CPS: Medium: Secure Constrained Machine Learning for Critical Infrastructure CPS

CPS：中：关键基础设施 CPS 的安全约束机器学习

• 批准号: 2038922
• 负责人: Jinyuan Stella Sun
• 金额: $ 120万
• 依托单位: University of Tennessee Knoxville
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-02-01 至 2025-01-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2038922&HistoricalAwards=false
• 关键词: CPS; Medium; Secure; Constrained; Machine

Machine learning has found many successes in modern commercial application domains like computer vision, speech analysis, and natural language processing. However, its broader use in critical infrastructure cyber-physical systems (CI-CPS), such as, energy, water, transportation, and oil and natural gas systems, has been far less than ideal. This is mainly due to concerns with the reliability of existing machine learning techniques and the lack of explainability of the learned models. Moreover, CI-CPS often borrow techniques directly from commercial applications that fail to consider physical and topological constraints inherent in these systems. Security of machine learning has been extensively studied recently, revealing vulnerabilities of machine learning models and the effectiveness in deviating learning outcomes by polluting the model input. This is especially devastating in CI-CPS where learning is used for safety-critical operations and such deviation can cause irreversible harm to people and physical assets. Secure machine learning that models unique CI-CPS constraints is thus a much needed research area and is the focus of this project. This proposal intersects three fields - security, machine learning, and CI-CPS - to enhance the safety and resiliency of essential infrastructures in modern society. We use two CI-CPS, power systems and transportation systems, as target application domains to illustrate the general applicability of the proposed approach. The proposed work is carried out by four research tasks. First, the project will devise a suitable threat model under which adversarial machine learning attacks, ConAML, are developed subject to CI-CPS constraints. Second, the project will propose a mitigation method for ConAML attacks by introducing random input padding in both training and inference. Third, the project will propose a new “data-representation-model-task” association framework that realizes secure constrained machine learning from ground up, by designing a variation Dirichlet-network that bridges the input data with machine learning models in the representation space instead of the raw data space. Lastly, the project team will apply the proposed secure constrained machine learning to electric load forecasting and traffic forecasting, implement these applications in testbeds, and evaluate their security and performance under ConAML attacks. The proposed research seeks to improve the security, reliability and resiliency of CI-CPS. It contributes to the knowledge base of secure machine learning for CI-CPS, and applies to all safety-critical large interconnected CPS. The multi-disciplinary nature of the proposed work lends itself to cross-disciplinary education and training of future scientists and engineers.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

机器学习在现代商业应用领域取得了许多成功，如计算机视觉，语音分析和自然语言处理。然而，其在关键基础设施网络物理系统（CI-CPS）中的广泛使用，例如能源，水，交通以及石油和天然气系统，远未达到理想状态。这主要是由于对现有机器学习技术的可靠性和学习模型缺乏可解释性的担忧。此外，CI-CPS经常直接从商业应用中借用技术，这些技术没有考虑这些系统中固有的物理和拓扑约束。机器学习的安全性最近得到了广泛的研究，揭示了机器学习模型的脆弱性以及通过污染模型输入来偏离学习结果的有效性。这在CI-CPS中尤其具有破坏性，其中学习用于安全关键操作，并且这种偏差可能对人员和物理资产造成不可逆转的伤害。因此，对独特的CI-CPS约束进行建模的安全机器学习是一个非常需要的研究领域，也是该项目的重点。该提案涉及三个领域-安全，机器学习和CI-CPS -以增强现代社会基本基础设施的安全性和弹性。我们使用两个CI-CPS，电力系统和交通系统，作为目标应用领域来说明所提出的方法的普遍适用性。建议的工作是通过四个研究任务来进行的。首先，该项目将设计一个合适的威胁模型，在此模型下，对抗性机器学习攻击ConAML将在CI-CPS约束下开发。其次，该项目将通过在训练和推理中引入随机输入填充来提出一种ConAML攻击的缓解方法。第三，该项目将提出一个新的“数据-表示-模型-任务”关联框架，通过设计一个变体Dirichlet网络，将输入数据与表示空间而不是原始数据空间中的机器学习模型连接起来，从根本上实现安全的约束机器学习。最后，项目团队将把提出的安全约束机器学习应用于电力负荷预测和交通预测，在测试平台上实现这些应用，并评估它们在ConAML攻击下的安全性和性能。拟议的研究旨在提高CI-CPS的安全性，可靠性和弹性。它有助于CI-CPS的安全机器学习的知识库，并适用于所有安全关键的大型互联CPS。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

Early Alarm: Robust Event Analysis for Power Systems using 1-D Fully Convolutional Network

• DOI: 10.1109/smartgridcomm57358.2023.10333935
• 发表时间: 2023-10
• 期刊: 2023 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)
• 作者: Chengcheng Li;Wei Wang;Zhihao Jiang;Lin Zhu;Jinyuan Sun;Yilu Liu;Hairong Qi

ConAML: Constrained Adversarial Machine Learning for Cyber-Physical Systems

• DOI: 10.1145/3433210.3437513
• 发表时间: 2020-03
• 期刊: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security
• 作者: Jiangnan Li;Jin Young Lee;Yingyuan Yang;Jinyuan Sun;K. Tomsovic

Online Knowledge Distillation by Temporal-Spatial Boosting

• DOI: 10.1109/wacv51458.2022.00354
• 发表时间: 2022-01
• 期刊: 2022 IEEE/CVF Winter Conference on Applications of Computer Vision (WACV)
• 作者: Chengcheng Li;Zi Wang;Hairong Qi

Exploring Physical-Based Constraints in Short-Term Load Forecasting: A Defense Mechanism Against Cyberattack

探索短期负载预测中基于物理的约束：针对网络攻击的防御机制

• DOI: 10.1109/pesgm48719.2022.9917179
• 发表时间: 2022
• 期刊: 2022 IEEE Power & Energy Society General Meeting (PESGM
• 作者: Dezvarei, Mojtaba;Tomsovic, Kevin;Sun, Jinyuan Stella;Djouadi, Seddik M.
• 通讯作者: Djouadi, Seddik M.

Towards Adversarial-Resilient Deep Neural Networks for False Data Injection Attack Detection in Power Grids

• DOI: 10.1109/icccn58024.2023.10230180
• 发表时间: 2021-02
• 期刊: 2023 32nd International Conference on Computer Communications and Networks (ICCCN)
• 作者: Jiangnan Li;Yingyuan Yang;Jinyuan Sun;K. Tomsovic;H. Qi