False Data Injection Attack Detection for Secure Distributed Demand Response in Smart Grids

Distributed demand response (DR) schemes for smart energy networks rely on data from various sources, many of them outside the network operator’s perimeter. Therefore, compromised inputs from false data injection attacks (FDIAs) can be detrimental to the expectations of stakeholders, pro-vide financial benefits to malicious actors, compromise the commercial viability of the scheme and have the potential to disrupt the energy supply. Due to the heterogeneity of data sources, FDIAs are arduous to prevent with standard security controls. Thus, detecting FDIAs is necessary to facilitate impact mitigations. However, FDIA detection in the residential DR context is arduous, given the inherent challenges such as the noisiness of residential demand, lack of labelled data in real-life settings, and variety and dynamicity of demand forecasts (e.g., weekdays vs weekend, different months/seasons). Addressing mentioned challenges, in this paper, we propose a data-driven unsupervised anomaly detection approach, named Clustering-based Spectral Residual (CSR), to detect false data injection attacks in smart grids’ DR. The CSR model is based on the popular k-means clustering and Spectral Residual method. The combination highlights the attack time slots, which increases the detection accuracy in our model. A supervised model is also proposed based on Convolutional Neural Network (CNN) to increase the detection accuracy in scenarios where label information is available. Using an energy consumption dataset from Austin, Texas, as a case study and through extensive experimental results, we show that our proposed CSR and CNN models outperform 25 widely used anomaly detection benchmarks.