Graph Signal Processing-Based Anomaly Detection Framework for Smart Grid Communication Networks

Abstract

This research is aimed at developing a graphical framework of anomaly detection to improve cybersecurity of smart grid communication infrastructure. In the ever more digital-powered systems, smart grids have gained ground to use more elaborate communication systems, which facilitate real-time monitoring and control. Yet, this development brings with it systems susceptibilities that the more antique kinds of anomaly detection techniques which we are mostly non-topology-respecting really cannot do so much to help with. To address these shortcomings, instead, we suggest a Graph Signal Processing (GSP)-based framework, which casts the communication network in the form of a graph and views system metrics (e.g. the traffic volume, a latency measurement, or a voltage reading) as signals over this graph. We use graph Fourier transform, low-pass filtering and spectral residual analysis to identify localized and global anomalies using our approach. This circumvents exploitation of the spatial and structural data in detecting the non-normal behavior in real-time. The framework is benchmarked on both a mix of synthetic smart grid models and real-world data sets on communication, modeling different cyber and physical attack scenarios. The results indicate a detection accuracy rate of over 96 per cent and minimal false positive rates (<4 per cent) and detection latency of less than one second, which is better in comparison to conventional statistical and ML-based techniques. It offers the U.S. smart grid the scalable, explainable and real-time anomaly detection engine that fits the objectives of critical infrastructure security and resiliency agendas of the nation.