Analysis of Moving Target Defense Against False Data Injection Attacks on Power Grid

TL;DR

This paper analyzes the effectiveness of moving target defense (MTD) in preventing false data injection attacks on power grids, establishing conditions for its success and proposing methods to optimize its deployment.

Contribution

It provides theoretical conditions under which MTD can thwart stealthy FDI attacks and proposes strategies to minimize attack opportunities by perturbing specific branches.

Findings

MTD can thwart all FDI attacks with former susceptances if l ≥ 2n and more than n branches are perturbed.

Perturbing certain branches reduces the stealthy attack space and covers more buses.

Simulation results validate the theoretical analysis on IEEE power system models.

Abstract

Recent studies have considered thwarting false data injection (FDI) attacks against state estimation in power grids by proactively perturbing branch susceptances. This approach is known as moving target defense (MTD). However, despite of the deployment of MTD, it is still possible for the attacker to launch stealthy FDI attacks generated with former branch susceptances. In this paper, we prove that, an MTD has the capability to thwart all FDI attacks constructed with former branch susceptances only if (i) the number of branches $l$ in the power system is not less than twice that of the system states $n$ (i.e., $l \geq 2n$, where $n + 1$ is the number of buses); (ii) the susceptances of more than $n$ branches, which cover all buses, are perturbed. Moreover, we prove that the state variable of a bus that is only connected by a single branch (no matter it is perturbed or not) can always be modified by the attacker. Nevertheless, in order to reduce the attack opportunities of potential attackers, we first exploit the impact of the susceptance perturbation magnitude on the dimension of the \emph{stealthy attack space}, in which the attack vector is constructed with former branch susceptances. Then, we propose that, by perturbing an appropriate set of branches, we can minimize the dimension of the \emph{stealthy attack space} and maximize the number of covered buses. Besides, we consider the increasing operation cost caused by the activation of MTD. Finally, we conduct extensive simulations to illustrate our findings with IEEE standard test power systems.