically, we note that existing energy load forecasting is centralized, which are not scalable and most importantly, vulnerable to data privacy threats. Besides, REPs are individual market participants and liable to ensure the privacy of their own customers. To address this issue, we propose a novel horizontal privacy-preserving federated learning framework for REPs energy load forecasting, namely FedREP. We consider a federated learning system consisting of a control centre and multiple retailers by enabling multiple REPs to build a common, robust machine learning model without sharing data, thus addressing critical issues such as data privacy, data security and scalability. For forecasting, we use a state-of-the-art Long Short-Term Memory (LSTM) neural network due to its ability to learn long term sequences of observations and promises of higher accuracy with time-series data while solving the vanishing gradient problem. Finally, we conduct extensive data-driven experiments using a real energy consumption dataset. Experimental results demonstrate that our proposed federated learning framework can achieve sufficient performance in terms of MSE ranging between 0.3 to 0.4 and is relatively similar to that of a centralized approach while preserving privacy and improving scalability.
△ Less
Submitted 28 March, 2023; v1 submitted 28 February, 2022;
originally announced March 2022.
-
False Data Injection Threats in Active Distribution Systems: A Comprehensive Survey
Authors:
Muhammad Akbar Husnoo,
Adnan Anwar,
Nasser Hosseinzadeh,
Shama Naz Islam,
Abdun Naser Mahmood,
Robin Doss
Abstract:
With the proliferation of smart devices and revolutions in communications, electrical distribution systems are gradually shifting from passive, manually-operated and inflexible ones, to a massively interconnected cyber-physical smart grid to address the energy challenges of the future. However, the integration of several cutting-edge technologies has introduced several security and privacy vulnera…
▽ More
With the proliferation of smart devices and revolutions in communications, electrical distribution systems are gradually shifting from passive, manually-operated and inflexible ones, to a massively interconnected cyber-physical smart grid to address the energy challenges of the future. However, the integration of several cutting-edge technologies has introduced several security and privacy vulnerabilities due to the large-scale complexity and resource limitations of deployments. Recent research trends have shown that False Data Injection (FDI) attacks are becoming one of the most malicious cyber threats within the entire smart grid paradigm. Therefore, this paper presents a comprehensive survey of the recent advances in FDI attacks within active distribution systems and proposes a taxonomy to classify the FDI threats with respect to smart grid targets. The related studies are contrasted and summarized in terms of the attack methodologies and implications on the electrical power distribution networks. Finally, we identify some research gaps and recommend a number of future research directions to guide and motivate prospective researchers.
△ Less
Submitted 29 September, 2022; v1 submitted 28 November, 2021;
originally announced November 2021.
-
A Taxonomy of Cyber Defence Strategies Against False Data Attacks in Smart Grid
Authors:
Haftu Tasew Reda,
Adnan Anwar,
Abdun Naser Mahmood,
Zahir Tari
Abstract:
Modern electric power grid, known as the Smart Grid, has fast transformed the isolated and centrally controlled power system to a fast and massively connected cyber-physical system that benefits from the revolutions happening in the communications and the fast adoption of Internet of Things devices. While the synergy of a vast number of cyber-physical entities has allowed the Smart Grid to be much…
▽ More
Modern electric power grid, known as the Smart Grid, has fast transformed the isolated and centrally controlled power system to a fast and massively connected cyber-physical system that benefits from the revolutions happening in the communications and the fast adoption of Internet of Things devices. While the synergy of a vast number of cyber-physical entities has allowed the Smart Grid to be much more effective and sustainable in meeting the growing global energy challenges, it has also brought with it a large number of vulnerabilities resulting in breaches of data integrity, confidentiality and availability. False data injection (FDI) appears to be among the most critical cyberattacks and has been a focal point interest for both research and industry. To this end, this paper presents a comprehensive review in the recent advances of the defence countermeasures of the FDI attacks in the Smart Grid infrastructure. Relevant existing literature are evaluated and compared in terms of their theoretical and practical significance to the Smart Grid cybersecurity. In conclusion, a range of technical limitations of existing false data attack detection researches are identified, and a number of future research directions are recommended.
