TY - GEN
T1 - Cyber-Physical GNN-Based Intrusion Detection in Smart Power Grids
AU - Sweeten, Jacob
AU - Takiddin, Abdulrahman
AU - Ismail, Muhammad
AU - Refaat, Shady S.
AU - Atat, Rachad
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - The smart power grid is a critical infrastructure that has been targeted recently by several cyber-attacks. Hence, it is important that advancements are made in intrusion detection systems (IDSs). Recently, promising results have been reported using deep machine learning techniques to develop effective IDSs. However, the existing studies suffer from the following limitations: (a) The adoption of either only physical features (power system measurements) or only cyber features (network logs) in the development of IDSs; (b) The adoption of deep learning techniques that operate on 2D data, while power system measurements are graph-structure data. In this paper, we address these limitations and propose an effective IDS against false data injection and ransomware attacks. Our proposed IDS improves the attack detection performance by (a) fusing cyber-physical features collected from a practical testbed and (b) adopting a topology-aware model based on a graph neural network (GNN) to exploit the spatial and temporal correlation within the data. Our experimental results demonstrate the superior performance of our IDS compared with benchmarks that are based on topology-unaware models and use solely cyber or physical data.
AB - The smart power grid is a critical infrastructure that has been targeted recently by several cyber-attacks. Hence, it is important that advancements are made in intrusion detection systems (IDSs). Recently, promising results have been reported using deep machine learning techniques to develop effective IDSs. However, the existing studies suffer from the following limitations: (a) The adoption of either only physical features (power system measurements) or only cyber features (network logs) in the development of IDSs; (b) The adoption of deep learning techniques that operate on 2D data, while power system measurements are graph-structure data. In this paper, we address these limitations and propose an effective IDS against false data injection and ransomware attacks. Our proposed IDS improves the attack detection performance by (a) fusing cyber-physical features collected from a practical testbed and (b) adopting a topology-aware model based on a graph neural network (GNN) to exploit the spatial and temporal correlation within the data. Our experimental results demonstrate the superior performance of our IDS compared with benchmarks that are based on topology-unaware models and use solely cyber or physical data.
KW - and graph neural networks
KW - false data injection attacks
KW - Intrusion detection systems
KW - ransomware attacks
UR - http://www.scopus.com/inward/record.url?scp=85180785347&partnerID=8YFLogxK
U2 - 10.1109/SmartGridComm57358.2023.10333949
DO - 10.1109/SmartGridComm57358.2023.10333949
M3 - Conference contribution
AN - SCOPUS:85180785347
T3 - 2023 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2023 - Proceedings
BT - 2023 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2023 - Proceedings
PB - Institute of Electrical and Electronics Engineers (IEEE)
T2 - 14th IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2023
Y2 - 31 October 2023 through 3 November 2023
ER -