False Data Injection Attacks(FDIAs)pose a critical security threat to modern power grids,corrupting state estimation and enabling malicious control actions that can lead to severe consequences,including cascading fail...False Data Injection Attacks(FDIAs)pose a critical security threat to modern power grids,corrupting state estimation and enabling malicious control actions that can lead to severe consequences,including cascading failures,large-scale blackouts,and significant economic losses.While detecting attacks is important,accurately localizing compromised nodes or measurements is even more critical,as it enables timely mitigation,targeted response,and enhanced system resilience beyond what detection alone can offer.Existing research typically models topological features using fixed structures,which can introduce irrelevant information and affect the effectiveness of feature extraction.To address this limitation,this paper proposes an FDIA localization model with adaptive neighborhood selection,which dynamically captures spatial dependencies of the power grid by adjusting node relationships based on data-driven similarities.The improved Transformer is employed to pre-fuse global spatial features of the graph,enriching the feature representation.To improve spatio-temporal correlation extraction for FDIA localization,the proposed model employs dilated causal convolution with a gating mechanism combined with graph convolution to capture and fuse long-range temporal features and adaptive topological features.This fully exploits the temporal dynamics and spatial dependencies inherent in the power grid.Finally,multi-source information is integrated to generate highly robust node embeddings,enhancing FDIA detection and localization.Experiments are conducted on IEEE 14,57,and 118-bus systems,and the results demonstrate that the proposed model substantially improves the accuracy of FDIA localization.Additional experiments are conducted to verify the effectiveness and robustness of the proposed model.展开更多
Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent ...Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.展开更多
Given the rapid development of advanced information systems,microgrids(MGs)suffer from more potential attacks that affect their operational performance.Conventional distributed secondary control with a small,fixed sam...Given the rapid development of advanced information systems,microgrids(MGs)suffer from more potential attacks that affect their operational performance.Conventional distributed secondary control with a small,fixed sampling time period inevitably causes the wasteful use of communication resources.This paper proposes a self-triggered secondary control scheme under perturbations from false data injection(FDI)attacks.We designed a linear clock for each DG to trigger its controller at aperiodic and intermittent instants.Sub-sequently,a hash-based defense mechanism(HDM)is designed for detecting and eliminating malicious data infiltrated in the MGs.With the aid of HDM,a self-triggered control scheme achieves the secondary control objectives even in the presence of FDI attacks.Rigorous theoretical analyses and simulation results indicate that the introduced secondary control scheme significantly reduces communication costs and enhances the resilience of MGs under FDI attacks.展开更多
Future 6G communications will open up opportunities for innovative applications,including Cyber-Physical Systems,edge computing,supporting Industry 5.0,and digital agriculture.While automation is creating efficiencies...Future 6G communications will open up opportunities for innovative applications,including Cyber-Physical Systems,edge computing,supporting Industry 5.0,and digital agriculture.While automation is creating efficiencies,it can also create new cyber threats,such as vulnerabilities in trust and malicious node injection.Denialof-Service(DoS)attacks can stop many forms of operations by overwhelming networks and systems with data noise.Current anomaly detection methods require extensive software changes and only detect static threats.Data collection is important for being accurate,but it is often a slow,tedious,and sometimes inefficient process.This paper proposes a new wavelet transformassisted Bayesian deep learning based probabilistic(WT-BDLP)approach tomitigate malicious data injection attacks in 6G edge networks.The proposed approach combines outlier detection based on a Bayesian learning conditional variational autoencoder(Bay-LCVariAE)and traffic pattern analysis based on continuous wavelet transform(CWT).The Bay-LCVariAE framework allows for probabilistic modelling of generative features to facilitate capturing how features of interest change over time,spatially,and for recognition of anomalies.Similarly,CWT allows emphasizing the multi-resolution spectral analysis and permits temporally relevant frequency pattern recognition.Experimental testing showed that the flexibility of the Bayesian probabilistic framework offers a vast improvement in anomaly detection accuracy over existing methods,with a maximum accuracy of 98.21%recognizing anomalies.展开更多
Although digital changes in power systems have added more ways to monitor and control them,these changes have also led to new cyber-attack risks,mainly from False Data Injection(FDI)attacks.If this happens,the sensors...Although digital changes in power systems have added more ways to monitor and control them,these changes have also led to new cyber-attack risks,mainly from False Data Injection(FDI)attacks.If this happens,the sensors and operations are compromised,which can lead to big problems,disruptions,failures and blackouts.In response to this challenge,this paper presents a reliable and innovative detection framework that leverages Bidirectional Long Short-Term Memory(Bi-LSTM)networks and employs explanatory methods from Artificial Intelligence(AI).Not only does the suggested architecture detect potential fraud with high accuracy,but it also makes its decisions transparent,enabling operators to take appropriate action.Themethod developed here utilizesmodel-free,interpretable tools to identify essential input elements,thereby making predictions more understandable and usable.Enhancing detection performance is made possible by correcting class imbalance using Synthetic Minority Over-sampling Technique(SMOTE)-based data balancing.Benchmark power system data confirms that the model functions correctly through detailed experiments.Experimental results showed that Bi-LSTM+Explainable AI(XAI)achieved an average accuracy of 94%,surpassing XGBoost(89%)and Bagging(84%),while ensuring explainability and a high level of robustness across various operating scenarios.By conducting an ablation study,we find that bidirectional recursive modeling and ReLU activation help improve generalization and model predictability.Additionally,examining model decisions through LIME enables us to identify which features are crucial for making smart grid operational decisions in real time.The research offers a practical and flexible approach for detecting FDI attacks,improving the security of cyber-physical systems,and facilitating the deployment of AI in energy infrastructure.展开更多
