This work proposes a moving target defense (MTD) strategy to detect coordinated cyber-physical attacks (CCPAs) against power grids. A CCPA consists of a physical attack, such as disconnecting a transmission line, followed by a coordinated cyber attack that injects false data into the sensor measurements to mask the effects of the physical attack. Such attacks can lead to undetectable line outages and cause significant damage to the grid. The main idea of the proposed approach is to invalidate the knowledge that the attackers use to mask the effects of the physical attack by actively perturbing the grid's transmission line reactances using distributed flexible AC transmission system (D-FACTS) devices. We identify the MTD design criteria in this context to thwart CCPAs. The proposed MTD design consists of two parts. First, we identify the subset of links for D-FACTS device deployment that enables the defender to detect CCPAs against any link in the system. Then, in order to minimize the defense cost during the system's operational time, we use a game-theoretic approach to identify the best subset of links (within the D-FACTS deployment set) to perturb which will provide adequate protection. Extensive simulations performed using the MATPOWER simulator on IEEE bus systems verify the effectiveness of our approach in detecting CCPAs and reducing the operator's defense cost.
翻译:这项工作提议了一个移动目标防御(MTD)战略,以探测对电网的网络物理攻击(CCPAs)的协调性攻击。CCPA由物质攻击组成,例如断开传输线,然后是协调的网络攻击,将虚假数据输入传感器测量,以掩盖身体攻击的影响。这种攻击可能导致无法检测的线流流出,并对电网造成重大损坏。拟议方法的主要想法是否定攻击者利用分布式的灵活AC传输系统(D-FACTS)装置来掩盖实际攻击的影响的知识。我们在此背景下确定了MTD设计标准,以挫败CCPAs。提议的MTD设计包括两个部分。首先,我们确定了D-FACTS装置部署的链接,使防御者能够对系统中的任何连接进行检测。然后,为了在系统运行期间通过积极干扰干扰电网传输线反应来最大限度地降低防御成本,我们使用游戏性理论方法来确定网络传输线路的最佳部分(在D-FACTPA系统内部进行磁性核查后,将使用MAFATS系统进行适当的S-CSMACTS的升级系统,以降低内部定位系统的成本)。