Electrical Grid Anomaly Detection via Tensor Decomposition

Alexander B. Most, Maksim E. Eren, Boian S. Alexandrov, Nigel Lawrence
September 2023
DOI Preprint PDF Details

Abstract

Supervisory Control and Data Acquisition (SCADA) systems often serve as the nervous system for substations within power grids. These systems facilitate real-time monitoring, data acquisition, control of equipment, and ensure smooth and efficient operation of the substation and its connected devices. As the dependence on these SCADA systems grows, so does the risk of potential malicious intrusions that could lead to significant outages or even permanent damage to the grid. Previous work has shown that dimensionality reduction-based approaches, such as Principal Component Analysis (PCA), can be used for accurate identification of anomalies in SCADA systems. While not specifically applied to SCADA, non-negative matrix factorization (NMF) has shown strong results at detecting anomalies in wireless sensor networks. These unsupervised approaches model the normal or expected behavior and detect the unseen types of attacks or anomalies by identifying the events that deviate from the expected behavior. These approaches; however, do not model the complex and multi-dimensional interactions that are naturally present in SCADA systems. Differently, non-negative tensor decomposition is a powerful unsupervised machine learning (ML) method that can model the complex and multi-faceted activity details of SCADA events. In this work, we novelly apply the tensor decomposition method Canonical Polyadic Alternating Poisson Regression (CP-APR) with a probabilistic framework, which has previously shown state-of-the-art anomaly detection results on cyber network data, to identify anomalies in SCADA systems. We showcase that the use of statistical behavior analysis of SCADA communication with tensor decomposition improves the specificity and accuracy of identifying anomalies in electrical grid systems. In our experiments, we model real-world SCADA system data collected from the electrical grid operated by Los Alamos National Laboratory (LANL) which provides transmission and distribution service through a partnership with Los Alamos County, and detect synthetically generated anomalies.

Type
Conference paper
Publication
In IEEE Military Communications Conference, Articial Intelligence for Cyber Workshop (MILCOM), 2023

Keywords:

scada, power grid, anomaly detection, tensors

Citation:

A. B. Most, M. E. Eren, B. S. Alexandrov and N. Lawrence, “Electrical Grid Anomaly Detection via Tensor Decomposition,” MILCOM 2023 - 2023 IEEE Military Communications Conference (MILCOM), Boston, MA, USA, 2023, pp. 162-169, doi: 10.1109/MILCOM58377.2023.10356348.

BibTeX:

@INPROCEEDINGS{10356348,
  author={Most, Alexander B. and Eren, Maksim E. and Alexandrov, Boian S. and Lawrence, Nigel},
  booktitle={MILCOM 2023 - 2023 IEEE Military Communications Conference (MILCOM)}, 
  title={Electrical Grid Anomaly Detection via Tensor Decomposition}, 
  year={2023},
  volume={},
  number={},
  pages={162-169},
  keywords={Wireless sensor networks;Tensors;Substations;SCADA systems;Real-time systems;Behavioral sciences;Complexity theory},
  doi={10.1109/MILCOM58377.2023.10356348}}
scada Tensors anomaly deteciton power grids
Maksim E. Eren
Maksim E. Eren
Scientist

My research interests lie at the intersection of the machine learning and cybersecurity disciplines, with a concentration in tensor decomposition.