Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

Reference Information (Click Title to Read Full Text)

Huang Dongmei, Wang Yifan, Hu Anduo, et al. Detection method of false data injection attack based on unsupervised and supervised learning[J]. Electric Power Engineering Technology, 2024, 43(2):134-141.

HUANG Dongmei, WANG Yifan, HU Anduo, et al. Detection method of false data injection attack based on unsupervised and supervised learning[J]. Electric Power Engineering Technology, 2024, 43(2):134-141.

Abstract

False data injection attack (FDIA) poses a serious threat to the safety and stable operation of smart grids. This paper addresses the issues of scarce labeled data and extreme imbalance between normal and attack samples in FDIA detection by proposing an FDIA detection algorithm that integrates unsupervised and supervised learning. First, contrastive learning is introduced to capture the features of a small amount of attack data, generating new attack samples for data augmentation; then, various unsupervised detection algorithms are utilized to perform feature self-learning on massive unlabeled samples, addressing the scarcity of labeled samples; finally, the features extracted by unsupervised algorithms are fused with historical feature sets to construct a supervised XGBoost classifier for identification, outputting detection results as normal or abnormal. Case analysis on the IEEE 30-bus system shows that compared with other FDIA detection algorithms, the proposed method enhances the stability of the FDIA detection model under conditions of scarce labeled samples and data imbalance, improves the identification accuracy of FDIA, and reduces the false alarm rate.

Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

Huang Dongmei¹, Wang Yifan², Hu Anduo¹, Zhou You³, Shi Shuai², Hu Wei⁴

1. College of Electronics and Information Engineering, Shanghai University of Electric Power, 2. College of Electrical Engineering, Shanghai University of Electric Power, 3. Suzhou Power Supply Branch of State Grid Jiangsu Electric Power Co., Ltd., 4. College of Economics and Management, Shanghai University of Electric Power

Funding Project: National Social Science Fund Project (19BGL003)

Introduction

In recent years, the integration of power grids and information communication networks has led to the emergence of cyber-physical systems (CPS) where information space and physical space are deeply coupled. The collaborative interaction between information and physical sides enhances the operational capability of CPS but may also introduce new security risks. False data injection attack (FDIA) is a network attack method targeting state estimation in power systems, which compromises the integrity and accuracy of information by tampering with measurement data in the supervisory control and data acquisition (SCADA) system, leading to erroneous state estimates and operational mistakes. Therefore, researching efficient FDIA detection algorithms is of great significance for ensuring the safe and stable operation of CPS.

Machine learning-based FDIA detection can be divided into supervised learning detection and unsupervised learning detection. Supervised learning detection utilizes a small number of labeled samples from the training set to learn the characteristics of normal and abnormal data, thereby assessing whether the test set data is abnormal. Relevant literature has proposed a model that combines neural networks and random forests, using neural networks to extract feature sets from raw measurement data and then inputting them into a random forest classifier for detection. However, this approach performs poorly when normal and false data are extremely imbalanced, leading to misclassification. Other literature has suggested using resampling techniques to address data imbalance issues in supervised algorithms to improve anomaly detection capabilities. However, model training relies on labeled data, and when labeled data is scarce, the classification accuracy of the model cannot meet detection requirements.

Unsupervised learning detection utilizes the geometric characteristics of FDIA data to mine implicit normal and abnormal features, such as K-means clustering and local outlier factor. Literature has proposed an FDIA detection model based on deep belief networks (DBN), which uses DBN to perform layer-wise feature extraction on raw data, followed by constructing a classification model. However, due to the lack of guidance from labeled data, the computational complexity is high and the detection speed is slow. Other literature has proposed an unsupervised learning-based detection algorithm, which is effective when the training and test sets are highly similar and the data is rich and representative. However, in actual power systems, the frequency of FDIA occurrences is low, and the imbalance between attack data and normal data is extreme. If the model is trained directly on an imbalanced dataset, detection performance usually suffers.

In light of the issues present in unsupervised and supervised learning for FDIA detection, this paper introduces contrastive learning from the field of image processing into the FDIA detection domain, establishing a method that integrates unsupervised and supervised learning for FDIA detection. First, contrastive learning is introduced to augment the small amount of attack data in the raw measurement dataset, utilizing various unsupervised detection algorithms to extract important features from massive unlabeled samples, generating an attack scoring function (ASF); then, the ASF features are fused with the original feature set to generate a new feature space that enhances the aggregation of sample features; finally, the data is input into the supervised classifier XGBoost for detection. Experimental results indicate that even with scarce labeled data and a highly imbalanced dataset, the proposed method can still effectively achieve FDIA detection, and its classification accuracy and generalization performance exceed that of other methods.

