Mohamed I. Ibrahem

Mohamed Elmahallawy, Tie Luo, Mohamed I. Ibrahem

Satellite technologies have advanced drastically in recent years, leading to a heated interest in launching small satellites into low Earth orbit (LEOs) to collect massive data such as satellite imagery. Downloading these data to a ground station (GS) to perform centralized learning to build an AI model is not practical due to the limited and expensive bandwidth. Federated learning (FL) offers a potential solution but will incur a very large convergence delay due to the highly sporadic and irregular connectivity between LEO satellites and GS. In addition, there are significant security and privacy risks where eavesdroppers or curious servers/satellites may infer raw data from satellites' model parameters transmitted over insecure communication channels. To address these issues, this paper proposes FedSecure, a secure FL approach designed for LEO constellations, which consists of two novel components: (1) decentralized key generation that protects satellite data privacy using a functional encryption scheme, and (2) on-orbit model forwarding and aggregation that generates a partial global model per orbit to minimize the idle waiting time for invisible satellites to enter the visible zone of the GS. Our analysis and results show that FedSecure preserves the privacy of each satellite's data against eavesdroppers, a curious server, or curious satellites. It is lightweight with significantly lower communication and computation overheads than other privacy-preserving FL aggregation approaches. It also reduces convergence delay drastically from days to only a few hours, yet achieving high accuracy of up to 85.35% using realistic satellite images.

Mahmoud M. Badr, Mohamed I. Ibrahem, Mohamed Mahmoud et al.

In smart grid, malicious customers may compromise their smart meters (SMs) to report false readings to achieve financial gains illegally. Reporting false readings not only causes hefty financial losses to the utility but may also degrade the grid performance because the reported readings are used for energy management. This paper is the first work that investigates this problem in the net-metering system, in which one SM is used to report the difference between the power consumed and the power generated. First, we prepare a benign dataset for the net-metering system by processing a real power consumption and generation dataset. Then, we propose a new set of attacks tailored for the net-metering system to create malicious dataset. After that, we analyze the data and we found time correlations between the net meter readings and correlations between the readings and relevant data obtained from trustworthy sources such as the solar irradiance and temperature. Based on the data analysis, we propose a general multi-data-source deep hybrid learning-based detector to identify the false-reading attacks. Our detector is trained on net meter readings of all customers besides data from the trustworthy sources to enhance the detector performance by learning the correlations between them. The rationale here is that although an attacker can report false readings, he cannot manipulate the solar irradiance and temperature values because they are beyond his control. Extensive experiments have been conducted, and the results indicate that our detector can identify the false-reading attacks with high detection rate and low false alarm.

Mohamed I. Ibrahem, Mohamed Mahmoud, Mostafa M. Fouda et al.

In advanced metering infrastructure (AMI), smart meters (SMs), which are installed at the consumer side, send fine-grained power consumption readings periodically to the electricity utility for load monitoring and energy management. Change and transmit (CAT) is an efficient approach to collect these readings, where the readings are not transmitted when there is no enough change in consumption. However, this approach causes a privacy problem that is by analyzing the transmission pattern of an SM, sensitive information on the house dwellers can be inferred. For instance, since the transmission pattern is distinguishable when dwellers are on travel, attackers may analyze the pattern to launch a presence-privacy attack (PPA) to infer whether the dwellers are absent from home. In this paper, we propose a scheme, called "STDL", for efficient collection of power consumption readings in AMI networks while preserving the consumers' privacy by sending spoofing transmissions (redundant real readings) using a deep-learning approach. We first use a clustering technique and real power consumption readings to create a dataset for transmission patterns using the CAT approach. Then, we train an attacker model using deep-learning, and our evaluations indicate that the success rate of the attacker is about 91%. Finally, we train a deep-learning-based defense model to send spoofing transmissions efficiently to thwart the PPA. Extensive evaluations are conducted, and the results indicate that our scheme can reduce the attacker's success rate, to 13.52% in case he knows the defense model and to 3.15% in case he does not know the model, while still achieving high efficiency in terms of the number of readings that should be transmitted. Our measurements indicate that the proposed scheme can reduce the number of readings that should be transmitted by about 41% compared to continuously transmitting readings.

Mohamed I. Ibrahem, Mahmoud Nabil, Mostafa M. Fouda et al.

In advanced metering infrastructure (AMI), smart meters (SMs) are installed at the consumer side to send fine-grained power consumption readings periodically to the system operator (SO) for load monitoring, energy management, billing, etc. However, fraudulent consumers launch electricity theft cyber-attacks by reporting false readings to reduce their bills illegally. These attacks do not only cause financial losses but may also degrade the grid performance because the readings are used for grid management. To identify these attackers, the existing schemes employ machine-learning models using the consumers' fine-grained readings, which violates the consumers' privacy by revealing their lifestyle. In this paper, we propose an efficient scheme that enables the SO to detect electricity theft, compute bills, and monitor load while preserving the consumers' privacy. The idea is that SMs encrypt their readings using functional encryption, and the SO uses the ciphertexts to (i) compute the bills following dynamic pricing approach, (ii) monitor the grid load, and (iii) evaluate a machine-learning model to detect fraudulent consumers, without being able to learn the individual readings to preserve consumers' privacy. We adapted a functional encryption scheme so that the encrypted readings are aggregated for billing and load monitoring and only the aggregated value is revealed to the SO. Also, we exploited the inner-product operations on encrypted readings to evaluate a machine-learning model to detect fraudulent consumers. Real dataset is used to evaluate our scheme, and our evaluations indicate that our scheme is secure and can detect fraudulent consumers accurately with low communication and computation overhead.