The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.H...The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.However,the adverse effects of false data injection(FDI)attacks on the performance of LLMs cannot be overlooked.Therefore,we propose an FDI attack detection and LLM-assisted resource allocation algorithm for 6G edge intelligenceempowered distribution power grids.First,we formulate a resource allocation optimization problem.The objective is to minimize the weighted sum of the global loss function and total LLM fine-tuning delay under constraints of long-term privacy entropy and energy consumption.Then,we decouple it based on virtual queues.We utilize an LLM-assisted deep Q network(DQN)to learn the resource allocation strategy and design an FDI attack detection mechanism to ensure that fine-tuning remains on the correct path.Simulations demonstrate that the proposed algorithm has excellent performance in convergence,delay,and security.展开更多
Secure control against cyber attacks becomes increasingly significant in cyber-physical systems(CPSs).False data injection attacks are a class of cyber attacks that aim to compromise CPS functions by injecting false d...Secure control against cyber attacks becomes increasingly significant in cyber-physical systems(CPSs).False data injection attacks are a class of cyber attacks that aim to compromise CPS functions by injecting false data such as sensor measurements and control signals.For quantified false data injection attacks,this paper establishes an effective defense framework from the energy conversion perspective.Then,we design an energy controller to dynamically adjust the system energy changes caused by unknown attacks.The designed energy controller stabilizes the attacked CPSs and ensures the dynamic performance of the system by adjusting the amount of damping injection.Moreover,with the disturbance attenuation technique,the burden of control system design is simplified because there is no need to design an attack observer.In addition,this secure control method is simple to implement because it avoids complicated mathematical operations.The effectiveness of our control method is demonstrated through an industrial CPS that controls a permanent magnet synchronous motor.展开更多
With the development of wireless communication technology,cyber physical systems are applied in various fields such as industrial production and infrastructure,where lots of information exchange brings cyber security ...With the development of wireless communication technology,cyber physical systems are applied in various fields such as industrial production and infrastructure,where lots of information exchange brings cyber security threats to the systems.From the perspective of system identification with binary-valued observations,we study the optimal attack problem when the system is subject to both denial of service attacks and data tampering attacks.The packet loss rate and the data tampering rate caused by the attack is given,and the estimation error is derived.Then the optimal attack strategy to maximize the identification error with the least energy is described as a min–max optimization problem with constraints.The explicit expression of the optimal attack strategy is obtained.Simulation examples are presented to verify the effectiveness of the main conclusions.展开更多
With advanced communication technologies,cyberphysical systems such as networked industrial control systems can be monitored and controlled by a remote control center via communication networks.While lots of benefits ...With advanced communication technologies,cyberphysical systems such as networked industrial control systems can be monitored and controlled by a remote control center via communication networks.While lots of benefits can be achieved with such a configuration,it also brings the concern of cyber attacks to the industrial control systems,such as networked manipulators that are widely adopted in industrial automation.For such systems,a false data injection attack on a control-center-to-manipulator(CC-M)communication channel is undesirable,and has negative effects on the manufacture quality.In this paper,we propose a resilient remote kinematic control method for serial manipulators undergoing a false data injection attack by leveraging the kinematic model.Theoretical analysis shows that the proposed method can guarantee asymptotic convergence of the regulation error to zero in the presence of a type of false data injection attack.The efficacy of the proposed method is validated via simulations.展开更多
This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the meas...This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.展开更多
With the integration of information technologies, power system operations are increasingly threatened by cyber-attacks. It has even been revealed that an attacker can inject false data into real-time measurements stea...With the integration of information technologies, power system operations are increasingly threatened by cyber-attacks. It has even been revealed that an attacker can inject false data into real-time measurements stealthily without knowing the full configuration(e.g., network topology) of a power system. In this paper, we present a comprehensive review on false data injection attacks which utilize barrier conditions, blind identification techniques and data driven approaches to overcome limitations of incomplete network information. We also point out future research topics for facilitating the detection and prevention of such false data attacks.展开更多
With the increasing deployment of wireless sensordevices and networks,security becomes a criticalchallenge for sensor networks.In this paper,a schemeusing data mining is proposed for routing anomalydetection in wirele...With the increasing deployment of wireless sensordevices and networks,security becomes a criticalchallenge for sensor networks.In this paper,a schemeusing data mining is proposed for routing anomalydetection in wireless sensor networks.The schemeuses the Apriori algorithm to extract traffic patternsfrom both routing table and network traffic packetsand subsequently the K-means cluster algorithmadaptively generates a detection model.Through thecombination of these two algorithms,routing attackscan be detected effectively and automatically.Themain advantage of the proposed approach is that it isable to detect new attacks that have not previouslybeen seen.Moreover,the proposed detection schemeis based on no priori knowledge and then can beapplied to a wide range of different sensor networksfor a variety of routing attacks.展开更多
