Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
139 tokens/sec
GPT-4o
47 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Electrical Grid Anomaly Detection via Tensor Decomposition (2310.08650v1)

Published 12 Oct 2023 in cs.LG and cs.AI

Abstract: Supervisory Control and Data Acquisition (SCADA) systems often serve as the nervous system for substations within power grids. These systems facilitate real-time monitoring, data acquisition, control of equipment, and ensure smooth and efficient operation of the substation and its connected devices. Previous work has shown that dimensionality reduction-based approaches, such as Principal Component Analysis (PCA), can be used for accurate identification of anomalies in SCADA systems. While not specifically applied to SCADA, non-negative matrix factorization (NMF) has shown strong results at detecting anomalies in wireless sensor networks. These unsupervised approaches model the normal or expected behavior and detect the unseen types of attacks or anomalies by identifying the events that deviate from the expected behavior. These approaches; however, do not model the complex and multi-dimensional interactions that are naturally present in SCADA systems. Differently, non-negative tensor decomposition is a powerful unsupervised ML method that can model the complex and multi-faceted activity details of SCADA events. In this work, we novelly apply the tensor decomposition method Canonical Polyadic Alternating Poisson Regression (CP-APR) with a probabilistic framework, which has previously shown state-of-the-art anomaly detection results on cyber network data, to identify anomalies in SCADA systems. We showcase that the use of statistical behavior analysis of SCADA communication with tensor decomposition improves the specificity and accuracy of identifying anomalies in electrical grid systems. In our experiments, we model real-world SCADA system data collected from the electrical grid operated by Los Alamos National Laboratory (LANL) which provides transmission and distribution service through a partnership with Los Alamos County, and detect synthetically generated anomalies.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (27)
  1. J. Skarha, L. Gordon, N. Sakib, J. June, D. Jester, L. Peterson, R. Andel, and D. Dosa, “Association of power outage with mortality and hospitalizations among florida nursing home residents after hurricane irma,” JAMA Health Forum, vol. 2, no. 11, p. e213900, 2021, pMID: 35977265; PMCID: PMC8796882.
  2. L. S. Communication, “The smart grid: An introduction,” Nov. 30 2008. [Online]. Available: https://www.smartgrid.gov/document/smart_grid_introduction
  3. K. Zetter, “Inside the cunning, unprecedented hack of ukraine’s power grid,” Wired, Mar. 2016, retrieved 2023-08-29.
  4. BBC News, “Ukraine power cut ’was cyber-attack’,” BBC News, Jan. 2017, retrieved 2023-08-29.
  5. G. Yadav and K. Paul, “Architecture and security of scada systems: A review,” International Journal of Critical Infrastructure Protection, vol. 34, p. 100433, 2021.
  6. T. Bolt, “New lloyd’s study highlights wide ranging implications of cyber attacks,” Lloyd’s, no. 1, 2015.
  7. K. P. F.R.S., “Liii. on lines and planes of closest fit to systems of points in space,” The London, Edinburgh, and Dublin Philosophical Magazine and Journal of Science, vol. 2, no. 11, pp. 559–572, 1901.
  8. A. A. Imayakumar, A. Dubey, and A. Bose, “Anomaly detection for primary distribution system measurements using principal component analysis,” in 2020 IEEE Texas Power and Energy Conference (TPEC), 2020, pp. 1–6.
  9. S. N. Shirazi, A. Gouglidis, K. N. Syeda, S. Simpson, A. Mauthe, I. M. Stephanakis, and D. Hutchison, “Evaluation of anomaly detection techniques for scada communication resilience,” in 2016 Resilience Week (RWS), 2016, pp. 140–145.
