Data-Driven and Low-Sparsity False Data Injection Attacks in Smart Grid

Recent researches on data-driven and low-sparsity data injection attacks have been presented, respectively. To combine the two main goals (data-driven and low-sparsity) of research, this paper presents a data-driven and low-sparsity false data injection attack strategy.The proposed attacking strategy (EID: Eliminate-Infer-Determine) is divided into three stages. In the first step, the intercepted data is preprocessed by sparse optimization techniques to eliminate the outliers.The recovered data is then exploited to learn about the system matrix based on the parallel factorization algorithm in the second step. In the third step, the approximated system matrix is applied for the design of sparse attack vector based on the convex optimization. The simulation results show that the EID attack strategy achieves a better performance than the improved ICA-based attack strategy in constructing perfect sparse attack vectors. What is more, data-driven implementation of the proposed strategy is also presented which ensures attack performance even without the prior information of the system.


Introduction
Driven by the smart grid, various emerging information and communication technologies are being integrated into the electric power grid, such as advanced metering infrastructures (AMI), intelligent electronic devices, and IEC 61850 based substations [1].The in-depth integration of information technologies and communication networks enables the system operators to monitor the real-time operation and take emergency control measures to alleviate risks.However, modern power systems are also subject to numerous cyberattacks on account of the vulnerabilities of the information technologies and communication networks.
State estimation is used to acquire power system state's best estimate by analyzing meter measurements.The output of state estimation is used by the control center operators as they perform security-constrained economic dispatch (SCED), optimal power flow (OPF), contingency analysis (CA), etc. Liu et al. [2] demonstrate that the power system state estimators are at present greatly vulnerable to the cyberattacks.Liu et al. reveal that the Bad Data Detection (BDD) algorithm cannot detect the attack if certain strategies are adopted and the new class of attacks is called false data injection attacks (FDIA).So far, numerous research works have been carried out due to the hiddenness of FDIA and the serious consequences of the attacks, discussed below.
The FDIA proposed by Liu et al. requires two conditions in order to achieve the purpose of arbitrarily tampering state estimation results: one is that attackers have preceding knowledge of the system structure matrix; the other is that attackers need to control all of the meter readings.However, the two conditions above are difficult to achieve in the actual attacks for two reasons.First, the system structure matrix is usually unknown to the attacker.In fact, it is often safeguarded by the system operator.Second, as the attacker has access to only a small quantity of meter measurements typically, it is quite hard to control all of the meter measurements in practice.To facilitate real-world attacks, there are two main lines of research on the construction of false data injection attack vectors as discussed below.
The first line of research is on implementing a successful attack based on prior knowledge of the system structure matrix by controlling only a few meter measurements.Kim and Poor [3] proposed a general optimization scheme to construct low-sparsity attack vectors when a subset of meter sensors are safeguarded, while Ozay et al. [4] extended the low-sparsity attack vector construction scheme to a distributed one.Sandberg et al. [5] thought about sparse attacks that target crucial sensors, which are sensitive to attacks and crucial for the observability of the power system.Hao et al. [6] proposed an effective attack vector construction algorithm generating highly sparse attack vectors rapidly.Another line of research is on carrying out FDI attacks without prior knowledge of the system structure matrix.Esmalifalak et al. [7] proposed to identify a mixing matrix based on independent component analysis (ICA) from which an undetectable attack is launched.In this work, Esmalifalak presumed that the prior information of the system is unknown to the attacker and the attacker can carry out stealthy attacks based on the measurement matrix.Yu and Chin [8] proposed a blind FDI attack construction strategy based on principal component analysis (PCA), which stealthily and successfully attacks the system by the meter measurements.Kim et al. [9] proposed a similar approach for attack construction in view of both partial measurements and full measurements.The above data-driven strategies all presume that the meter measurements are noiseless or involve random noise following Gaussian distribution.However, gross errors (e.g., errors that do not follow Gaussian distribution), which are prevalent in other applications (e.g., bioinformatics, image processing), are also omnipresent in power grid measurements owning to communication errors, data losses, or sensor malfunctions.Theoretically, as long as the data include gross errors, the PCA's accuracy will be affected [10].Anwar et al. [11] demonstrated that PCA based attack schemes are invalid in the presence of gross errors and proposed a technique to overcome this limitation.
The research of the two lines has a relatively independent development.This paper attempts to combine the two main lines of research; that is, this paper attempts to solve the problem of carrying out low-sparsity attacks through estimating system structure matrix without prior knowledge of the system information.Moreover, this paper will provide a data-driven and low-sparsity false data injection attack strategy which is more suitable for real-world attacks.The main contributions of this paper are threefold: (1) In the data-driven approach, the attack vector is determined based on the measurement signals only based on PARAFAC (parallel factor analysis) method.In the lowsparsity approach, the attack vector can be constructed based on the convex optimization as a sparse term where only few components are nonzeros, which indicates that a small number of sensors need to be controlled.We combine the data-driven blind attack strategy and low-sparsity attack strategy in order to provide a more practical attack strategy: EID (Eliminate-Infer-Determine) attack strategy.
(2) We consider the existence of gross errors and propose a technique based on sparse optimization overcoming this limitation by extracting the outliers from the data, which successfully generates stealthy FDI attacks in the presence of outliers.The proposed EID attack strategy using Augmented Lagrange Multiplier (ALM) approach can carry out stealthy FDI attacks successfully with the existence of gross errors.
(3) We provide a comprehensive consideration of the situations of the attack process and propose a pragmatic three-stage attack strategy.In the first step, the intercepted data is preprocessed by sparse optimization techniques to eliminate the outliers.The recovered data is then exploited to learn about the system matrix based on the parallel factorization algorithm in the second step.In the third step, the approximated system matrix is applied for the design of sparse attack vector based on the convex optimization.
The rest of this paper is ordered as follows: The preliminaries are given in Section 2. The attack disclosure analysis is explored in Section 3. A three-stage data-driven attack strategy is demonstrated in Section 4. Experimental outcomes and analyses using the IEEE 14-bus, 30-bus, 118-bus, and 300-bus systems are given in Section 5.The conclusions are provided in Section 6.

