Date of Award

August 2022

Degree Type


Degree Name

Doctor of Philosophy



First Advisor

Lingfeng Wang

Committee Members

Jun Zhang, Zeyun Yu, Wei Wei, Weizhong Wang


Cyber-physical security, Data-driven, Machine learning, Power systems


With the tighter integration of advanced communication and computing technologies, electrical power system is being transformed to more complex, efficient and sustainable smart grid. Today, almost every sector of physical power system including generation, transmission, distribution and consumption has to be monitored, protected and controlled to interact and communicate with each other through cyber infrastructure. The use of information and communication technologies (ICTs) has not only enhanced the efficiency and reliability of smart grid, but also created new vulnerabilities if they are not accompanied by advisable security reinforcements. Various vulnerabilities that ICTs bring about may leave some sectors of the power system to a wide range of cyber-physical attacks, which are implemented in cyberspace and may adversely affect the physical infrastructure.

To improve the resiliency of power grids against the threats of cyber-physical attacks, it is imperative that we identify the risk of such attacks and thereby implement effective security strategies to protect power systems from the attacks. Therefore, the cyber-physical security has become a key concern for both industry and academia communities. As a result, a large amount of efforts have been devoted to the research of cyber-physical attack and defense in smart grid. In recent years, with the rapid development of artificial intelligence, the data-driven machine learning approaches have received wide attentions because of their salient advantages in areas of attack identification and detection, and system control and risk mitigation. This dissertation investigates the cyber-physical attack detection, defense and mitigation by utilizing state-of-the-art data-driven machine learning techniques. Three research studies are presented in this dissertation, providing useful insight to power system administrators to identify cyber-physical attacks, mitigate the risk of attacks and protect critical power system equipments, and thereby enhance power system resiliency.

The first study proposes a novel reinforcement-learning-based dynamic defense strategy against dynamic load altering attack (D-LAA). A two-player zero-sum Markov game is formulated to analyze the complex interactions between the attacker and the defender, in which all players are rational and tend to maximize their own benefits. The proposed minimax-q algorithm is applied to derive the attacker/defender's Nash equilibrium strategies. The performance of the proposed model is evaluated on the IEEE 39-bus system. Comparisons between the dynamic defense strategy and the passive defense strategy are conducted, and the results verify the advantage of the proposed dynamic defense strategy. To improve the power system resiliency, this defense strategy can be deployed in advance when such cyber-physical attacks are anticipated.

The second research presents a new TripleGAN-based defense framework against the stealthy FDI attacks, which aims to accurately detect the attack and effectively mitigate the impact at the same time with a few labeled historical measurements. In this model, the detection is performed by the classifier and the mitigation is carried out by replacing the tampered measurements with the produced measurement data from the generator. To improve the detection accuracy and recovery efficiency, an extended loss function integrated with feature matching is proposed. The simulation results demonstrate that the proposed defense model is able to accurately detect the stealthy FDI attacks and the recovered state estimation is sufficiently close to the normal operation status, which thus improves the power system resilience. Furthermore, under various circumstances (with different numbers of targeted measurements, different intensities of environmental noise, and fewer historical data), the obtained results confirm that the proposed techniques exhibit advantages over other machine learning based detection and recovery methods.

In the last research work, a data-driven FDI attack model against load frequency control (LFC) system is proposed based on multi-agent deep reinforcement learning (MA-DRL). Instead of using legacy linearized LFC model, AC state estimation (ACSE) is integrated with LFC to reduce measurement noises and perform bad data detection. Thus, the system environment becomes more practical and complex, and more requirements need to be satisfied for the attacker to perform successful FDI attacks. In order to achieve two attack objectives simultaneously, i.e., stealthily maximizing the frequency deviation and minimizing the number of compromised measurements, a modified Multi-Agent Deep Deterministic Policy Gradient (MA-DDPG) algorithm is devised in this study, which treats the two objectives separately by global and local individual critic networks other than a simple linear combination. The impact of FDI attack on the LFC with ACSE is also analytically derived. The simulation results on the New-England 39-bus system demonstrate a good performance of the proposed FDI attack model compared with other methods. In addition, corresponding countermeasures based on the critical measurements are discussed and verified.

Available for download on Friday, August 30, 2024