The security control of Markovian jumping neural networks(MJNNs)is investigated under false data injection attacks that take place in the shared communication network.Stochastic sampleddata control is employed to rese...The security control of Markovian jumping neural networks(MJNNs)is investigated under false data injection attacks that take place in the shared communication network.Stochastic sampleddata control is employed to research the exponential synchronization of MJNNs under false data injection attacks(FDIAs)since it can alleviate the impact of the FDIAs on the performance of the system by adjusting the sampling periods.A multi-delay error system model is established through the input-delay approach.To reduce the conservatism of the results,a sampling-periodprobability-dependent looped Lyapunov functional is constructed.In light of some less conservative integral inequalities,a synchronization criterion is derived,and an algorithm is provided that can be solved for determining the controller gain.Finally,a numerical simulation is presented to confirm the efficiency of the proposed method.展开更多
Cyber-physical systems(CPS)have been widely deployed in critical infrastructures and are vulnerable to various attacks.Data integrity attacks manipulate sensor measurements and cause control systems to fail,which are ...Cyber-physical systems(CPS)have been widely deployed in critical infrastructures and are vulnerable to various attacks.Data integrity attacks manipulate sensor measurements and cause control systems to fail,which are one of the prominent threats to CPS.Anomaly detection methods are proposed to secure CPS.However,existing anomaly detection studies usually require expert knowledge(e.g.,system model-based)or are lack of interpretability(e.g.,deep learning-based).In this paper,we present DEEPNOISE,a deep learning-based anomaly detection method for CPS with interpretability.Specifically,we utilize the sensor and process noise to detect data integrity attacks.Such noise represents the intrinsic characteristics of physical devices and the production process in CPS.One key enabler is that we use a robust deep autoencoder to automatically extract the noise from measurement data.Further,an LSTM-based detector is designed to inspect the obtained noise and detect anomalies.Data integrity attacks change noise patterns and thus are identified as the root cause of anomalies by DEEPNOISE.Evaluated on the SWaT testbed,DEEPNOISE achieves higher accuracy and recall compared with state-of-the-art model-based and deep learningbased methods.On average,when detecting direct attacks,the precision is 95.47%,the recall is 96.58%,and F_(1) is 95.98%.When detecting stealthy attacks,precision,recall,and F_(1) scores are between 96% and 99.5%.展开更多
In this paper,we investigate the defense problem against the joint attacks of denial-of-service attacks and data tampering attacks in the framework of system identification with binary-valued observations.By estimatin...In this paper,we investigate the defense problem against the joint attacks of denial-of-service attacks and data tampering attacks in the framework of system identification with binary-valued observations.By estimating the key parameters of the joint attack and compensating them in the identification algorithm,a compensation-oriented defense scheme is proposed.Then the identification algorithm of system parameter is designed and is further proved to be consistent.The asymptotic normality of the algorithm is obtained,and on this basis,we propose the optimal defense scheme.Furthermore,the implementation of the optimal defense scheme is discussed.Finally,a simulation example is presented to verify the effectiveness of the main results.展开更多
Machine Learning(ML)systems often involve a re-training process to make better predictions and classifications.This re-training process creates a loophole and poses a security threat for ML systems.Adversaries leverag...Machine Learning(ML)systems often involve a re-training process to make better predictions and classifications.This re-training process creates a loophole and poses a security threat for ML systems.Adversaries leverage this loophole and design data poisoning attacks against ML systems.Data poisoning attacks are a type of attack in which an adversary manipulates the training dataset to degrade the ML system’s performance.Data poisoning attacks are challenging to detect,and even more difficult to respond to,particularly in the Internet of Things(IoT)environment.To address this problem,we proposed DISTINIT,the first proactive data poisoning attack detection framework using distancemeasures.We found that Jaccard Distance(JD)can be used in the DISTINIT(among other distance measures)and we finally improved the JD to attain an Optimized JD(OJD)with lower time and space complexity.Our security analysis shows that the DISTINIT is secure against data poisoning attacks by considering key features of adversarial attacks.We conclude that the proposed OJD-based DISTINIT is effective and efficient against data poisoning attacks where in-time detection is critical for IoT applications with large volumes of streaming data.展开更多
The emerging of false data injection attacks(FDIAs)can fool the traditional detection methods by injecting false data,which has brought huge risks to the security of smart grids.For this reason,a resilient active defe...The emerging of false data injection attacks(FDIAs)can fool the traditional detection methods by injecting false data,which has brought huge risks to the security of smart grids.For this reason,a resilient active defense control scheme based on interval observer detection is proposed in this paper to protect smart grids.The proposed active defense highlights the integration of detection and defense against FDIAs in smart girds.First,a dynamic physical grid model under FDIAs is modeled,in which model uncertainty and parameter uncertainty are taken into account.Then,an interval observer-based detection method against FDIAs is proposed,where a detection criteria using interval residual is put forward.Corresponding to the detection results,the resilient defense controller is triggered to defense the FDIAs if the system states are affected by FDIAs.Linear matrix inequality(LMI)approach is applied to design the resilient controller with H_(∞)performance.The system with the resilient defense controller can be robust to FDIAs and the gain of the resilient controller has a certain gain margin.Our active resilient defense approach can be built in real time and show accurate and quick respond to the injected FDIAs.The effectiveness of the proposed defense scheme is verified by the simulation results on an IEEE 30-bus grid system.展开更多