Preliminaries
2.1.System Model.Here, a typical formulation of the state estimation problem is presented using a DC power flow model.
In reality, there are more sensor measurements in the power system than those needed for observability; i.e.,  > .When  is greater than , as is in the representative case, state estimation involves figuring out an overdetermined system of linear equations.The issue is usually worked out by the weighted least squares (WLS) algorithm.
Due to device misconfiguration, device failures, or other errors, meter measurements used for state estimation may be inaccurate.Thus, it is extremely necessary to detect the presence of bad measurements.Prevailing power systems use BDD to compare the measurement residual with a threshold .
If ‖‖ > , the system identifies bad data measurements.Differently,  is regarded as a regular measurement.

Undetectable False Data Injection Attacks.
In [2], Liu et al. present undetectable false data injection attacks that can bypass BDD as discussed below.
Then the measurement residual changes with manipulated data.

‖𝑟‖ = 󵄩 󵄩 󵄩 󵄩 𝑧
Obviously, if  = , the residual remains unchanged and the manipulated measurement is able to bypass the BDD.
2.3.Low-Sparsity Undetectable Attacks.Giani et al. [12] provide a strict mathematic definition and a corresponding theorem of the undetectable attack with low-sparsity.
Definition 1.An attack  = (Ω, ) consists of an attack sensor set Ω and an attack vector .The nonzero elements of  correspond to the attack sensors in Ω; i.e.,   ̸ = 0 ⇐⇒  ∈ Ω.The number of sensor set Ω is |Ω| = , and it reveals the sparsity of the attack ; i.e., ‖ 0 ‖ = .Let  represent a collection of all meters.Moreover, let Θ =  \ Ω represent the complement of Ω.Without a loss of generality, assume that the rows of  can be permuted; an attack  = (Ω, ) is said to be undetectable with low-sparsity if where  = (Ω, :) and  = (Θ, :).
Definition 1 reveals two critical components of undetectable attacks with low-sparsity: the attack sensor sets and the corresponding attack vectors.Mathematical conditions are provided by Theorem 2 to find out an undetectable attack with low-sparsity.These results suggest that based on the system matrix's complete knowledge, the attacker can design corresponding attack vectors.Nonetheless, the situation is very difficult to meet, because this information is usually well protected.Thus, we should try to relax the conditions of carrying out a low-sparsity undetectable attack.In the next section, based on the system matrix's incomplete knowledge, we will provide the low-sparsity undetectable attacks with an attack analysis.

