Towards Adversarial-Resilient Deep Neural Networks for False Data Injection Attack Detection in Power Grids
This addresses security threats in power systems by improving detection reliability against adversarial attacks, but it is incremental as it adapts existing defense mechanisms to a specific domain.
The paper tackles the problem of false data injection attacks in power grids by proposing an adversarial-resilient deep neural network detection framework, which significantly reduces adversarial attack effectiveness with negligible impact on detection performance in simulations.
False data injection attacks (FDIAs) pose a significant security threat to power system state estimation. To detect such attacks, recent studies have proposed machine learning (ML) techniques, particularly deep neural networks (DNNs). However, most of these methods fail to account for the risk posed by adversarial measurements, which can compromise the reliability of DNNs in various ML applications. In this paper, we present a DNN-based FDIA detection approach that is resilient to adversarial attacks. We first analyze several adversarial defense mechanisms used in computer vision and show their inherent limitations in FDIA detection. We then propose an adversarial-resilient DNN detection framework for FDIA that incorporates random input padding in both the training and inference phases. Our simulations, based on an IEEE standard power system, demonstrate that this framework significantly reduces the effectiveness of adversarial attacks while having a negligible impact on the DNNs' detection performance.