△ Less
Submitted 30 March, 2021;
originally announced March 2021.
-
Modeling and performance evaluation of stealthy false data injection attacks on smart grid in the presence of corrupted measurements
Authors:
Adnan Anwar,
Abdun Naser Mahmood,
Mark Pickering
Abstract:
The false data injection (FDI) attack cannot be detected by the traditional anomaly detection techniques used in the energy system state estimators. In this paper, we demonstrate how FDI attacks can be constructed blindly, i.e., without system knowledge, including topological connectivity and line reactance information. Our analysis reveals that existing FDI attacks become detectable (consequently…
▽ More
The false data injection (FDI) attack cannot be detected by the traditional anomaly detection techniques used in the energy system state estimators. In this paper, we demonstrate how FDI attacks can be constructed blindly, i.e., without system knowledge, including topological connectivity and line reactance information. Our analysis reveals that existing FDI attacks become detectable (consequently unsuccessful) by the state estimator if the data contains grossly corrupted measurements such as device malfunction and communication errors. The proposed sparse optimization based stealthy attacks construction strategy overcomes this limitation by separating the gross errors from the measurement matrix. Extensive theoretical modeling and experimental evaluation show that the proposed technique performs more stealthily (has less relative error) and efficiently (fast enough to maintain time requirement) compared to other methods on IEEE benchmark test systems.
△ Less
Submitted 19 May, 2016;
originally announced May 2016.
-
Vulnerabilities of Smart Grid State Estimation against False Data Injection Attack
Authors:
A. Anwar,
A. N. Mahmood
Abstract:
In recent years, Information Security has become a notable issue in the energy sector. After the invention of The Stuxnet worm in 2010, data integrity, privacy and confidentiality has received significant importance in the real-time operation of the control centres. New methods and frameworks are being developed to protect the National Critical Infrastructures like energy sector. In the recent lit…
▽ More
In recent years, Information Security has become a notable issue in the energy sector. After the invention of The Stuxnet worm in 2010, data integrity, privacy and confidentiality has received significant importance in the real-time operation of the control centres. New methods and frameworks are being developed to protect the National Critical Infrastructures like energy sector. In the recent literatures, it has been shown that the key real-time operational tools (e.g., State Estimator) of any Energy Management System (EMS) are vulnerable to Cyber Attacks. In this chapter, one such cyber attack named False Data Injection Attack is discussed. A literature review with a case study is considered to explain the characteristics and significance of such data integrity attacks.
△ Less
Submitted 10 November, 2014;
originally announced November 2014.
-
Swarm Intelligence Based Multi-phase OPF For Peak Power Loss Reduction In A Smart Grid
Authors:
Adnan Anwar,
A. N. Mahmood
Abstract:
Recently there has been increasing interest in improving smart grids efficiency using computational intelligence. A key challenge in future smart grid is designing Optimal Power Flow tool to solve important planning problems including optimal DG capacities. Although, a number of OPF tools exists for balanced networks there is a lack of research for unbalanced multi-phase distribution networks. In…
▽ More
Recently there has been increasing interest in improving smart grids efficiency using computational intelligence. A key challenge in future smart grid is designing Optimal Power Flow tool to solve important planning problems including optimal DG capacities. Although, a number of OPF tools exists for balanced networks there is a lack of research for unbalanced multi-phase distribution networks. In this paper, a new OPF technique has been proposed for the DG capacity planning of a smart grid. During the formulation of the proposed algorithm, multi-phase power distribution system is considered which has unbalanced loadings, voltage control and reactive power compensation devices. The proposed algorithm is built upon a co-simulation framework that optimizes the objective by adapting a constriction factor Particle Swarm optimization. The proposed multi-phase OPF technique is validated using IEEE 8500-node benchmark distribution system.
△ Less
Submitted 20 August, 2014;
originally announced August 2014.
