Data-driven learning-based classification model for mitigating false data injection attacks on dynamic line rating systems
基于数据驱动学习的分类模型,用于减轻动态线路评级系统上的虚假数据注入攻击
Highlights 亮点
- •DLR systems allow an improvement in transmission lines’ ampacities.
DLR 系统可以提高输电线路的载流量。 - •Cyber-physical power systems involving DLR systems are prone to FDIA.
涉及 DLR 系统的信息物理电力系统容易受到 FDIA 的影响。 - •Combination of statistics, feature selection, machine learning mitigates FDIA.
统计、特征选择和机器学习的结合可以缓解 FDIA。 - •MR-MR selects the best features to improve testing of classification models.
MR-MR 选择最佳特征来改进分类模型的测试。 - •Z-score-MR-MR-BGLM-LR model effectively mitigates FDIA in DLR systems.
Z-score-MR-MR-BGLM-LR 模型有效地缓解了 DLR 系统中的 FDIA。
Abstract 抽象的
对动态线路额定值 (DLR) 系统等电网扩展技术的探索需求日益增长,而且这些技术对实时天气数据进行系统规划的依赖,使得研究针对信息物理电力系统 (CPS) 的虚假数据注入攻击 (FDIA) 成为必要。本研究旨在开发一个强大的机器学习模型来减轻 DLR 系统中的 FDIA,重点是统计数据处理、特征排序、选择、训练、验证和评估。它将 z 分数和其他统计分析与最小冗余最大相关性 (MR-MR) 特征排序和选择算法相结合,以提高模型性能和二元广义线性模型逻辑回归 (BGLM-LR) 和其他机器学习分类算法的泛化能力。使用 BGLM-LR、高斯朴素贝叶斯 (GNB)、线性支持向量机 (LSVM)、宽神经网络 (WNN) 和决策树 (DT) 形成的模型,并使用 10 年每小时 DLR 历史数据特征进行训练和测试。对未见数据模型的评估表明,在进行 MR-MR 特征排序和选择后,验证集和测试集的准确率均有所提升。BGLM-LR、GNB、LSVM 和 WNN 在缓解 FDIA 方面表现出色。然而,研究指出,DT 的局限性在于过度拟合和在 FDIA 缓解方面缺乏泛化能力。z-score-MR-MR-BGLM-LR 和 z-score-MR-MR-LSVM 模型表现出色,假阴性率为零,凸显了特征排序和选择的重要性。 尽管如此,z-score-MR-MR-BGLM-LR 组合表现出从训练到测试的最高边际改进、最低的训练和验证时间以及完美的接收器操作特性曲线下面积 (AUC),使其成为在计算资源有限的情况下缓解 FDIA 的最佳选择。
Abbreviations 缩写
Keywords 关键词
1. Introduction 1. 简介
智能电网的出现是为了提高传统电网的效率和可靠性 。它们是相当大的信息物理电力系统 (CPS),结合了先进信息通信技术 (ICT) 的物理组件和网络组件 ,以提高发电 、 输电和配电的效率、可靠性和可持续性 [1] , [2] 。电力系统组件 (PSC)、动态线路额定值 (DLR) 传感器和相量测量单元 (PMU) 构成物理部分。相反,监控和数据采集 (SCADA) 系统、人机界面 (HMI) 和远程终端单元 (RTU) 等元素构成了网络部分。这种组合可以实现电网的远程监视和控制。这些系统旨在通过增强物理设备和连接它们的通信网络的互操作性来提高弹性,从而实现最佳电力输送。
在应对全球能源危机的过程中,通过将可再生能源 (RES) 的增长与 DLR 等电网扩展技术相匹配,可以实现可持续发展目标 7 (SDG 7) 中提出的让所有人都能使用清洁、负担得起的现代能源的目标 [3] 。DLR 通过增加输电线的载流量来帮助减少电网拥堵,从而能够整合更多清洁、负担得起的能源,以实现可持续发展目标 7 [4] 。各种研究 [5] 、 [6] 、 [7] 审查和实施了 DLR 运行 ,依靠实时测量的天气参数,例如风速 、风角和环境温度,来计算输电线的容量并规划未来的运行。这些天气参数用于确定对流冷却、辐射冷却和太阳加热对线路的影响 [8] 。
遗憾的是, 如图 1 所示,收集这些数据的 DLR 传感器会实时向运营商通报天气状况和线路额定值 [4], 这使得它们特别容易受到错误数据注入攻击 (FDIA)。FDIA 是指将错误数据渗透到 RTU 中,导致运营商误解线路状况、发电机输出或需求,从而引发不稳定,并可能导致部分或整个电网崩溃。攻击者会重点攻击像 DLR 这样实时运行的组件,以对 PSC 造成最大影响。DLR 系统是这些攻击者的首选目标 [9] ,因为 DLR 系统依赖于 ICT,这不可避免地使其易受攻击。人们已采取措施防止这些可能造成危害的网络攻击 ,以实现数据的机密性和完整性,同时维护数据的安全性和可靠性。

Fig. 1. FDIA and Mitigation Illustration.