1. Principles of FDIA Attacks

The power system control center estimates the real-time state of the system using the measurement values obtained through the SCADA system. However, since CPS is a complex nonlinear system, the highly nonlinear AC state estimation cannot guarantee convergence to a global optimal solution. To simplify the problem, the AC model is usually Taylor expanded around the operating point, resulting in an approximately linear DC state estimation model, which can be represented as:

Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

In the formula: Z represents the measurement values from SCADA, including line flows and node injection power; H is the measurement Jacobian matrix; x represents the state variables, indicating the voltage phase angles at the buses; e is the measurement noise, which follows a zero-mean Gaussian distribution. In traditional weighted least squares estimation, the objective function is:

In the formula: R is the weight matrix. Solving formula (2) yields the system state variables of the DC state estimation model:

To detect bad data in the power system, a bad data detection (BDD) mechanism can be employed. Statistical tests are performed based on the residuals r between measurement values and estimated values, as shown in formula (4).

If ‖r‖＜υ, where υ is the judgment threshold, then at least one bad data exists in the measurement data. Since r²~χ², the threshold υ can be determined based on the significance level α.

In FDIA, the attacker designs operations to conceal the attack by tampering with measurement values, deceiving the BDD module of the grid’s state estimation to avoid triggering alarms. Let Z_bad=Z+a be the measurement values after the attack, where a is the non-zero attack vector injected into the system. The residuals after the attack are given by formula (5).

In the formula: Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

represents the estimated state variables after the attack; c is the deviation vector of the estimated state variables before and after the attack.

If the injected attack vector satisfies formula (6), then FDIA will not change the system residuals, allowing it to bypass the residual detection of the grid’s BDD module and achieve FDIA.

Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

2. FDIA Detection Model

The FDIA detection model that integrates unsupervised and supervised learning is divided into three stages. The first stage uses contrastive learning to augment the number of attack samples, improving the model’s performance on imbalanced datasets; the second stage employs various unsupervised algorithms to extract features from massive unlabeled data, addressing the scarcity of labeled data in the dataset; the third stage fuses the extracted features with historical feature sets to form a new feature space, enhancing the aggregation of data features, and then uses the supervised classifier XGBoost to detect FDIA while pruning the augmented feature space to control computational complexity and improve detection efficiency. The FDIA detection process is illustrated in Figure 1, where data classified as abnormal will trigger the alarm module for FDIA detection, while normal classifications will not trigger an alarm.

Figure 1 FDIA Detection Algorithm Process

2.1

Attack Data Augmentation Based on Contrastive Learning

In actual power grids, the occurrence of FDIA is rare and the number of attack samples is limited, resulting in a significant deficiency of attack samples compared to normal samples. To increase the sample size of FDIA events, contrastive learning is employed to augment the number of attack samples, addressing the high false alarm rate and low training efficiency caused by data imbalance. The core idea of contrastive learning is to compare normal samples and attack samples in the feature space to learn the feature representation of the samples, ensuring that the new samples’ feature representations are as close as possible to those of the attack samples while being as different as possible from those of the normal samples.The model is shown in Figure 2.

Figure 2 Contrastive Learning Process

Let the original attack dataset consist of samplesY={v_i} where each sample is ad-dimensional vector. Randomly selectingm dimensions from the attack samplev_i to construct a partition generates two samples denoted as:

Among them:

The two samples are input into the feature extractor to obtain the encoded features F(a_{i, j}) and G(b_{i, j}), where F and G are autoencoders. The contrastive framework constructs attack samples Z_a and Z_b, maximizing the similarity between F(a_{i, j}) and the original attack sample G(b_{i, j}) while minimizing the similarity to the normal sample G(b_{i, j′}), where j≠j′.

To ensure that the generated new samples are close to the original attack samples, the reconstruction error between the generated new samples and the center of the original attack samples is calculated, eliminating new samples with large reconstruction errors, allowing the generated new samples to converge toward the center of the attack samples, as shown in Figure 3.

Figure 3 Contrastive Learning for Attack Sample Augmentation

The reconstruction errors of autoencoders F and G are combined to establish the loss function for the contrastive model, which can be expressed as:

The loss function of the model e_loss uses the cross-entropy function l:

Where: τ is the temperature coefficient.

2.2

Unsupervised Feature Extraction

The unsupervised feature extraction module employs ASF to extract data features. For given n-dimensional data with p features X∈ R^n×p, a mapping Φ(·) is established:X∈ Rⁿ, assigning a real-valued output to each row of the matrix X.

