LSTM-based approach to detect cyber attacks on market-based congestion management methods

Abstract: Market-based congestion management methods adopt Demand Side Management (DSM) techniques to alleviate congestion in the day-ahead market. Reliance of these methods on the communication layer makes it prone to cyber attacks affecting the security, reliability, and economic operation of the distribution network. In this paper, we focus on Load Altering Attacks that would compromise the operation of market-based congestion management methods. A detection technique is proposed using Long Short-term Memory (LSTM) Recurrent Neural Networks (RNN). IEEE 33 bus system is used as a case study to demonstrate the effectiveness of the proposed technique. An accuracy of 97% was obtained proving the capability of using LSTM-RNN to detect a load altering cyber attack compromising aggregators in the network.