Anomaly Detection in Automatic Generation Control Systems Based on Traffic Pattern Analysis and Deep Transfer Learning

TL;DR

This paper presents a deep transfer learning approach using ResNeSt CNN to detect anomalies in power grid control systems by analyzing ICT network traffic patterns, enhancing cybersecurity and system stability.

Contribution

It introduces a novel method combining frequency domain traffic analysis with transfer learning and ResNeSt CNN for anomaly detection in AGC systems.

Findings

Effective detection of traffic anomalies using deep learning.

Robustness against system uncertainties demonstrated.

Transfer learning reduces need for labeled abnormal data.

Abstract

In modern highly interconnected power grids, automatic generation control (AGC) is crucial in maintaining the stability of the power grid. The dependence of the AGC system on the information and communications technology (ICT) system makes it vulnerable to various types of cyber-attacks. Thus, information flow (IF) analysis and anomaly detection became paramount for preventing cyber attackers from driving the cyber-physical power system (CPPS) to instability. In this paper, the ICT network traffic rules in CPPSs are explored and the frequency domain features of the ICT network traffic are extracted, basically for developing a robust learning algorithm that can learn the normal traffic pattern based on the ResNeSt convolutional neural network (CNN). Furthermore, to overcome the problem of insufficient abnormal traffic labeled samples, transfer learning approach is used. In the proposed data-driven-based method the deep learning model is trained by traffic frequency features, which makes our model robust against AGC's parameters uncertainties and modeling nonlinearities.