Different unsupervised algorithms correspond to different ASFs. In this paper, various unsupervised learning algorithms are used to extract features from the sample data, merging the multiple ASF values into the original feature space to achieve an extension of the feature space of the samples.

The k-dimensional ASFs generated by unsupervised algorithms are combined to obtain the matrix:

Applying Φ(·) on the dataset X yields the ASF matrix Φ(X):

Multiple unsupervised algorithms serve as scoring functions for feature transformation, forming heterogeneous basis functions that can capture different characteristics of outliers in specific datasets, balancing diversity and accuracy, thereby enhancing the model’s generalization ability.

2.3

Feature Fusion

Combining the features extracted from ASF in Section 2.2 with the original features forms a new feature space, enhancing the aggregation of sample features. Five distance and density-based unsupervised learning algorithms are employed to extract ASF features: K-nearest neighbor (KNN), support vector machine (SVM), local outlier factor (LOF), local outlier probabilities (LOOP), and isolation forest (iForest). After feature extraction by different unsupervised algorithms, various category feature vectors are output, which are processed and concatenated to obtain the final feature vector.

Let L represent the feature space formed by the original measurement values, denoted as:

In the formula: (x_n,y_n) represents the nth feature pair. By combining the extracted k-dimensional new features, a new feature dataset can be constructed.

The final fused feature space is formed:

After training the five classifiers, each classifier yields a feature vector of length k. The final results of the base classifiers are concatenated to form a feature vector of length l. The feature fusion framework is illustrated in Figure 4.

Figure 4 Feature Fusion Framework

2.4

Supervised Learning Detection

Supervised learning detection treats abnormal attacks as a binary or multi-class problem, training the model with detailed labeled normal and abnormal samples to extract more distinguishing features between normal and abnormal samples.

The new feature vectors formed after feature fusion are input into the supervised classifier XGBoost to generate the final output, with the specific prediction model expressed as:

In the formula: Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

represents the predicted value; K is the number of trees; f_k is the function related to the structure and leaf weight of the k-th tree; x_i is the input sample; N is the function space composed of decision trees.

At the t-th iteration, the objective function of XGBoost is:

In the formula: y_i is the actual attack category of the i-th sample; Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

is the predicted attack category at the t-th iteration; Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

is the loss function, indicating the difference between the predicted attack category and the actual attack category; Ω(f_k) is the regularization term.

The objective function is expanded using Taylor’s second-order expansion, and the greedy enumeration method is used to find the gradient boosting tree, resulting in the optimal XGBoost model.

3. Case Analysis

3.1

Experimental Data and Simulation Settings

The simulation system uses the IEEE 30-bus system as the test environment, collecting load data from the New York Independent System Operator from February to June 2020. The network topology, node data, branch parameters, etc., are obtained from MATPOWER, and the normal measurement data are generated through power flow calculations. The attack vector is designed according to the single-point injection attack method in relevant literature to ensure that FDIA can bypass the BDD system.

The experiment uses five distance and density-based estimation scoring functions for feature transformation: KNN, SVM, LOF, LOOP, and iForest. Considering that the accuracy of ASF feature extraction depends on domain parameters, different domain parameters are set for different unsupervised algorithm scoring functions. In this paper, the domain parameters for KNN and LOF are defined as {1, 5, 10, 15, …, 100}; in SVM, cross-validation is used to optimize parameters and achieve automatic tuning, with domain parameters set to {0.01, 0.1, 0.2, 0.3, 0.4, 0.5, 0.6, 0.7, 0.8, 0.9, 0.99}; since the LOOP algorithm has high computational complexity on large datasets, a smaller range of domain parameters {1, 3, 5, 10} is defined; for iForest, to achieve the algorithm’s detection performance, larger domain parameters {10, 20, 50, 70, 100, 150, 200, 500} are required. It is noteworthy that selecting different values will produce different ASFs.

A random selection of 9,000 measurement samples is used as experimental data, with normal samples labeled as 0 and attack samples labeled as 1. The samples are normalized by removing the mean and scaling to unit variance, and a random sampling of 60:40 is performed to create the training and testing sets.

3.2

Evaluation Metrics

This paper adopts precision, recall, and receiver operating characteristic (ROC) as evaluation metrics for FDIA detection to verify the effectiveness and feasibility of the proposed FDIA detection method.

Precision I_pre is calculated as follows:

In the formula: ρ_TP is the number of instances predicted by the classifier as attacks that are actually attacks; ρ_FP is the number of instances predicted by the classifier as attacks that are actually normal. The higher I_pre is, the lower the false detection rate and the better the classifier’s performance.