Low-Sparsity False Data Injection Attacks with an Incomplete Knowledge of System Matrix
In this part, an approach to find out the attack sensor set is provided.Let  and  represent the collection of all bus injection sensors and the collection of all branch power flow sensors.Here,  = {, }.Every attack sensor collection   = {  ,   },  ∈ {1, ⋅ ⋅ ⋅ ,  + 1}, where   and   denote the set of adjacent bus sensors of the -th bus injection sensor (self-included) and the set of branch power flow sensors that connect its adjacent bus sensors with the -th bus injection sensor, respectively.In regard to the power system's sparse topology, the attack sensors satisfy |  | ≪ .Note that the attack sensors   rely only on the power system's local topology.For instance, Figure 1 demonstrates a 5-sparse attack sensor set.
Based on the proposed attack sets, a method to determine sparse attack vector corresponding to the attack sensor set   is provided.Let   represent the observed modification of the state variables: where   is nonzero.The sparse attack vector is represented as follows.

Moreover, we can derive corresponding attack vectors by both the incomplete knowledge of submatrix 𝐻(𝑆
Theorem 3 ensures that the above attack is undetectable.What is more, the attack is irreducible which means that a minimum set of attack sensors is required in an undetectable attack.The theorem proves in theory that the undetectable attack with low-sparsity can be implemented using the incomplete system matrix (  , :) and corresponding sensors   .As a matter of fact, the information of (  , :) is usually well protected and unknown to the attacker.In the following part, we will provide a three-stage data-driven attack strategy to demonstrate that the incomplete system matrix can be inferred and used to perform an undetectable attack with low-sparsity.

Data-Driven and Low-Sparsity Attack Strategy
Li et al. [13] have pointed out that the interception of the unprotected sensor meters during the transmission of meter measurement can be utilized for attack.In this case, it is assumed that the eavesdropping data is used to design lowsparsity undetectable attacks.Based on observation above, a three-stage data-driven attack strategy (EID (Eliminate-Infer-Determine) attack strategy) is presented as follows: (1) First, the intercepted meter data are preprocessed to eliminate the outliers.Gross errors (e.g., outliers) are omnipresent in power grid measurements on account of sensor failures or communication errors so that the traditional data-driven based attack strategies are often invalid.Therefore, it is necessary that the intercepted data should be preprocessed based on sparse optimization techniques to eliminate the outliers in the first stage.
(2) At the second stage, an identification method to infer the system's incomplete knowledge is adopted.Besides, a necessary model transformation is required to guarantee the system matrix's identifiability.
(3) At the third stage, sparse attack vector is determined based on inferred information of the system matrix.An approach for designing sparse attack vector is proposed applying the obtained linear structure matrix.

First
Step: Eliminating the Outliers.Assume that the measurement matrix that contains outliers is written as where  stands for the original matrix needed to be restored, which is of low rank;  stands for outliers, which is a sparse matrix. and  need to be separated from the raw measurement matrix containing outliers   before generating attack vectors.This is a matrix recovery issue that can be expressed as below.
In the convex optimization issue above, ‖ • ‖ * represents a matrix's nuclear norm, ‖ • ‖ 1 represents a matrix's  1 norm, and  denotes the positive weighting parameter [14].To deal with this trouble, the Augmented Lagrange Multiplier (ALM) [15] approach is used as follows.
The ALM approach can be applied for common constraint optimization issues as discussed below.
The optimization process is worked out by two update stages.
Equation ( 16) is solvable from the soft shrinkage formula [16], using an iterative method which employs the matrix's singular value decomposition (  −   +  −1    ).Thereafter, we can obtain the rectangular diagonal matrix  and unitary matrix , .Then, update .
And update .
and  are updated throughout each iteration as discussed below: where Ψ represents a positive constant.The optimization process proceeds till the convergence standards are satisfied.The method's convergence is checked over based on the relative error using (22) against a tolerance, .
The original measurement matrix Z is restored, once the algorithm has converged.A stealthy attack vector that is based on recovered measurement matrix can be then constructed.