  10. D. D. Lee and H. S. Seung, “Learning the parts of objects by non-negative matrix factorization,” Nature, vol. 401, no. 6755, pp. 788–791, 1999.
  11. F. S. Passino, M. J. M. Turcotte, and N. A. Heard, “Graph link prediction in computer networks using poisson matrix factorisation,” CoRR, vol. abs/2001.09456, 2020.
  12. H. Alshammari, O. Ghorbel, M. Aseeri, and M. Abid, “Non-negative matrix factorization (nmf) for outlier detection in wireless sensor networks,” in 2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC), 2018, pp. 506–511.
  13. M. E. Eren, J. S. Moore, E. Skau, M. Bhattarai, G. Chennupati, and B. S. Alexandrov, “pycp_apr,” https://github.com/lanl/pyCP_APR, 2021.
  14. M. E. Eren, J. S. Moore, E. Skau, E. Moore, M. Bhattarai, G. Chennupati, and B. S. Alexandrov, “General-purpose unsupervised cyber anomaly detection via non-negative tensor factorization,” Digital Threats, feb 2022, just Accepted.
  15. W. Gao, T. Morris, B. Reaves, and D. Richey, “On scada control system command and response injection and intrusion detection,” in 2010 eCrime Researchers Summit, 2010, pp. 1–9.
  16. M. Kravchik and A. Shabtai, “Detecting cyber attacks in industrial control systems using convolutional neural networks,” in Proceedings of the 2018 Workshop on Cyber-Physical Systems Security and PrivaCy, ser. CPS-SPC ’18.   New York, NY, USA: Association for Computing Machinery, 2018, p. 72–83.
  17. S. Sontowski, N. Lawrence, D. Deka, and M. Gupta, “Detecting anomalies using overlapping electrical measurements in smart power grids,” 2022.
  18. I. Marton, A. Sanchez, S. Carlos, and S. Martorell, “Application of data driven methods for condition monitoring maintenance,” Chemical Engineering Transactions, vol. 33, pp. 301–306, Jul. 2013.
  19. M. E. Eren, M. Bhattarai, R. J. Joyce, E. Raff, C. Nicholas, and B. S. Alexandrov, “Semi-supervised classification of malware families under extreme class imbalance via hierarchical non-negative matrix factorization with automatic model selection,” ACM Trans. Priv. Secur., sep 2023, just Accepted. [Online]. Available: https://doi.org/10.1145/3624567
  20. W. Wang, X. Guan, and X. Zhang, “Profiling program and user behaviors for anomaly intrusion detection based on non-negative matrix factorization,” in 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601), vol. 1, 2004, pp. 99–104 Vol.1.
  21. M. J. Turcotte, J. Moore, N. Heard, and A. McPhall, “Poisson factorization for peer-based anomaly detection,” in IEEE Conference on Intelligence and Security Informatics, ISI 2016, Tucson, AZ, USA, September 28-30, 2016.   IEEE, 2016, pp. 208–210.
  22. A. R. Ajayan, “A study of multivariate behavior and anomaly patterns : tensor decomposition for multiway big data,” 2017. [Online]. Available: https://api.semanticscholar.org/CorpusID:125879356
  23. B. Sandoval, E. Barocio, P. Korba, and F. R. Segundo Sevilla, “Three-way unsupervised data mining for power system applications based on tensor decomposition,” Electric Power Systems Research, vol. 187, p. 106431, 2020.
  24. B. Alexandrov, V. Vesselinov, and K. O. Rasmussen, “Smarttensors unsupervised ai platform for big-data analytics,” Los Alamos National Lab.(LANL), Los Alamos, NM (United States), Tech. Rep., 2021, lA-UR-21-25064.
  25. E. C. Chi and T. G. Kolda, “On tensors, sparsity, and nonnegative factorizations,” SIAM J. Matrix Anal. Appl., vol. 33, no. 4, pp. 1272–1299, 2012.
  26. M. E. Eren, J. S. Moore, and B. S. Alexandrov, “Multi-dimensional anomalous entity detection via poisson tensor factorization,” in 2020 IEEE International Conference on Intelligence and Security Informatics (ISI), 2020, pp. 1–6.
  27. R. Pasricha, E. Gujral, and E. E. Papalexakis, “Adaptive granularity in tensors: A quest for interpretable structure,” CoRR, vol. abs/1912.09009, 2019. [Online]. Available: http://arxiv.org/abs/1912.09009

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now