图 1. FDIA 和缓解措施说明。
这些网络攻击的其他形式包括资源切断和拒绝服务 (DoS) [10] 、 [11] 、 [12] 。它们的严重程度和范围各不相同,解决方案根据实施复杂性和缓解效果进行分类。资源切断攻击是指黑客访问 SCADA、HMI 或 RTU 等系统来控制断路器、操纵电流并切断客户电源。在某些情况下,用于在停电后恢复服务的软件甚至成为攻击目标,使操作员无法访问。DoS 攻击会阻止客户向公用事业公司报告停电情况。
缓解智能电网 FDIA 的实用策略应该能够预防、抢占和识别漏洞,在攻击发生时查明攻击源,并用准确数据替换虚假数据。这样,智能电网系统就可以增强其抵御网络威胁的能力,并确保电网运行的完整性和可靠性。本研究希望通过回顾针对电网不同类型网络攻击的研究来实现这些目标,重点关注 FDIA 和真实案例(见第 2 节) 。讨论旨在预防、检测和缓解这些攻击的数据驱动、基于学习的算法(见第 3 节) 。评估开发的算法和其他可行算法对 FDIA 的弹性,以确定最可靠的方法来缓解这些攻击而不会出现错误(见第 4 节) 。总结性观察和未来研究的方向见第 5 节 。
2. Cyber-attacks and FDIA review
2. 网络攻击和 FDIA 审查
针对电力系统基础设施的拒绝服务 (DoS) 、 服务盗窃、间谍活动和工厂破坏等攻击,使攻击者从中获利,包括勒索赎金、出于军事情报和其他政治目的而窃取数据、窃取运营技术以及从事间谍活动。以下关于 FDIA 的研究、案例和状态评估的小节,揭示了在智能电网遭受网络物理攻击期间,FDIA 预防和缓解的最新研究。
2.1. FDIA studies 2.1. FDIA 研究
刘、宁和赖特 [13] 提出了电网状态估计的 FDIA 概念。他们指出,攻击者可以渗透到 CPS 和 ICT 网络基础设施中,操纵测量设备并获取网络参数和拓扑结构。这将使他们构建满足状态估计约束的虚假测量数据,从而绕过不良数据检测过程。这进一步使攻击者能够在控制中心不被察觉的情况下发动攻击,使其失去准确感知系统当前运行状态或拓扑结构的能力。结果,控制中心产生错误的估计并发出错误的指令和命令,扰乱电网的正常运行 [14] 。
虽然传统算法已经可以有效检测出不良数据,但深度学习的最新进展也使得即使在网络攻击中也能更准确地估计系统状态。Shi、Xie 和 Peng [15] 提出了一种高斯混合模型;该模型在电气和电子工程师协会 (IEEE) 总线上进行了测试,与其他模型相比,准确度提高了 1.5% 到 5%。评估场景并未涵盖所有潜在攻击或系统条件。这种有限的评估范围可能会限制所提出的 FDIA 检测方法在应用于不同电网配置时的通用性和可靠性。在 Xiong 等人 [16] 的研究中,一种机器学习算法——支持向量机-温和 adaboost (SVM-GAB)——被用来检测 FDIA。GAB 用于级联多个弱支持向量机 (SVM) 分类器,以构成一个能够区分正常数据和异常数据的鲁棒分类器。作者采用 IEEE 性能指标,包括平均检测时间和准确率,评估了 SVM-GAB 算法的有效性,结果表明,SVM-GAB 算法的误报率比传统检测算法降低了 25%。
Moradzadeh 等人 [17] 评估了深度学习技术(例如支持向量回归 (SVR)、长短期记忆 (LSTM) 和双向长短期记忆 (BiLSTM))在使用来自两条输电线路的真实数据预测 DLR 时的可靠性和准确性。作者通过模拟网络攻击检验了这些算法的弹性。然而,他们专注于按选定的百分比增加历史数据的风速、角度和环境温度,而没有提供这些变化选择的理由。值得注意的是,数据变化可能包括百分比、比率和指数的增加、减少和变化。这对全面评估算法在处理各种场景和数据变化方面的性能提出了质疑。
Table 1. FDIA studies.