Second Step: Inferring the System's Incomplete Knowledge.
Similar to the research of [17,18], based on the load variables, model (1) can be firstly transformable into a linearly independent model.Let  = [ 1 ⋅ ⋅ ⋅    ]  represent the system load variables, where   is the loads number (  < ).As the state variable  is associated with the load variable , the relationship can be expressed as a nonlinear function  = ().Without generality's loss, the elements of  are statistically independent, and (0) = 0. We can approximately have  =  (0) + Γ ( − 0) +  (‖ − 0‖ where  = [ 1 ⋅ ⋅ ⋅    ] = Γ ∈  ×  represents a new system matrix.Due to the load variables' independence, (24) is a linearly independent system.
The subsystem matrix's unknown knowledge needs to be identified using the eavesdropped data, as stated in Theorem 3. The estimation issue is in essence equal to identification of the matrix (  , :) = (  , :)Γ that is based on (24).To simplify the symbol, the new matrix  in place of (  , :) is addressed.The necessary explanations will be provided at the section's end for completeness.In particular, a new system matrix with eavesdropping meter data can be inferred using a multiway decomposition approach such as PARAFAC [19,20].Here, it is assumed that a series of sensor data with T samples are intercepted.We can calculate the intercepted data as a high order cumulant, such as a fourth order tensor: where  1 ,  2 ,  3 ,  4 = 1, 2, ⋅ ⋅ ⋅  and (•) denotes the moments of the distribution.The tensor in (25) can be decomposed as follows: where   is the kurtosis of the -th load variable; i.e.,   = (  ,   ,   ,   ).In [21], the authors have shown that the decomposition as in ( 26) is generally unique if ( + 1)( + 2)( + 3)/(4!) ≥   .Based on the condition, the minimal eavesdropped measurements  min is determined when the load number   is given, which is shown in Table 1.
Generally, we can model the decomposition of equation (26) as a constraint minimization issue as follows.min The optimal solution can be obtained by the alternative least squares (ALS) approach [17].Let ∧  represent the estimated new matrix of  with the result of ( 27).These matrices are intercorrelated: where Π denotes the permutation matrix and Λ denotes the diagonal matrix.In [17], it is stated that these insignificant uncertainties have no effect on new matrix recognition.

Third
Step: Determining the Sparse Attack Vector.In this step, based on the inferred matrix ∧ , our goal is to design the sparse attack vector that is corresponding to the attack sensors.Using the new system model of (24), we can write the attack vector in terms of (9) as where  ∈    denotes the load variables' perceived change.Notice that  must be calculated to guarantee the attack vector's sparsity elaborately.
Taking into account the above situation, we illustrate that the attack vector construction issue is transformable as a constraint minimization optimization problem.For convenience, we denote  = ( ∧  (, :))  , and ), where   =  \ {}.With an appropriate reordering of the rows,   can be represented as follows.
In (30), we restrict  T  = 1.This constraint implies that we can fix the -th bus meter; that is, the attack meter set corresponds to   .Taking into account (29) and (30), we can express the attack vector construction issue as a constraint cardinality min problem as follows.
Note that the optimization (31) is a NP-hard issue, and an alternative method can be resorted, e.g., the one that is based on 1 minimization model.
The proposed three-step attack strategy is summarized in Algorithm 1.Notice that owning to the designed attack vector's sparsity, there is no need to acquire the system matrix's total knowledge.Instead, we should infer a subsystem matrix (  , :), where   represents the eavesdropped meter set satisfying   ⊂   , |  | < .We can select the number of   as comparatively larger than the number of loads.Accordingly, the reduced meter data set (  , :) is considered to be eavesdropped.In addition, we can express the designed sparse attack vector as follows: where  *  (  ) = (  , :) * .

Experiment Settings.
In this part, we evaluated the proposed attack strategy through experiments using four IEEE power systems.Figure 2 demonstrates the topology of the IEEE 14-bus system and the topology of the IEEE 30-bus system, respectively.The state estimation can be obtained based on MATPOWER [22].All buses and branch lines are measured by corresponding sensors.In addition, the loads are at random modified to produce experimental measurements to simulate a practical power condition.Suppose that the loads on each bus in the power system are uniformly distributed between 50% and 150% of its base load and the meter data are produced correspondingly [17].We select the data length as 5000.Next, signal-to-noise ratio (SNR) has been considered between 5 and 40 dB during the simulation.

