False data injection attack (FDIA) is a critical security issue in power
system state estimation. In recent years, machine learning (ML) techniques,
especially deep neural networks (DNNs), have been proposed in the literature
for FDIA detection. However, they have not considered the risk of adversarial
attacks, which were shown to be threatening to DNN’s reliability in different
ML applications. In this paper, we evaluate the vulnerability of DNNs used for
FDIA detection through adversarial attacks and study the defensive approaches.
We analyze several representative adversarial defense mechanisms and
demonstrate that they have intrinsic limitations in FDIA detection. We then
design an adversarial-resilient DNN detection framework for FDIA by introducing
random input padding in both the training and inference phases. Extensive
simulations based on an IEEE standard power system show that our framework
greatly reduces the effectiveness of adversarial attacks while having little
impact on the detection performance of the DNNs.
Go to Source of this post
Author Of this post: <a href="http://arxiv.org/find/cs/1/au:+Li_J/0/1/0/all/0/1">Jiangnan Li</a>, <a href="http://arxiv.org/find/cs/1/au:+Yang_Y/0/1/0/all/0/1">Yingyuan Yang</a>, <a href="http://arxiv.org/find/cs/1/au:+Sun_J/0/1/0/all/0/1">Jinyuan Stella Sun</a>, <a href="http://arxiv.org/find/cs/1/au:+Tomsovic_K/0/1/0/all/0/1">Kevin Tomsovic</a>, <a href="http://arxiv.org/find/cs/1/au:+Qi_H/0/1/0/all/0/1">Hairong Qi</a>