FDIA Studies | Description | Prospects | Constraints |
---|---|---|---|
[13] | This study introduces the concept of FDIA for power grid state estimation. Highlights the possibility of attackers manipulating measurement devices and bypassing bad data detection. | It raises awareness about potential vulnerabilities in power grid systems. | The study lacks specific detection methods and evaluation results. It created arbitrary attack scenarios and did not focus on DLR systems but instead on the impact of FDIA on state estimation. However, it suggests utilising network anomaly detection techniques to protect against false data injection attacks in other areas of the power system network. |
[14] | This study describes how attackers can launch unnoticed attacks on the power grid, causing disruption. | Highlights the impact of attacks on the control centre’s ability to perceive the system’s operating state. | The study lacks a specific solution or evaluation method, focuses on linear abnormalities, and suggests exploring more complex ones. It is limited to the IEEE 24-bus system and lacks generalisation. The method relies on static line ratings. To enhance the approach, the study recommends incorporating machine learning to detect abnormalities in load patterns, enabling more effective countermeasures. |
[15] | This study proposes a Gaussian mixture model for FDIA detection, showing improved accuracy compared to other models. | It advances deep learning for accurate state estimation, even in cyber attacks. | The study did not address DLR, lacked coverage of potential attacks and system conditions, and provided insufficient information on the model used. |
[16] | SVM-GAB algorithm was deployed to detect FDIA with a lower false alarm rate than traditional methods. | It demonstrates the effectiveness of machine learning algorithms for FDIA detection using metrics such as accuracy and recall. | It did not consider DLR. It did not provide detailed information on the SVM-GAB algorithm and the attack intensity rule used to perform the volatility test, differentiating FDIA and power flow surge. |
[17] | This study evaluated the reliability and accuracy of deep learning techniques (SVR, LSTM, BiLSTM) for predicting DLR and their resilience to cyber-attacks. | It explores the use of real-world data and the simulation of cyber-attacks. | The study lacks a rationale for the specific data variations, limiting the comprehensive algorithm performance assessment. |
[18] | This study deploys spatiotemporal learning algorithms, such as LSTM autoencoder and unsupervised learning methods, for FDIA detection. Emphasises the importance of models recognising normal distribution dynamics. | It addresses the FDIA challenges that may be encountered in DLR forecasting. It highlights unsupervised learning methods’ effectiveness and ability to detect deviations from standard distribution patterns. | In most cases, when these models are efficient, trade-offs exist in computational complexity, resource requirements, and detection latency. |
[19] | Graph-based detection of FDIA using a graph neural network. Shows that the accuracy of data-driven detection methods decreases with changing network topology, while the GGNN improves accuracy. | It offers a novel approach using graph neural networks for FDIA detection. | Model complexity, resource requirements, and mitigation are the limitations of the proposed model. It did not incorporate DLR in the analyses. |
[20] | It utilised a stacked autoencoder network, fine-tuning amplifier, and cuckoo search algorithm for cyber-physical attack detection. Mentions deficiencies in accuracy and sensitivity of algorithms that do not use extensive historical data. | It introduces a comprehensive approach involving multiple techniques for attack detection. | The structure of the deep network model is complex, and the model training time is extended. To speed up the model training process, the dynamic optimisation method of the learning rate and other parameters in the training process will be considered in future work. |
[21] | This article proposes ensemble learning algorithms for DLR forecasting to address transmission congestion caused by high renewable energy penetration. Traditional DLR methods require extensive infrastructure, but the proposed approach leverages historical meteorological data. Simulations demonstrate the effectiveness of ensemble learning algorithms, achieving a significant capacity increase for 400 kV lines, and alleviating congestion issues without additional infrastructure. | It offers promising prospects for DLR forecasting, providing accurate predictions without extensive infrastructure. The demonstrated capacity increase highlights the potential for this approach to improve grid efficiency and reliability, particularly in regions experiencing transmission congestion due to renewable energy integration. | Testing against different data points is essential to ensure the reliability of forecasting models across various line segments. Additionally, the effectiveness of the proposed approach may depend on factors such as data quality and the severity of cyberattacks. Addressing these constraints is crucial to ensuring the practical applicability and reliability of ensemble learning algorithms for DLR forecasting |
[22] | This article presents a novel approach using federated learning (FL) for DLR forecasting, crucial for enhancing grid-side flexibility by accurately predicting overhead transmission line capacity. FL generates a global model from data across different regions, ensuring security and protection against cyberattacks | FL offers promising prospects for DLR forecasting, enabling accurate predictions even in regions lacking data. The global supermodel generated by FL has the potential to improve grid reliability and flexibility, providing timely forecasts | Despite its benefits, FL implementation faces constraints related to data availability, privacy, and infrastructure requirements. Ensuring data security and addressing computational challenges are key considerations. Additionally, the global supermodel’s performance may vary based on the diversity of training data, potentially leading to inaccuracies in certain regions |
2.2. FDIA cases
2.3. State Estimation
3. Methodology
3.1. Classification algorithms
Table 2. Machine-Learning Classification Models.