The recent developments in smart cities pose major security issues for the Internet of Things(IoT)devices.These security issues directly result from inappropriate security management protocols and their implementation...The recent developments in smart cities pose major security issues for the Internet of Things(IoT)devices.These security issues directly result from inappropriate security management protocols and their implementation by IoT gadget developers.Cyber-attackers take advantage of such gadgets’vulnerabilities through various attacks such as injection and Distributed Denial of Service(DDoS)attacks.In this background,Intrusion Detection(ID)is the only way to identify the attacks and mitigate their damage.The recent advancements in Machine Learning(ML)and Deep Learning(DL)models are useful in effectively classifying cyber-attacks.The current research paper introduces a new Coot Optimization Algorithm with a Deep Learning-based False Data Injection Attack Recognition(COADL-FDIAR)model for the IoT environment.The presented COADL-FDIAR technique aims to identify false data injection attacks in the IoT environment.To accomplish this,the COADL-FDIAR model initially preprocesses the input data and selects the features with the help of the Chi-square test.To detect and classify false data injection attacks,the Stacked Long Short-Term Memory(SLSTM)model is exploited in this study.Finally,the COA algorithm effectively adjusts the SLTSM model’s hyperparameters effectively and accomplishes a superior recognition efficiency.The proposed COADL-FDIAR model was experimentally validated using a standard dataset,and the outcomes were scrutinized under distinct aspects.The comparative analysis results assured the superior performance of the proposed COADL-FDIAR model over other recent approaches with a maximum accuracy of 98.84%.展开更多
With the increasing prevalence of social networks, more and more social network data are published for many applications, such as social network analysis and data mining. However, this brings privacy problems. For exa...With the increasing prevalence of social networks, more and more social network data are published for many applications, such as social network analysis and data mining. However, this brings privacy problems. For example, adversaries can get sensitive information of some individuals easily with little background knowledge. How to publish social network data for analysis purpose while preserving the privacy of individuals has raised many concerns. Many algorithms have been proposed to address this issue. In this paper, we discuss this privacy problem from two aspects: attack models and countermeasures. We analyse privacy conceres, model the background knowledge that adversary may utilize and review the recently developed attack models. We then survey the state-of-the-art privacy preserving methods in two categories: anonymization methods and differential privacy methods. We also provide research directions in this area.展开更多
The security of Federated Learning(FL)/Distributed Machine Learning(DML)is gravely threatened by data poisoning attacks,which destroy the usability of the model by contaminating training samples,so such attacks are ca...The security of Federated Learning(FL)/Distributed Machine Learning(DML)is gravely threatened by data poisoning attacks,which destroy the usability of the model by contaminating training samples,so such attacks are called causative availability indiscriminate attacks.Facing the problem that existing data sanitization methods are hard to apply to real-time applications due to their tedious process and heavy computations,we propose a new supervised batch detection method for poison,which can fleetly sanitize the training dataset before the local model training.We design a training dataset generation method that helps to enhance accuracy and uses data complexity features to train a detection model,which will be used in an efficient batch hierarchical detection process.Our model stockpiles knowledge about poison,which can be expanded by retraining to adapt to new attacks.Being neither attack-specific nor scenario-specific,our method is applicable to FL/DML or other online or offline scenarios.展开更多
基金supported by National Key Research and Development Plan of China(No.2022YFB3103304).
文摘False Data Injection Attacks(FDIAs)pose a critical security threat to modern power grids,corrupting state estimation and enabling malicious control actions that can lead to severe consequences,including cascading failures,large-scale blackouts,and significant economic losses.While detecting attacks is important,accurately localizing compromised nodes or measurements is even more critical,as it enables timely mitigation,targeted response,and enhanced system resilience beyond what detection alone can offer.Existing research typically models topological features using fixed structures,which can introduce irrelevant information and affect the effectiveness of feature extraction.To address this limitation,this paper proposes an FDIA localization model with adaptive neighborhood selection,which dynamically captures spatial dependencies of the power grid by adjusting node relationships based on data-driven similarities.The improved Transformer is employed to pre-fuse global spatial features of the graph,enriching the feature representation.To improve spatio-temporal correlation extraction for FDIA localization,the proposed model employs dilated causal convolution with a gating mechanism combined with graph convolution to capture and fuse long-range temporal features and adaptive topological features.This fully exploits the temporal dynamics and spatial dependencies inherent in the power grid.Finally,multi-source information is integrated to generate highly robust node embeddings,enhancing FDIA detection and localization.Experiments are conducted on IEEE 14,57,and 118-bus systems,and the results demonstrate that the proposed model substantially improves the accuracy of FDIA localization.Additional experiments are conducted to verify the effectiveness and robustness of the proposed model.