Recall I_rec is calculated as follows:

In the formula: ρ_FN is the number of instances predicted by the classifier as normal that are actually attacks. The higher I_rec is, the better the classifier’s performance.

Based on the confusion matrix, the true positive rate I_tpr and false positive rate I_fpr can be calculated, which reflect the classifier’s detection rate and false detection rate, respectively, defined as:

In the formula: ρ_TN is the number of instances predicted as normal that are actually normal; I_tpr is the proportion of correctly detected attack data to the total number of attack data, i.e., detection rate; I_fpr is the proportion of instances predicted as attacks that are actually normal to all normal instances, i.e., false detection rate.

3.3

Simulation Result Analysis

3.3.1 Evaluation of Contrastive Learning for Attack Sample Augmentation

To measure the impact of contrastive learning on the convergence of the algorithm, the number of attack samples in the measurement dataset is selected as 100, 200, 300, 500, and 1,000 for model training, with the convergence results shown in Figure 5. In Figure 5, before the addition of contrastive learning, the degree of data imbalance is significant, with a loss of 13.07%; after the addition of contrastive learning, the new attack detection dataset is increased, reducing the data imbalance, with cross-entropy loss dropping to 1.10%. It can be observed that the addition of contrastive learning for preprocessing the attack dataset reduces the imbalance between normal and attack samples, allowing the model to further converge and enhancing its classification performance.

Figure 5 Convergence Effects Before and After Adding Contrastive Learning

3.3.2 Comparison of Methods for Handling Scarce Labeled Samples

To measure the impact of the number of labeled samples in the measurement dataset on detection, the model in this paper is compared with various supervised and unsupervised single classifiers, unsupervised ensemble (Ens_Un) models, and supervised ensemble (Ens_Su) models from relevant literature, where the dataset contains 95% unlabeled data samples and 5% labeled data samples. Figure 6 shows the precision and recall results of the detection, where LR represents the logistic regression classifier, and DT represents the decision tree classifier. It can be seen that the performance of the detector using the Ens_Un model is slightly better than that of the Ens_Su model, consistent with experimental results in relevant literature. However, the Ens_Un model, which performs well in related literature, has a detection precision and recall of only about 70%, indicating that the detection accuracy is not high. This is because single classifiers in the ensemble adopt the majority voting method for selection, resulting in low overall performance in FDIA recognition, making it difficult to protect the data security of the power grid. The detection recall of the model in this paper is 90.49% and precision is 94.25%, significantly better than other models, mainly because the model employs unsupervised algorithms to extract ASF features from massive unlabeled data and fuses them with historical feature sets, increasing the diversity and completeness of data features, which is beneficial for detecting attacks on the power grid.

Figure 6 Comparison of Detection Metrics for Each Detector

The ROC curve, with the false positive rate on the x-axis and the true positive rate on the y-axis, describes the relative relationship between detection rate and false detection rate, as shown in Figure 7. The area under the ROC curve (AUC) is an important metric for measuring detector performance; if the detector’s performance is superior, the AUC value approaches 1. The AUC values of each detector are shown in Table 1, indicating that the detection model from the comparison experiment has AUC values below 75%, while the detection method proposed in this paper can ensure a high detection rate with a low false detection rate, achieving an AUC value of 97.2%. This demonstrates that the model can accurately detect attacks, has good classification performance, and can effectively protect the safety of the power grid.

Figure 7 Comparison of ROC Curves for Each Detector

Table 1 AUC Values of Each Detector

3.3.3 Detection Effects of Different Ratios of Positive and Negative Samples

Since the occurrence of FDIA in actual power systems is rare, instances of attack classes are far fewer than instances of normal classes, resulting in an extremely imbalanced dataset. To verify the applicability of the model in this paper for FDIA recognition under extremely imbalanced datasets, algorithms for handling imbalanced datasets, such as SMOTE oversampling technique, convolutional neural network model, and semi-supervised autoencoder model, are compared with the model in this paper. Among them, SMOTE oversampling is set with a penalty function of 0.1, completing training when the precision of the test set remains basically unchanged. The convolutional neural network model is set with 5 convolutional layers, 5 max-pooling layers, and 3 fully connected layers, selecting the Sigmoid function as the activation function, with a learning rate of 0.01, using stochastic gradient descent optimizer. To avoid overfitting, the cross-entropy loss function includes a regularization term. The autoencoder parameters are set with one encoder layer and one decoder layer, using cross-entropy as the loss function and Adam optimizer. The detection precision of each detection scheme under different positive and negative sample ratios is shown in Table 2. On one hand, as the imbalance of positive and negative sample ratios increases, the detection accuracy of each detection scheme decreases, because as the positive and negative sample ratios increase, the algorithm’s recognition rate declines. On the other hand, it is found that even under an extremely imbalanced condition with a positive to negative sample ratio of 50:1, the detection precision of the model in this paper can still reach 90%.