Models | Characteristics | Structure and parameter description | Optimisation benefits |
---|---|---|---|
Linear Support Vector Machines | Linear Support Vector Machines (LSVMs) are suitable for small to medium-sized datasets and problems with clear margins between classes. Versatile with different kernel functions to handle linear and nonlinear decision boundaries. They work well in cases where the instances are less than the features. | This algorithm tries to find a straight-line boundary between categories. It automatically adjusts the importance of this boundary based on the data. If a data point is misclassified, a penalty is determined by a value of 1. Before processing, the data is adjusted to have an average value of 0 and a consistent spread (standardised). | LSVM can be computationally expensive, especially for large datasets. LSVMs often struggle with imbalanced datasets, requiring additional techniques such as class weighting or resampling. Feature selection makes the model more efficient for FDIA detection, especially in high-dimensional spaces. It improves generalisation by focusing on essential features, aiding SVMs in managing imbalanced FDIA datasets. |
Wide Neural Networks | Wide Neural Networks (WNN) are complex models involving interconnected layers and activation functions. Suitable for problems with complex relationships and large amounts of data. They are highly flexible with nonlinear decision boundaries. | Wide Neural Networks can learn complex nonlinear relationships between features, making them highly flexible and powerful. They can handle high-dimensional data and automatically extract relevant features from raw input. The WNN deployed here has one hidden layer with 100 processing nodes. After each node processes data, it uses a function called Rectified Linear Units (ReLU) to decide on the output. The training process will run for a maximum of 1000 times to adjust and improve. No additional rule prevents it from fitting too closely to the training data. Just like in the SVM, the data is adjusted to have an average value of 0 and a consistent spread before processing. | They are computationally intensive and may require significant computational resources, especially for large and complex models. Large neural networks can be more susceptible to vanishing gradients and overfitting, requiring additional techniques such as batch normalisation and dropout. Feature selection optimises the wide neural network’s performance by focusing on the most critical attributes in FDIA detection to enhance interpretability and training efficiency. |
Decision Tree | Decision trees (DTs) use a set of if-else conditions to recursively split the feature space based on the values of input features. The decision tree can be represented as a hierarchical structure of decision and leaf nodes. | They provide a hierarchical structure of decisions based on feature splits. This makes them understandable and easy to interpret. They can handle both numerical and categorical features effectively. The decision tree has a maximum depth controlled by allowing up to 100 decision-making points. When deciding how to branch, it uses Gini’s diversity index, which helps differentiate between categories. If a primary decision rule isn't applicable, there’s no backup rule because the surrogate decision split is turned off. | It sometimes leads to poor generalisation of unseen data. Overfitting can occur when the tree becomes too deep, and decision trees may struggle with capturing certain complex relationships or logic patterns. Additionally, small changes in the data can lead to different tree structures and potential instability. |
Gaussian Naïve Bayes | Gaussian naïve Bayes (GNB) is a probabilistic classification algorithm that assumes the features are conditionally independent given the class label. It may struggle with rare events or zero probabilities. Efficient for probabilistic classification tasks and datasets with feature independence | GNB models assume that rating features are conditionally independent given the class label. This is usually not the case because a temporal correlation exists between DLR ratings. For this method, when it looks at numerical data, it assumes a bell-curve-like (Gaussian) distribution. For categorical data, like the presence or absence of FDIA, it assumes a distribution that counts occurrences (multinomial). | GNB feature independence assumption might not hold in real-world scenarios, leading to suboptimal performance. Feature selection will assist in identifying crucial features for FDIA detection and maintaining the independence assumption. It will also impact handling rare events of zero probabilities by focusing only on influential features. |
Binary Generalised Linear Model Logistic Regression | Binary Generalised Linear Model Logistic Regression (BGLM-LR) assumes a linear relationship between the features and the log odds of the binary outcome variable. It is a specialised form of generalised linear model designed for binary classification tasks. It may struggle with complex nonlinear relationships. It has limited feature interaction capture but is effective for binary classification tasks. It can provide probability estimates for anomaly detection using an unbounded and continuous log of odds termed the logit function | Logistic regressions are linear models with sigmoid functions. Coefficient estimation is pivotal because it defines how each feature affects the outcome, ensuring predictions are anchored in the data’s true patterns. Regularisation in BGLM-LR guards against over-optimising training samples, ensuring the model’s broad applicability. Lastly, threshold adjustment in BGLM-LR enables precise calibration of predictions, especially when certain errors have more severe consequences than others. Regularisation Strength (Lambda) was set to 0.5 by default to control model complexity, with higher values leading to more robust regularisation. | Feature selection can help identify the most relevant features for FDIA detection, reducing noise and improving model interpretability. - Particularly beneficial when dealing with high-dimensional datasets or feature-rich FDIA scenarios. |
3.2. Proposed model training, validation and testing
- (I)Statistical procedure:
- a.Place the corresponding daily data element in the first column of the history data array.
- b.Calculate the z-score of the new daily data element based on the standard deviation and mean of the history data.
- c.If the z-score exceeds 1.0, skip adding the daily data element to the history data and use the previous hour's data before proceeding to test the next hour’s data in the daily data.
- d.If the z-score of the subsequent data is within the limit, update the initial and present hour of the history data with the successful element in the daily data. This ensures all elements in the daily data are within the set limit.
- e.At the end of each day, all the daily data elements would have replaced the first column of the history data, thereby shifting every other column by one column to the right and eliminating the last column of the updated history data to maintain the matrix size. The updated history data in (5) now appears like (7)
- (I)Machine Learning:

Fig. 2. Data-driven, learning-based FDIA mitigation.
- a.Preprocessing of Data: The historical data is updated and transformed into predictors, incorporating additional columns that represent statistical measures of mean, median, range, standard deviation, and z-score for each hour. This preprocessing step ensures the data is appropriately formatted and ready for training.