Results Analysis.
As is shown in Figure 2, we evaluated the proposed data-driven attack strategy in the case of the 5sparse undetectable attack case [12].For 14-bus system, we select sensor set  11 = { 11 ,  11 } as 5-sparse undetectable attack case.For 30-bus system, we select sensor set  19 = { 19 ,  19 } as the 5-sparse undetectable attack case.In the proposed attack scheme's first stage, the intercepted data is preprocessed based on ALM method to eliminate the outliers.
In the second stage, the recovered measurement is exploited to infer the system information based on the parallel factorization algorithm.In the third step, the calculated system matrix is employed for the sparse attack vector construction based on the convex optimization.Since the attack vector constructed by the traditional ICA-based method has no sparse terms, we introduced the improved ICA-based method to replace the traditional method for a better comparison.The improved ICA-based method is similar to the EID strategy which includes three stages.The only difference is that the second phase of the proposed method is ICA.We call this strategy an improved ICA-based strategy.
First of all, we evaluated the validity of linearity assumptions and its performance with different levels of noises.The required subsystem matrices to be estimated are selected as (  , :) where  = 11 is as shown in Figure 2(a) and  = 19 is as shown in Figure 2(b).To ensure designed attack vector's sparsity, the number of sensors is usually advised to be larger than the number of loads; e.g., |  | = 2  .We define the Mean Square Errors (MSEs) as the residuals between the estimated measurements and the meter measurements.Figure 3(a) shows the MSEs of the PARAFAC method and ICA method under various SNRs noises in IEEE 14-bus and 30-bus system, respectively.As is illustrated in Figure 3(a), the PARAFAC method achieves a lower MSEs performance than that of the ICA method, especially in the lower SNRs cases.The result implies that the PARAFAC method takes advantage of the non-Gaussian load variables' higher-order statistics to infer the system matrix.Therefore, the PARAFAC method is less sensitive to Gaussian noises of the system than the ICA method.However, in the presence of outliers, the PARAFAC method and ICA method will both present a relatively large MSEs, as is shown in Figure 3(b).In this case, the estimated system matrix will seriously deviate from the actual state of the power system.If we preprocess the intercepted data based on ALM method to eliminate the outliers and use the PARAFAC method or ICA method on intercepted data to learn about the system matrix, the MSEs will be greatly reduced and the estimated system matrix is able to reflect the system condition more precisely, as is shown in Figure 3(c).As is illustrated in Figure 3(c), the PARAFAC method also achieves a lower MSEs performance than ICA method does even if the data is preprocessed.
Applying the estimated system matrix, the sparse attack vector construction performance was next evaluated.Figure 4 illustrates the attack vector construction under two different systems.Take Figure 4(a) as an example; the attack vector (blue line) based on the EID attack strategy is almost identical to the attack vector (red line) when the complete system information is known to the attacker (it is named as perfect FDI attack).The yellow line represents the sparse attack vector based on the improved ICA-based method.Although the red line and yellow line are very similar, there are subtle Figure 2: (a) IEEE 14-bus case, the attack sensor set  11 is selected for the 5-sparse undetectable attack case; (b) IEEE 30-bus case, the attack sensor set  19 is selected for the 5-sparse undetectable attack case. the MDP rises as the threshold increases in both IEEE 14-bus and 30-bus systems under 3 different attack cases.Take IEEE 14-bus system as an example; when the EID attack strategy is used, the MDP is very close to the no attack case.In other words, it is difficult to distinguish the EID attack case from the no attack case, which implies that the EID attack is stealthy and undetectable to the Bad Data Detection.However, when the improved ICA-based attack strategy is used, the MDP is quite different from the no attack case as shown in Figure 6(a).It means that the Bad Data Detection has a high probability of detecting the attack based on the improved ICA-based attack strategy.Overall, the EID attack strategy has better performance than the improved ICA-based strategy.Similar results can also be observed in the IEEE 30-bus system.Finally, we also evaluated the scalability of our work by using larger-scale test systems, including IEEE 118-bus system and 300-bus system, which have been widely used in research community.Since larger systems can cause longer execution time of the algorithm, we set the whole numbers of Monte Carlo runs as 10000 in test systems and record the execution time for carrying out the EID attack strategy.Table 2 shows the average execution time (total time of the three phases) in different test systems (regarding other

Conclusions and Future Work
In this paper, a data-driven sparse false data injection attack strategy was proposed.The proposed attack strategy can solve the problem of implementing the sparse attack without the system information matrix.The experimental results show that the strategy can successfully implement sparse attacks even in the presence of outliers.The next step is to study the defense strategy against this type of attack to deal with the threat of sparse false data injection attacks to improve the security of the power system.

Table 1 :
The relation between the minimal intercepted meters and the load number.

Table 2 :
The execution time of EID attacks in different test systems., the simulation results of the large systems and the above small systems are similar, and it is inconvenient to use figures to represent the simulation results of the large systems, so they are omitted).For all test systems, the attacker can construct corresponding sparse attack vectors based on the EID strategy with average execution time ranging from 2.3286 s to about 9.6 s.In fact, in the three stages of the EID attack strategy, the first stage (Eliminate: ALM method) takes up most of the execution time.From Table1, we can conclude that even with larger-scale test systems, the average execution time is also acceptable for attackers.Of course, the EID attack strategy, especially the first stage of the strategy, still needs to be optimized to obtain sparse attack vectors faster. indicators