Mitigating Adversarial Effects of False Data Injection Attacks in Power Grid

TL;DR

This paper proposes a randomized padding framework for DNN-based false data injection attack detection in power grids, enhancing robustness against subtle adversarial examples with minimal performance impact, validated on multiple IEEE bus systems.

Contribution

Introduces a novel randomized input padding layer in DNNs to mitigate adversarial effects in power grid attack detection, addressing CPS-specific vulnerabilities.

Findings

Framework effectively reduces adversarial attack success rates.

Minimal impact on DNN detection performance.

Validated on IEEE 14, 30, 118, and 300 bus systems.

Abstract

Deep Neural Networks have proven to be highly accurate at a variety of tasks in recent years. The benefits of Deep Neural Networks have also been embraced in power grids to detect False Data Injection Attacks (FDIA) while conducting critical tasks like state estimation. However, the vulnerabilities of DNNs along with the distinct infrastructure of the cyber-physical-system (CPS) can favor the attackers to bypass the detection mechanism. Moreover, the divergent nature of CPS engenders limitations to the conventional defense mechanisms for False Data Injection Attacks. In this paper, we propose a DNN framework with an additional layer that utilizes randomization to mitigate the adversarial effect by padding the inputs. The primary advantage of our method is when deployed to a DNN model it has a trivial impact on the model's performance even with larger padding sizes. We demonstrate the favorable outcome of the framework through simulation using the IEEE 14-bus, 30-bus, 118-bus, and 300-bus systems. Furthermore to justify the framework we select attack techniques that generate subtle adversarial examples that can bypass the detection mechanism effortlessly.