- b.Feature Ranking: Besides preprocessing, feature selection and extraction techniques are applied to the data to identify the most relevant and impactful features for the classification task. This is done by the MR-MR algorithm selecting the most relevant and least redundant features from the training dataset comprising hundreds of features from hourly ratings for each month over ten years as obtained in (7), their mean, median, range and z-score. This technique helps reduce the dimensionality of the data and eliminate irrelevant or redundant features, enhancing the training efficiency by reducing computational complexity.
- c.Data Splitting for Training: After feature ranking and selection, the data is split into training and testing datasets. The algorithm is trained using eight months of hourly data (January to August), while the remaining four months (September to December) are reserved for testing. This splitting is achieved using a 67–33% training-to-testing ratio. This ratio is carefully chosen to prevent overfitting while considering data volume, computational efficiency, complexity, and variation.
3.3. MR-MR Feature Ranking and Selection
- 1.Initialisation:
- (a)Define an empty set, SelectedFeatures.
- (b)Compute the mutual information between each DLR feature and the hourly measures of central tendencies and dispersions calculated with the FDIA classification target. Store these values.
- (a)
- 2.Initial Selection:
- (c)Identify the DLR feature with the highest mutual information with the FDIA target. This represents the most relevant feature.
- (d)Add this feature to the SelectedFeatures set.
- (c)
- 3.Iterative Feature Selection:
- (e)For each remaining unselected DLR feature, compute its mutual information quotient (MIQ). This is done by:
- (i)Calculating its mutual information with the FDIA target (relevance).
- (ii)Calculate its average mutual information with the Selected Features in the SelectedFeatures set (redundancy).
- (iii)Taking the quotient: MIQ = Relevance / (1 + Redundancy).
- (i)
- (f)From the unselected features, pick the one with the highest MIQ value. This feature is relevant to the FDIA target and minimally redundant with the previously selected features.
- (g)Add this feature to the SelectedFeatures set.
- (h)Repeat this step until a pre-defined stopping criterion is met (e.g., a certain number of features are selected, or the MIQ value falls below a threshold).
- (e)
- 4.Final Feature Set:
- (i)The SelectedFeatures set now contains best ranked DLR features and statistical measures selected based on their MIQ values concerning the FDIA classification task.
- (ii)Use this set for improving the viable machine learning algorithms prepared for the FDIA classification model.
- (i)
3.4. Error Metrics
Table 3. Error metrics.
Empty Cell | Error Metrics | Formulae | Characteristics |
---|---|---|---|
Empty Cell | FUNDAMENTAL METRICS | ||
Empty Cell | ACCURACY | Accuracy is easy to understand and widely used in many fields. However, it can be misleading in imbalanced datasets where it may give a high score even though the classifier only correctly identifies the majority class. | |
Empty Cell | PRECISION | Precision provides an idea of the number of correctly identified positive instances out of all the cases identified as positive by the classifier but does not consider false negatives. | |
Empty Cell | RECALL(SENSITIVITY) | Recall provides an idea of the number of correctly identified positive instances out of all positive samples in the dataset, making it essential in cases where false negatives are more costly. | |
Empty Cell | FALSE NEGATIVE RATE | FNR provides an idea of the number of false negatives out of all positive instances in the dataset but does not consider false positives. | |
Empty Cell | SPECIFICITY | Specificity provides an idea of the number of correctly identified negative instances out of all instances identified as negative by the classifier. It is crucial in cases where false positive predictions are more costly than false negatives but do not consider false negatives. | |
Empty Cell | DERIVED METRICS | ||
Empty Cell | F-MEASURE | F-measure ranges from 0 to 1, where 0 indicates the worst performance, and 1 indicates the best performance. F-measure is useful when the data is imbalanced. | |
Empty Cell | INFORMEDNESS | This depicts the extent to which the model’s predictions are better than random guessing. It ranges from −1–1, where −1 indicates the worst performance, and 1 indicates the best performance (the entire agreement between the model's predictions and the actual values). | |
Empty Cell | MARKEDNESS | Positive predictive value (PPV) is the same as precision, and negative predictive value (NPV) involves dividing the number of true negatives by the sum of true and false negatives. Markedness measures the extent to which the model’s positive predictions are more informative than random guessing. Markedness ranges from −1–1, where −1 indicates the worst performance, and 1 indicates the best performance (total agreement between the model’s predictions and the actual values). | |
Empty Cell | CORRELATION | Correlation quantifies the extent of the linear connection between the predictions of a model and the actual values. Correlation ranges from −1–1, where −1 indicates a perfect negative correlation, and 1 shows a perfect positive correlation. | |
Empty Cell | ROC (AUC) | The area under the receiver operating characteristics (ROC) curve (AUC) is a standard metric used to evaluate the performance of a binary classifier. AUC ranges from 0 to 1, where 0 indicates the worst performance, and 1 indicates the best performance. |
4. Results and Discussion
4.1. Performance evaluation metrics
Table 4 (a). Model Validation Results.
