A Randomization-Based, Zero-Trust Cyberattack Detection Method for Hierarchical Systems

Research output: Contribution to conferencePaper

Abstract

This paper demonstrates a novel randomization-based approach for verifying power system control signals with application to detecting cyberattacks. We consider fully connected hierarchical systems containing multiple local agents and a global "trust" agent. The global agent uses a time-varying randomized assignment scheme to identify corrupt network links based on principles of zero trust and majority rule. To evaluate the performance of this detection approach, we implement our algorithm in MATLAB and run it against nearly 43 million unique attack scenarios spanning a range of system sizes. For each scenario, the algorithm determines whether the identified corruptions satisfy a set of validity constraints reflecting network topology and uses that result to say whether the recovered state value for one or more local agents is malicious. We compare the algorithm's determination to the true state of the system to assess performance and find that classification accuracy converges to 100% as system size increases, suggesting that the validity constraints become more difficult to satisfy for larger systems. We further explore the scenarios that evade detection to understand practical implications for employing this detection approach.
Original languageAmerican English
Number of pages11
DOIs
StatePublished - 2023
EventIEEE Secure Development - Atlanta, GA, USA
Duration: 18 Oct 202320 Oct 2023

Conference

ConferenceIEEE Secure Development
CityAtlanta, GA, USA
Period18/10/2320/10/23

NREL Publication Number

  • NREL/CP-5R00-86335

Keywords

  • cybersecurity
  • hierarchical system
  • power grid
  • randomization-based methods
  • zero trust

Fingerprint

Dive into the research topics of 'A Randomization-Based, Zero-Trust Cyberattack Detection Method for Hierarchical Systems'. Together they form a unique fingerprint.

Cite this