ADSC researcher improves power control system attack detection


Allie Arp, CSL

Cybersecurity is improving and advancing at a rapid pace, but so are cyber-attackers. When a cyber attack happens, there are often many steps taken to combat its actions and regain control of the attacked
Xin Lou
Xin Lou
center. This only works, however, if people are aware of the attack has happened. In some power system control centers, volatile attacks can remain hidden for years. In an effort to detect this type of malware, ADSC research scientist Xin Lou is working on a new kind of anomaly detection software.

The project, “Anomaly detection in power system control centers (PSCC) and state estimation” hopes to create software that will detect this type of attack at a high level of precision, without increasing the number of false positives reported. Lou plans to use a machine-learning based approach to improve on current detection software.

“Currently, most of the anomaly detection techniques are a model-based approach, where we have to build accurate mathematical model of the system, which is impossible in highly complexed cyber-physical systems,” said Lou. “In our project, we will propose novel machine learning based techniques to deal with the time sequence signals and an approach can detect anomalies in the real-time manner. This will allow the system operator to find out about the anomaly as early as possible and thus the mitigation strategies can be applied.”

Even if not malicious, an anomaly within the software of a power system can cause the system to degrade more rapidly and eventually lead to damages in the system. This is why timely detection of any type of difference is important in preventing the system from breaking down, whether from attacks or component failures.

This research is part of an academic-industry partnership between Illinois ADSC in Singapore and Microsec and is funded by NCR Programme.