Machine learning model Metrics | BINARY GENERALISED LINEAR MODEL LOGISTIC REGRESSION | GAUSSIAN NAÏVE BAYES | LINEAR SUPPORT VECTOR MACHINE | WIDE NEURAL NETWORK | FINE DECISION TREE |
---|---|---|---|---|---|
FUNDAMENTAL METRICS | |||||
ACCURACY | 0.714 | 0.770 | 0.755 | 0.760 | 1.000 |
PRECISION | 0.789 | 0.815 | 0.764 | 0.778 | 1.000 |
RECALL | 0.827 | 0.885 | 0.935 | 0.935 | 1.000 |
FNR | 0.250 | 0.167 | 0.063 | 0.094 | 0.000 |
SPECIFICITY | 0.415 | 0.471 | 0.093 | 0.302 | 1.000 |
TRAINING TIME (s) | 66.70 | 65.44 | 64.33 | 59.19 | 72.34 |
DERIVED METRICS | |||||
F-MEASURE | 0.807 | 0.848 | 0.850 | 0.850 | 1.000 |
INFORMEDNESS | 0.427 | 0.542 | 0.542 | 0.521 | 1.000 |
MARKEDNESS | 0.266 | 0.424 | 0.424 | 0.418 | 1.000 |
CORRELATION | 0.254 | 0.389 | 0.281 | 0.315 | 1.000 |
ROC (AUC) | 0.681 | 0.798 | 0.819 | 0.751 | 1.000 |
Table 4 (b). MR-MR Ranked Features Model Validation Results.
Machine learning model Metrics | BINARY GENERALISED LINEAR MODEL LOGISTIC REGRESSION | GAUSSIAN NAÏVE BAYES | LINEAR SUPPORT VECTOR MACHINE | WIDE NEURAL NETWORK | FINE DECISION TREE |
---|---|---|---|---|---|
FUNDAMENTAL METRICS | |||||
ACCURACY | 0.917 | 0.984 | 0.917 | 0.917 | 1.000 |
PRECISION | 0.897 | 0.979 | 0.897 | 0.897 | 1.000 |
RECALL | 1.000 | 1.000 | 1.000 | 1.000 | 1.000 |
FNR | 0.000 | 0.000 | 0.000 | 0.000 | 0.000 |
SPECIFICITY | 0.698 | 0.943 | 0.698 | 0.698 | 1.000 |
TRAINING TIME (s) | 69.68 | 79.37 | 77.38 | 122.2 | 72.34 |
DERIVED METRICS | |||||
F-MEASURE | 0.946 | 0.989 | 0.946 | 0.946 | 1.000 |
INFORMEDNESS | 0.833 | 0.967 | 0.833 | 0.833 | 1.000 |
MARKEDNESS | 0.897 | 0.979 | 0.897 | 0.897 | 1.000 |
CORRELATION | 0.791 | 0.961 | 0.791 | 0.791 | 1.000 |
ROC (AUC) | 1.000 | 0.994 | 0.730 | 0.730 | 1.000 |
Table 4 (c). Model Testing Results.
Machine learning model Metrics | BINARY GENERALISED LINEAR MODEL LOGISTIC REGRESSION | GAUSSIAN NAÏVE BAYES | LINEAR SUPPORT VECTOR MACHINE | WIDE NEURAL NETWORK | FINE DECISION TREE |
---|---|---|---|---|---|
FUNDAMENTAL METRICS | |||||
TESTING ACCURACY | 0.698 | 0.781 | 0.729 | 0.729 | 1.000 |
PRECISION | 0.722 | 0.786 | 0.772 | 0.747 | 1.000 |
RECALL | 0.942 | 0.957 | 0.884 | 0.942 | 1.000 |
FNR | 0.042 | 0.031 | 0.083 | 0.042 | 0.000 |
SPECIFICITY | 0.074 | 0.333 | 0.333 | 0.185 | 1.000 |
DERIVED METRICS | |||||
F-MEASURE | 0.818 | 0.863 | 0.824 | 0.833 | 1.000 |
INFORMEDNESS | -0.302 | -0.219 | -0.271 | -0.271 | 1.000 |
MARKEDNESS | 0.560 | 0.536 | 0.302 | 0.303 | 1.000 |
CORRELATION | 0.030 | 0.394 | 0.256 | 0.196 | 1.000 |
ROC (AUC) | 0.556 | 0.847 | 0.851 | 0.712 | 1.000 |
Table 4 (d). MR-MR Ranked Features Model Testing Results.
Machine learning model Metrics | BINARY GENERALISED LINEAR MODEL LOGISTIC REGRESSION | GAUSSIAN NAÏVE BAYES | LINEAR SUPPORT VECTOR MACHINE | WIDE NEURAL NETWORK | FINE DECISION TREE |
---|---|---|---|---|---|
FUNDAMENTAL METRICS | |||||
TESTING ACCURACY | 0.844 | 0.875 | 0.844 | 0.802 | 1.000 |
PRECISION | 0.821 | 0.983 | 0.821 | 0.813 | 1.000 |
RECALL | 1.000 | 0.841 | 1.000 | 0.942 | 1.000 |
FNR | 0.000 | 0.115 | 0.000 | 0.042 | 0.000 |
SPECIFICITY | 0.444 | 0.963 | 0.444 | 0.444 | 1.000 |
DERIVED METRICS | |||||
F-MEASURE | 0.902 | 0.906 | 0.902 | 0.872 | 1.000 |
INFORMEDNESS | -0.406 | -0.125 | -0.156 | -0.198 | 1.000 |
MARKEDNESS | 0.821 | 0.686 | 0.821 | 0.563 | 1.000 |
CORRELATION | 0.604 | 0.742 | 0.604 | 0.466 | 1.000 |
ROC (AUC) | 1.000 | 0.915 | 1.000 | 0.960 | 1.000 |
4.2. Comparison of Model Validation and Testing Results


Fig. 3. Confusion matrix of algorithms.