文摘Bayesian networks are a powerful class of graphical decision models used to represent causal relationships among variables.However,the reliability and integrity of learned Bayesian network models are highly dependent on the quality of incoming data streams.One of the primary challenges with Bayesian networks is their vulnerability to adversarial data poisoning attacks,wherein malicious data is injected into the training dataset to negatively influence the Bayesian network models and impair their performance.In this research paper,we propose an efficient framework for detecting data poisoning attacks against Bayesian network structure learning algorithms.Our framework utilizes latent variables to quantify the amount of belief between every two nodes in each causal model over time.We use our innovative methodology to tackle an important issue with data poisoning assaults in the context of Bayesian networks.With regard to four different forms of data poisoning attacks,we specifically aim to strengthen the security and dependability of Bayesian network structure learning techniques,such as the PC algorithm.By doing this,we explore the complexity of this area and offer workablemethods for identifying and reducing these sneaky dangers.Additionally,our research investigates one particular use case,the“Visit to Asia Network.”The practical consequences of using uncertainty as a way to spot cases of data poisoning are explored in this inquiry,which is of utmost relevance.Our results demonstrate the promising efficacy of latent variables in detecting and mitigating the threat of data poisoning attacks.Additionally,our proposed latent-based framework proves to be sensitive in detecting malicious data poisoning attacks in the context of stream data.
基金supported by Hainan Provincial Natural Science Foundation of China(No.524RC532)Research Startup Funding from Hainan Institute of Zhejiang University(No.0210-6602-A12202)Project of Sanya Yazhou Bay Science and Technology City(No.SKJC-2022-PTDX-009/010/011).
文摘Given the rapid development of advanced information systems,microgrids(MGs)suffer from more potential attacks that affect their operational performance.Conventional distributed secondary control with a small,fixed sampling time period inevitably causes the wasteful use of communication resources.This paper proposes a self-triggered secondary control scheme under perturbations from false data injection(FDI)attacks.We designed a linear clock for each DG to trigger its controller at aperiodic and intermittent instants.Sub-sequently,a hash-based defense mechanism(HDM)is designed for detecting and eliminating malicious data infiltrated in the MGs.With the aid of HDM,a self-triggered control scheme achieves the secondary control objectives even in the presence of FDI attacks.Rigorous theoretical analyses and simulation results indicate that the introduced secondary control scheme significantly reduces communication costs and enhances the resilience of MGs under FDI attacks.
文摘Future 6G communications will open up opportunities for innovative applications,including Cyber-Physical Systems,edge computing,supporting Industry 5.0,and digital agriculture.While automation is creating efficiencies,it can also create new cyber threats,such as vulnerabilities in trust and malicious node injection.Denialof-Service(DoS)attacks can stop many forms of operations by overwhelming networks and systems with data noise.Current anomaly detection methods require extensive software changes and only detect static threats.Data collection is important for being accurate,but it is often a slow,tedious,and sometimes inefficient process.This paper proposes a new wavelet transformassisted Bayesian deep learning based probabilistic(WT-BDLP)approach tomitigate malicious data injection attacks in 6G edge networks.The proposed approach combines outlier detection based on a Bayesian learning conditional variational autoencoder(Bay-LCVariAE)and traffic pattern analysis based on continuous wavelet transform(CWT).The Bay-LCVariAE framework allows for probabilistic modelling of generative features to facilitate capturing how features of interest change over time,spatially,and for recognition of anomalies.Similarly,CWT allows emphasizing the multi-resolution spectral analysis and permits temporally relevant frequency pattern recognition.Experimental testing showed that the flexibility of the Bayesian probabilistic framework offers a vast improvement in anomaly detection accuracy over existing methods,with a maximum accuracy of 98.21%recognizing anomalies.
基金the Deanship of Scientific Research and Libraries in Princess Nourah bint Abdulrahman University for funding this research work through the Research Group project,Grant No.(RG-1445-0064).