Table 2 Detection Precision Under Different Positive and Negative Sample Ratios

To further validate the detection capability of the model in this paper for imbalanced data, Figure 8 presents the box plot of the F1 score for the three algorithms: oversampling, convolutional network, and the model in this paper when the positive to negative sample ratio is 50:1.

Figure 8 Box Plot of F1 Score at Positive to Negative Sample Ratio of 50:1

From Figure 8, it can be seen that the F1 score of the detection results from the model in this paper is 90.65%, significantly better than other algorithms, and the experimental results are more concentrated, indicating that the model training can learn more features of the attack class, enhancing the model’s classification ability. Figure 9 shows the confusion matrix for FDIA detection of the model in this paper, revealing that after data balancing through contrastive learning and the improved feature fusion through unsupervised learning, the model’s learning ability is enhanced, improving classification capability.

Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

Figure 9 Confusion Matrix of FDIA Detection Model

4. Conclusion

To address the issues of scarce labeled samples and the imbalance between normal and attack samples leading to poor detection accuracy and weak generalization ability of conventional FDIA detection models in power systems, this paper proposes an FDIA detection algorithm that integrates unsupervised and supervised learning. The research results indicate:

(1) Introducing contrastive learning in the training phase to generate high-quality attack data for data augmentation can reduce the imbalance between normal and attack samples. The convergence performance significantly improves after employing contrastive learning to augment attack samples, increasing the model’s reliability in FDIA recognition.

(2) Using unsupervised learning for feature mining and induction, various unsupervised algorithms generate ASF for feature extraction, enabling the model parameters to adapt to the feature representation of scarce labeled samples, outperforming traditional machine learning models in terms of precision, recall, and ROC metrics, thus solving the issue of scarce labeled samples.

(3) Leveraging the advantages of feature fusion, the generated ASF new features and historical data features are fused to enhance the aggregation of sample features. Furthermore, experimental results validate that the proposed method achieves high detection accuracy and efficiency, demonstrating better generalization ability.

Given the deviations in the completeness and accuracy of actual power network measurement data, future research could explore FDIA detection methods considering data cleaning and completion as preprocessing steps.

Authors and Team Introduction

Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

Huang Dongmei (1964): Female, Master, Professor, Doctoral Supervisor, Research direction in marine and electric power spatiotemporal information technology (E-mail: [email protected]);

Wang Yifan (1998): Male, Master’s student, Research direction in false data injection attack detection;

Hu Anduo (1983): Male, Doctor, Lecturer, Research direction in power load forecasting and false data injection attack detection.

↓ Related Articles ↓

Huang Chongxin, Hong Minglei, Fu Shuai, et al. Active Distribution Network Distributed State Estimation Considering False Data Injection Attacks[J]. Electric Power Engineering Technology, 2022, 41(3):22-31.

Xie Yunyun, Yan Xinteng, Sang Zi, et al. False Data Injection Attack Methods for AC/DC Hybrid Systems[J]. Electric Power Engineering Technology, 2022, 41(1):165-172.

Xie Yunyun, Yan Xinteng, Yan Zi Ao, et al. Optimization of False Data Injection Attack Strategies for AC/DC Hybrid Grids[J]. Electric Power Engineering Technology, 2023, 42(4):94-101.

Qiu Xing, Yin Shihong, Zhang Zihan, et al. Non-Intrusive Load Identification Method Based on V-I Trajectory and Higher Harmonic Features[J]. Electric Power Engineering Technology, 2021, 40(6):34-42.

Yan Xueying, Qin Chuan, Ju Ping, et al. Research on Optimal Feature Selection of Load Power Models[J]. Electric Power Engineering Technology, 2021, 40(3):84-91.

Important Notice: According to the relevant regulations of the National Copyright Administration, any reproduction or excerpt of this WeChat article by paper media, websites, Weibo, or WeChat official accounts must include this WeChat name, QR code, and other key information, and indicate “Original from Electric Power Engineering Technology” at the beginning. Individuals may forward and share according to the original text of this WeChat article.

Editor: Zhang Tiantian

Review: Jiang Lin Detection of False Data Injection Attacks Using Unsupervised and Supervised Learning

Leave a Comment Cancel reply