Fig. 4. (a) and (b). BGLM-LR Validation and Testing. (c) and (d). GNB Validation and Testing. (e) and (f). LSVM Validation and Testing. (g) and (h). WNN Validation and Testing.
5. Conclusion
CRediT authorship contribution statement
Declaration of Competing Interest
Acknowledgement
Appendix A. Supplementary material
Supplementary material
References
- [1]Cyber security of a power grid: State-of-the-artInt. J. Electr. Power Energy Syst., vol. 99 (Jul. 2018), pp. 45-56, 10.1016/j.ijepes.2017.12.020
- [2]Composite reliability impacts of synchrophasor-based DTR and SIPS cyber–physical systemsIEEE Syst. J., vol. 16 (3) (Sep. 2022), pp. 3927-3938, 10.1109/JSYST.2021.3132657
- [3]Leveraging the existing German transmission grid with dynamic line ratingAppl. Energy, vol. 343 (Aug. 2023), Article 121199, 10.1016/j.apenergy.2023.121199
- [4]A framework for modelling the reliability of dynamic line rating operations in a cyber–physical power system networkSustain. Energy Grids Netw., vol. 35 (Sep. 2023), Article 101140, 10.1016/j.segan.2023.101140
- [5]Probabilistic forecasting of dynamic thermal line rating with temporal correlationsInt. J. Electr. Power Energy Syst., vol. 134 (Jan. 2022), Article 107443, 10.1016/j.ijepes.2021.107443
- [6]Comprehensive review of the dynamic thermal rating system for sustainable electrical power systemsEnergy Rep., vol. 8 (Nov. 2022), pp. 3263-3288, 10.1016/j.egyr.2022.02.085
- [7]Dynamic line rating forecasting algorithm for a secure power system networkExpert Syst. Appl., vol. 219 (Jun. 2023), Article 119635, 10.1016/j.eswa.2023.119635
- [8]Assessment of dynamic line rating forecasting methodsElectr. Power Syst. Res., vol. 214 (2023), Article 108807, 10.1016/j.epsr.2022.108807
- [9]Cybersecurity in Power Grids: challenges and opportunitiesSensors, vol. 21 (18) (Sep. 2021), p. 6225, 10.3390/s21186225
- [10]Cyber-security on smart grid: threats and potential solutionsComput. Netw., vol. 169 (Mar. 2020), Article 107094, 10.1016/j.comnet.2019.107094
- [11]Classifying resilience approaches for protecting smart grids against cyber threatsInt. J. Inf. Secur., vol. 21 (5) (Oct. 2022), pp. 1189-1210, 10.1007/s10207-022-00594-7
- [12]Distributed resilient mitigation strategy for false data injection attack in cyber-physical microgridsFront. Energy Res., vol. 10 (2022), 10.3389/fenrg.2022.845341
- [13]False data injection attacks against state estimation in electric power gridsACM Trans. Inf. Syst. Secur., vol. 14 (Jun. 2011), 10.1145/1952982.1952995
- [14]Vulnerability analysis and consequences of false data injection attack on power system state estimationIEEE Trans. Power Syst., vol. 31 (5) (2016), pp. 3864-3872, 10.1109/TPWRS.2015.2504950
- [15]Detection of false data injection attacks in smart grid based on a new dimensionality-reduction methodComput. Electr. Eng., vol. 91 (May 2021), Article 107058, 10.1016/j.compeleceng.2021.107058
- [16]Detection of false data injection attack in power information physical system based on SVM–GAB algorithmEnergy Rep., vol. 8 (Aug. 2022), pp. 1156-1164, 10.1016/j.egyr.2022.02.290
- [17]Deep learning-based cyber resilient dynamic line rating forecastingInt. J. Electr. Power Energy Syst., vol. 142 (Nov. 2022), Article 108257, 10.1016/j.ijepes.2022.108257
- [18]Spatio-temporal data-driven detection of false data injection attacks in power distribution systemsInt. J. Electr. Power Energy Syst., vol. 145 (Feb. 2023), Article 108612, 10.1016/j.ijepes.2022.108612
- [19]Graph-based detection for false data injection attacks in power gridEnergy, vol. 263 (Jan. 2023), Article 125865, 10.1016/j.energy.2022.125865
- [20]False data injection attack detection in power systems based on cyber-physical attack genesFront. Energy Res., vol. 9 (2021)Accessed: Dec. 13, 2022. [Online]. Available: 〈https://www.frontiersin.org/articles/10.3389/fenrg.2021.644489〉
- [21]Ensemble learning-based dynamic line rating forecasting under cyberattacksIEEE Trans. Power Deliv., vol. 37 (1) (2022), pp. 230-238, 10.1109/TPWRD.2021.3056055
- [22]A global cyber-resilient model for dynamic line rating forecasting based on deep federated learningIEEE Syst. J., vol. 17 (4) (Dec. 2023), pp. 6390-6400, 10.1109/JSYST.2023.3287413
- [23]Industrial control systems: cyberattack trends and countermeasuresComput. Commun., vol. 155 (Apr. 2020), pp. 1-8, 10.1016/j.comcom.2020.03.007
- [24]How cyber-attacks in Ukraine show the vulnerability of the U.S. power gridElectr. J., vol. 30 (3) (Apr. 2017), pp. 30-35, 10.1016/j.tej.2017.02.006