文摘Although digital changes in power systems have added more ways to monitor and control them,these changes have also led to new cyber-attack risks,mainly from False Data Injection(FDI)attacks.If this happens,the sensors and operations are compromised,which can lead to big problems,disruptions,failures and blackouts.In response to this challenge,this paper presents a reliable and innovative detection framework that leverages Bidirectional Long Short-Term Memory(Bi-LSTM)networks and employs explanatory methods from Artificial Intelligence(AI).Not only does the suggested architecture detect potential fraud with high accuracy,but it also makes its decisions transparent,enabling operators to take appropriate action.Themethod developed here utilizesmodel-free,interpretable tools to identify essential input elements,thereby making predictions more understandable and usable.Enhancing detection performance is made possible by correcting class imbalance using Synthetic Minority Over-sampling Technique(SMOTE)-based data balancing.Benchmark power system data confirms that the model functions correctly through detailed experiments.Experimental results showed that Bi-LSTM+Explainable AI(XAI)achieved an average accuracy of 94%,surpassing XGBoost(89%)and Bagging(84%),while ensuring explainability and a high level of robustness across various operating scenarios.By conducting an ablation study,we find that bidirectional recursive modeling and ReLU activation help improve generalization and model predictability.Additionally,examining model decisions through LIME enables us to identify which features are crucial for making smart grid operational decisions in real time.The research offers a practical and flexible approach for detecting FDI attacks,improving the security of cyber-physical systems,and facilitating the deployment of AI in energy infrastructure.
基金supported by the Science and Technology Project of State Grid Corporation of China under Grant Number 52094021N010(5400-202199534A-0-5-ZN).
文摘The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.However,the adverse effects of false data injection(FDI)attacks on the performance of LLMs cannot be overlooked.Therefore,we propose an FDI attack detection and LLM-assisted resource allocation algorithm for 6G edge intelligenceempowered distribution power grids.First,we formulate a resource allocation optimization problem.The objective is to minimize the weighted sum of the global loss function and total LLM fine-tuning delay under constraints of long-term privacy entropy and energy consumption.Then,we decouple it based on virtual queues.We utilize an LLM-assisted deep Q network(DQN)to learn the resource allocation strategy and design an FDI attack detection mechanism to ensure that fine-tuning remains on the correct path.Simulations demonstrate that the proposed algorithm has excellent performance in convergence,delay,and security.
基金supported in part by the National Science Foundation of China(61873103,61433006)。
文摘Secure control against cyber attacks becomes increasingly significant in cyber-physical systems(CPSs).False data injection attacks are a class of cyber attacks that aim to compromise CPS functions by injecting false data such as sensor measurements and control signals.For quantified false data injection attacks,this paper establishes an effective defense framework from the energy conversion perspective.Then,we design an energy controller to dynamically adjust the system energy changes caused by unknown attacks.The designed energy controller stabilizes the attacked CPSs and ensures the dynamic performance of the system by adjusting the amount of damping injection.Moreover,with the disturbance attenuation technique,the burden of control system design is simplified because there is no need to design an attack observer.In addition,this secure control method is simple to implement because it avoids complicated mathematical operations.The effectiveness of our control method is demonstrated through an industrial CPS that controls a permanent magnet synchronous motor.
文摘With the development of wireless communication technology,cyber physical systems are applied in various fields such as industrial production and infrastructure,where lots of information exchange brings cyber security threats to the systems.From the perspective of system identification with binary-valued observations,we study the optimal attack problem when the system is subject to both denial of service attacks and data tampering attacks.The packet loss rate and the data tampering rate caused by the attack is given,and the estimation error is derived.Then the optimal attack strategy to maximize the identification error with the least energy is described as a min–max optimization problem with constraints.The explicit expression of the optimal attack strategy is obtained.Simulation examples are presented to verify the effectiveness of the main conclusions.
基金This work was supported in part by the National Natural Science Foundation of China(62206109)the Fundamental Research Funds for the Central Universities(21620346)。
文摘With advanced communication technologies,cyberphysical systems such as networked industrial control systems can be monitored and controlled by a remote control center via communication networks.While lots of benefits can be achieved with such a configuration,it also brings the concern of cyber attacks to the industrial control systems,such as networked manipulators that are widely adopted in industrial automation.For such systems,a false data injection attack on a control-center-to-manipulator(CC-M)communication channel is undesirable,and has negative effects on the manufacture quality.In this paper,we propose a resilient remote kinematic control method for serial manipulators undergoing a false data injection attack by leveraging the kinematic model.Theoretical analysis shows that the proposed method can guarantee asymptotic convergence of the regulation error to zero in the presence of a type of false data injection attack.The efficacy of the proposed method is validated via simulations.
基金supported by the National Natural Science Foundation of China(61925303,62173034,62088101,U20B2073,62173002)the National Key Research and Development Program of China(2021YFB1714800)Beijing Natural Science Foundation(4222045)。
文摘This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.
基金supported by National Natural Science Foundation of China (No. 51777062)National key research and development program (No. 2018YFB0904200) the Fundamental Research Funds for the Central UniversitiesHunan science and technology project (No. 2017XK2014)
文摘With the integration of information technologies, power system operations are increasingly threatened by cyber-attacks. It has even been revealed that an attacker can inject false data into real-time measurements stealthily without knowing the full configuration(e.g., network topology) of a power system. In this paper, we present a comprehensive review on false data injection attacks which utilize barrier conditions, blind identification techniques and data driven approaches to overcome limitations of incomplete network information. We also point out future research topics for facilitating the detection and prevention of such false data attacks.
