Alert button
Picture for Mehmet Necip Kurt

Mehmet Necip Kurt

Alert button

Online Cyber-Attack Detection in Smart Grid: A Reinforcement Learning Approach

Add code
Bookmark button
Alert button
Sep 14, 2018
Mehmet Necip Kurt, Oyetunji Ogundijo, Chong Li, Xiaodong Wang

Figure 1 for Online Cyber-Attack Detection in Smart Grid: A Reinforcement Learning Approach
Figure 2 for Online Cyber-Attack Detection in Smart Grid: A Reinforcement Learning Approach
Figure 3 for Online Cyber-Attack Detection in Smart Grid: A Reinforcement Learning Approach
Figure 4 for Online Cyber-Attack Detection in Smart Grid: A Reinforcement Learning Approach

Early detection of cyber-attacks is crucial for a safe and reliable operation of the smart grid. In the literature, outlier detection schemes making sample-by-sample decisions and online detection schemes requiring perfect attack models have been proposed. In this paper, we formulate the online attack/anomaly detection problem as a partially observable Markov decision process (POMDP) problem and propose a universal robust online detection algorithm using the framework of model-free reinforcement learning (RL) for POMDPs. Numerical studies illustrate the effectiveness of the proposed RL-based algorithm in timely and accurate detection of cyber-attacks targeting the smart grid.

Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon

Real-Time Nonparametric Anomaly Detection in High-Dimensional Settings

Add code
Bookmark button
Alert button
Sep 14, 2018
Mehmet Necip Kurt, Yasin Yilmaz, Xiaodong Wang

Figure 1 for Real-Time Nonparametric Anomaly Detection in High-Dimensional Settings
Figure 2 for Real-Time Nonparametric Anomaly Detection in High-Dimensional Settings
Figure 3 for Real-Time Nonparametric Anomaly Detection in High-Dimensional Settings
Figure 4 for Real-Time Nonparametric Anomaly Detection in High-Dimensional Settings

Timely and reliable detection of abrupt anomalies, e.g., faults, intrusions/attacks, is crucial for real-time monitoring and security of many modern systems such as the smart grid and the Internet of Things (IoT) networks that produce high-dimensional data. With this goal, we propose effective and scalable algorithms for real-time anomaly detection in high-dimensional settings. Our proposed algorithms are nonparametric (model-free) as both the nominal and anomalous multivariate data distributions are assumed to be unknown. We extract useful univariate summary statistics and perform the anomaly detection task in a single-dimensional space. We model anomalies as persistent outliers and propose to detect them via a cumulative sum (CUSUM)-like algorithm. In case the observed data stream has a low intrinsic dimensionality, we find a low-dimensional submanifold in which the nominal data are embedded and then evaluate whether the sequentially acquired data persistently deviate from the nominal submanifold. Further, in the general case, we determine an acceptance region for nominal data via the Geometric Entropy Minimization (GEM) method and then evaluate whether the sequentially observed data persistently fall outside the acceptance region. We provide an asymptotic lower bound on the average false alarm period of the proposed CUSUM-like algorithm. Moreover, we provide a sufficient condition to asymptotically guarantee that the decision statistic of the proposed algorithm does not diverge in the absence of anomalies. Numerical studies illustrate the effectiveness of the proposed schemes in quick and accurate detection of changes/anomalies in a variety of high-dimensional settings.

Viaarxiv icon
Github IconAccess Paper or Ask Questions
Twitter IconFacebook IconLinkedin IconWhatsapp IconMessenger Icon