- [25]Coordinated attacks on electric power systems in a cyber-physical environmentElectr. Power Syst. Res., vol. 149 (Aug. 2017), pp. 156-168, 10.1016/j.epsr.2017.04.023
- [26]A tri-level optimization model to mitigate coordinated attacks on electric power systems in a cyber-physical environmentAppl. Energy, vol. 235 (Feb. 2019), pp. 204-218, 10.1016/j.apenergy.2018.10.077
- [27]Analyzing locally coordinated cyber-physical attacks for undetectable line outagesIEEE Trans. Smart Grid, vol. 9 (1) (Jan. 2018), pp. 35-47, 10.1109/TSG.2016.2542925
- [28]Review of active defense methods against power CPS false data injection attacks from the multiple spatiotemporal perspectiveEnergy Rep., vol. 8 (Nov. 2022), pp. 11235-11248, 10.1016/j.egyr.2022.08.236
- [29]The impact of false data injection attacks against remedial action schemesInt. J. Electr. Power Energy Syst., vol. 123 (Dec. 2020), Article 106225, 10.1016/j.ijepes.2020.106225
- [30]False data injection attack detection in dynamic power grid: A recurrent neural network-based methodFront. Energy Res., vol. 10 (2022)Accessed: Feb. 13, 2024. [Online]. Available: 〈https://www.frontiersin.org/articles/10.3389/fenrg.2022.1005660〉
- [31]Analysis of stealthy false data injection attacks against networked control systems: three case studiesJ. Syst. Sci. Complex., vol. 36 (4) (Aug. 2023), pp. 1407-1422, 10.1007/s11424-022-2120-6
- [32]A review of machine learning algorithms for identification and classification of non-functional requirementsExpert Syst. Appl. X, vol. 1 (Apr. 2019), Article 100001, 10.1016/j.eswax.2019.100001
- [33]The Elements of Statistical LearningSpringer Series in Statistics, Springer, New York, NY (2009), 10.1007/978-0-387-84858-7
- [34]United Nations, Sustainable Development Goals (SDGs), (2023). https://sdgs.un.org/goals (accessed 16th March 2024).
Cited by (15)
A multi-stage techno-economic model for harnessing flexibility from IoT-enabled appliances and smart charging systems: Developing a competitive local flexibility market using Stackelberg game theory
2024, Applied EnergyCitation Excerpt :conducts site selection and capacity planning using vulnerability assessments and optimization methods, improving cost efficiency, profit, and stability in energy systems through the application of Dynamic Thermal Rating technology. [32] develops a Markov process-based framework for assessing grid network reliability, optimizing sensor placement and cyber-physical system availability, resulting in substantial improvements in network availability and reduced sensor requirements. [33] presents a machine learning model to mitigate false data injection attacks in Dynamic Line Rating systems, utilizing advanced feature ranking and selection techniques to enhance model accuracy and generalization, with the binary generalized linear model logistic regression showing the best performance.
A multi-period restoration approach for resilience increase of active distribution networks by considering fault rapid recovery and component repair
2024, International Journal of Electrical Power and Energy SystemsCitation Excerpt :In [17], a dynamic line rating forecasting algorithm is proposed to decrease outages and enhance the resilience of the power system. In [18], a robust machine learning model is introduced for addressing false data injection attacks to enhance resilience and energy security. In [19], a two-stage dispatching framework using the DTR model as the line capacity limit is proposed, and the goal is to optimize the source-load fluctuations while improving the system’s stability and flexibility.
An optimal dispatch model for distribution network considering the adaptive aggregation of 5G base stations
2024, International Journal of Electrical Power and Energy SystemsCitation Excerpt :Given that the aforementioned measures entail additional equipment, resulting in elevated costs and constraints in terms of space and capacity within DN, some researchers propose maximizing the utilization of existing assets. Dynamic Thermal Rating (DTR) systems [8,9,10] are suggested for adjusting transmission line capacity by monitoring environmental data. This approach helps reduce line capacity wastage stemming from conservative estimates, thereby facilitating RES integration.
Trustworthy cyber-physical power systems using AI: dueling algorithms for PMU anomaly detection and cybersecurity
2024, Artificial Intelligence Review