基金the supports of the National Natural Science Foundation of China (60403027) the projects of science and research plan of Hubei provincial department of education (2003A011)the Natural Science Foundation Of Hubei Province of China (2005ABA243).
文摘With the increasing deployment of wireless sensordevices and networks,security becomes a criticalchallenge for sensor networks.In this paper,a schemeusing data mining is proposed for routing anomalydetection in wireless sensor networks.The schemeuses the Apriori algorithm to extract traffic patternsfrom both routing table and network traffic packetsand subsequently the K-means cluster algorithmadaptively generates a detection model.Through thecombination of these two algorithms,routing attackscan be detected effectively and automatically.Themain advantage of the proposed approach is that it isable to detect new attacks that have not previouslybeen seen.Moreover,the proposed detection schemeis based on no priori knowledge and then can beapplied to a wide range of different sensor networksfor a variety of routing attacks.
基金the NNSF of China under Grants 61973199,62003794,62173214the Shandong Provincial NSF ZR2020QF050,ZR2021MF003。
文摘The security control of Markovian jumping neural networks(MJNNs)is investigated under false data injection attacks that take place in the shared communication network.Stochastic sampleddata control is employed to research the exponential synchronization of MJNNs under false data injection attacks(FDIAs)since it can alleviate the impact of the FDIAs on the performance of the system by adjusting the sampling periods.A multi-delay error system model is established through the input-delay approach.To reduce the conservatism of the results,a sampling-periodprobability-dependent looped Lyapunov functional is constructed.In light of some less conservative integral inequalities,a synchronization criterion is derived,and an algorithm is provided that can be solved for determining the controller gain.Finally,a numerical simulation is presented to confirm the efficiency of the proposed method.
基金National Natural Science Foundation of China(No.62172308,U1626107,61972297,62172144)。
文摘Cyber-physical systems(CPS)have been widely deployed in critical infrastructures and are vulnerable to various attacks.Data integrity attacks manipulate sensor measurements and cause control systems to fail,which are one of the prominent threats to CPS.Anomaly detection methods are proposed to secure CPS.However,existing anomaly detection studies usually require expert knowledge(e.g.,system model-based)or are lack of interpretability(e.g.,deep learning-based).In this paper,we present DEEPNOISE,a deep learning-based anomaly detection method for CPS with interpretability.Specifically,we utilize the sensor and process noise to detect data integrity attacks.Such noise represents the intrinsic characteristics of physical devices and the production process in CPS.One key enabler is that we use a robust deep autoencoder to automatically extract the noise from measurement data.Further,an LSTM-based detector is designed to inspect the obtained noise and detect anomalies.Data integrity attacks change noise patterns and thus are identified as the root cause of anomalies by DEEPNOISE.Evaluated on the SWaT testbed,DEEPNOISE achieves higher accuracy and recall compared with state-of-the-art model-based and deep learningbased methods.On average,when detecting direct attacks,the precision is 95.47%,the recall is 96.58%,and F_(1) is 95.98%.When detecting stealthy attacks,precision,recall,and F_(1) scores are between 96% and 99.5%.
文摘In this paper,we investigate the defense problem against the joint attacks of denial-of-service attacks and data tampering attacks in the framework of system identification with binary-valued observations.By estimating the key parameters of the joint attack and compensating them in the identification algorithm,a compensation-oriented defense scheme is proposed.Then the identification algorithm of system parameter is designed and is further proved to be consistent.The asymptotic normality of the algorithm is obtained,and on this basis,we propose the optimal defense scheme.Furthermore,the implementation of the optimal defense scheme is discussed.Finally,a simulation example is presented to verify the effectiveness of the main results.
基金This work was supported by a National Research Foundation of Korea(NRF)grant funded by the Korea Government(MSIT)under Grant 2020R1A2B5B01002145.
文摘Machine Learning(ML)systems often involve a re-training process to make better predictions and classifications.This re-training process creates a loophole and poses a security threat for ML systems.Adversaries leverage this loophole and design data poisoning attacks against ML systems.Data poisoning attacks are a type of attack in which an adversary manipulates the training dataset to degrade the ML system’s performance.Data poisoning attacks are challenging to detect,and even more difficult to respond to,particularly in the Internet of Things(IoT)environment.To address this problem,we proposed DISTINIT,the first proactive data poisoning attack detection framework using distancemeasures.We found that Jaccard Distance(JD)can be used in the DISTINIT(among other distance measures)and we finally improved the JD to attain an Optimized JD(OJD)with lower time and space complexity.Our security analysis shows that the DISTINIT is secure against data poisoning attacks by considering key features of adversarial attacks.We conclude that the proposed OJD-based DISTINIT is effective and efficient against data poisoning attacks where in-time detection is critical for IoT applications with large volumes of streaming data.