-
Enhanced Estimation of Autoregressive Wind Power Prediction Model Using Constriction Factor Particle Swarm Optimization
Authors:
Adnan Anwar,
Abdun Naser Mahmood
Abstract:
Accurate forecasting is important for cost-effective and efficient monitoring and control of the renewable energy based power generation. Wind based power is one of the most difficult energy to predict accurately, due to the widely varying and unpredictable nature of wind energy. Although Autoregressive (AR) techniques have been widely used to create wind power models, they have shown limited accu…
▽ More
Accurate forecasting is important for cost-effective and efficient monitoring and control of the renewable energy based power generation. Wind based power is one of the most difficult energy to predict accurately, due to the widely varying and unpredictable nature of wind energy. Although Autoregressive (AR) techniques have been widely used to create wind power models, they have shown limited accuracy in forecasting, as well as difficulty in determining the correct parameters for an optimized AR model. In this paper, Constriction Factor Particle Swarm Optimization (CF-PSO) is employed to optimally determine the parameters of an Autoregressive (AR) model for accurate prediction of the wind power output behaviour. Appropriate lag order of the proposed model is selected based on Akaike information criterion. The performance of the proposed PSO based AR model is compared with four well-established approaches; Forward-backward approach, Geometric lattice approach, Least-squares approach and Yule-Walker approach, that are widely used for error minimization of the AR model. To validate the proposed approach, real-life wind power data of \textit{Capital Wind Farm} was obtained from Australian Energy Market Operator. Experimental evaluation based on a number of different datasets demonstrate that the performance of the AR model is significantly improved compared with benchmark methods.
△ Less
Submitted 20 August, 2014;
originally announced August 2014.
-
Cyber Security of Smart Grid Infrastructure
Authors:
Adnan Anwar,
Abdun Naser Mahmood
Abstract:
Smart grid security is crucial to maintain stable and reliable power system operation during the contingency situation due to the failure of any critical power system component. Ensuring a secured smart grid involves with a less possibility of power grid collapse or equipment malfunction. Due to lack of the proper security measures, a major blackout may occur which can even lead to a cascading fai…
▽ More
Smart grid security is crucial to maintain stable and reliable power system operation during the contingency situation due to the failure of any critical power system component. Ensuring a secured smart grid involves with a less possibility of power grid collapse or equipment malfunction. Due to lack of the proper security measures, a major blackout may occur which can even lead to a cascading failure. Therefore, to protect this critical power system infrastructure and to ensure a reliable and an uninterrupted power supply to the end users, smart grid security issues must be addressed with high priority. In a smart grid environment, electric power infrastructure is modernized by incorporating the current and future requirements and advanced functionalities to its consumers. To make the smart grid happen, cyber system is integrated with the physical power system. Although adoption of cyber system has made the grid more energy efficient and modernized, it has introduced cyber-attack issues which are critical for national infrastructure security and customer satisfaction. Due to the cyber-attack, power grid may face operational failures and loss of synchronization. This operational failure may damage critical power system components which may interrupt the power supply and make the system unstable resulting high financial penalties. In this chapter, some recent cyber attack related incidents into a smart grid environment are discussed. The requirements and the state of the art of cyber security issues of a critical power system infrastructure are illustrated elaborately.
△ Less
Submitted 22 January, 2014; v1 submitted 16 January, 2014;
originally announced January 2014.
-
Random Shuffling to Reduce Disorder in Adaptive Sorting Scheme
Authors:
Md. Enamul Karim,
Abdun Naser Mahmood
Abstract:
In this paper we present a random shuffling scheme to apply with adaptive sorting algorithms. Adaptive sorting algorithms utilize the presortedness present in a given sequence. We have probabilistically increased the amount of presortedness present in a sequence by using a random shuffling technique that requires little computation. Theoretical analysis suggests that the proposed scheme can impr…
▽ More
In this paper we present a random shuffling scheme to apply with adaptive sorting algorithms. Adaptive sorting algorithms utilize the presortedness present in a given sequence. We have probabilistically increased the amount of presortedness present in a sequence by using a random shuffling technique that requires little computation. Theoretical analysis suggests that the proposed scheme can improve the performance of adaptive sorting. Experimental results show that it significantly reduces the amount of disorder present in a given sequence and improves the execution time of adaptive sorting algorithm as well.
△ Less
Submitted 2 December, 2000;
originally announced December 2000.