Abstract

Thanks to the increasing availability of high-quality data and the success of deep learning algorithms, machine learning (ML)-based classifiers have become increasingly appealing and investigated against sophisticated attacks in complex cyber-physical systems like the smart grid. However, many of these techniques rely on the assumption that the training and testing datasets share the same distribution and class labels in a stationary environment. As such assumption may fail to hold when the system dynamics shift and new threat variants emerge in a non-stationary environment, the capability of trained ML models to adapt in complex operating scenarios will be critical to their deployment in real-world applications. Using cyber-physical attack detection in the smart grid as the targeted application, this research aims to leverage transfer learning-based strategies to improve the robustness of ML classifiers against variations in threat types, locations, and timing in a complex dynamic CPS.
To this end, this research investigates and develops domain-adversarial transfer learning schemes for robust intrusion detection against smart grid attacks.
The main contributions include: (i) A domain-adversarial transfer learning scheme with customized classifiers for attack detection based on realistic smart grid data collected from a hardware-in-the-loop testbed; (ii) A semi-supervised transfer learning to transfer
the knowledge of limited known attack incidences to detect returning threats at a later time with different system dynamics; (iii) A divergence-based transferability analysis and a spatiotemporal domain-adversarial transfer learning scheme for robust detection against spatial and temporal variants. Experiments were conducted on standardized IEEE benchmarks, and the results have demonstrated the promising capability of domain adversarial transfer learning to improve ML robustness against system and attack variations.