基金supported by the National Nature Science Foundation of China(Nos.62103357,62203376)the Science and Technology Plan of Hebei Education Department(No.QN2021139)+1 种基金the Nature Science Foundation of Hebei Province(Nos.F2021203043,F2022203074)the Open Research Fund of Jiangsu Collaborative Innovation Center for Smart Distribution Network,Nanjing Institute of Technology(No.XTCX202203).
文摘The emerging of false data injection attacks(FDIAs)can fool the traditional detection methods by injecting false data,which has brought huge risks to the security of smart grids.For this reason,a resilient active defense control scheme based on interval observer detection is proposed in this paper to protect smart grids.The proposed active defense highlights the integration of detection and defense against FDIAs in smart girds.First,a dynamic physical grid model under FDIAs is modeled,in which model uncertainty and parameter uncertainty are taken into account.Then,an interval observer-based detection method against FDIAs is proposed,where a detection criteria using interval residual is put forward.Corresponding to the detection results,the resilient defense controller is triggered to defense the FDIAs if the system states are affected by FDIAs.Linear matrix inequality(LMI)approach is applied to design the resilient controller with H_(∞)performance.The system with the resilient defense controller can be robust to FDIAs and the gain of the resilient controller has a certain gain margin.Our active resilient defense approach can be built in real time and show accurate and quick respond to the injected FDIAs.The effectiveness of the proposed defense scheme is verified by the simulation results on an IEEE 30-bus grid system.
基金This research was supported by the Universiti Sains Malaysia(USM)and the ministry of Higher Education Malaysia through Fundamental Research GrantScheme(FRGS-Grant No:FRGS/1/2020/TK0/USM/02/1).
文摘The recent developments in smart cities pose major security issues for the Internet of Things(IoT)devices.These security issues directly result from inappropriate security management protocols and their implementation by IoT gadget developers.Cyber-attackers take advantage of such gadgets’vulnerabilities through various attacks such as injection and Distributed Denial of Service(DDoS)attacks.In this background,Intrusion Detection(ID)is the only way to identify the attacks and mitigate their damage.The recent advancements in Machine Learning(ML)and Deep Learning(DL)models are useful in effectively classifying cyber-attacks.The current research paper introduces a new Coot Optimization Algorithm with a Deep Learning-based False Data Injection Attack Recognition(COADL-FDIAR)model for the IoT environment.The presented COADL-FDIAR technique aims to identify false data injection attacks in the IoT environment.To accomplish this,the COADL-FDIAR model initially preprocesses the input data and selects the features with the help of the Chi-square test.To detect and classify false data injection attacks,the Stacked Long Short-Term Memory(SLSTM)model is exploited in this study.Finally,the COA algorithm effectively adjusts the SLTSM model’s hyperparameters effectively and accomplishes a superior recognition efficiency.The proposed COADL-FDIAR model was experimentally validated using a standard dataset,and the outcomes were scrutinized under distinct aspects.The comparative analysis results assured the superior performance of the proposed COADL-FDIAR model over other recent approaches with a maximum accuracy of 98.84%.
文摘With the increasing prevalence of social networks, more and more social network data are published for many applications, such as social network analysis and data mining. However, this brings privacy problems. For example, adversaries can get sensitive information of some individuals easily with little background knowledge. How to publish social network data for analysis purpose while preserving the privacy of individuals has raised many concerns. Many algorithms have been proposed to address this issue. In this paper, we discuss this privacy problem from two aspects: attack models and countermeasures. We analyse privacy conceres, model the background knowledge that adversary may utilize and review the recently developed attack models. We then survey the state-of-the-art privacy preserving methods in two categories: anonymization methods and differential privacy methods. We also provide research directions in this area.
基金supported in part by the“Pioneer”and“Leading Goose”R&D Program of Zhejiang(Grant No.2022C03174)the National Natural Science Foundation of China(No.92067103)+4 种基金the Key Research and Development Program of Shaanxi,China(No.2021ZDLGY06-02)the Natural Science Foundation of Shaanxi Province(No.2019ZDLGY12-02)the Shaanxi Innovation Team Project(No.2018TD-007)the Xi'an Science and technology Innovation Plan(No.201809168CX9JC10)the Fundamental Research Funds for the Central Universities(No.YJS2212)and National 111 Program of China B16037.
文摘The security of Federated Learning(FL)/Distributed Machine Learning(DML)is gravely threatened by data poisoning attacks,which destroy the usability of the model by contaminating training samples,so such attacks are called causative availability indiscriminate attacks.Facing the problem that existing data sanitization methods are hard to apply to real-time applications due to their tedious process and heavy computations,we propose a new supervised batch detection method for poison,which can fleetly sanitize the training dataset before the local model training.We design a training dataset generation method that helps to enhance accuracy and uses data complexity features to train a detection model,which will be used in an efficient batch hierarchical detection process.Our model stockpiles knowledge about poison,which can be expanded by retraining to adapt to new attacks.Being neither attack-specific nor scenario-specific,our method is applicable to FL/DML or other online or offline scenarios.
