Identification of False Data Injection Attacks With Considering the Impact of Wind Generation and Topology Reconfigurations

Mostafa Mohammadpourfard, Ashkan Sami, Yang Weng

Research output: Contribution to journalArticlepeer-review

52 Scopus citations


Robust control of the power grid relies on accurate state estimation. Recent studies show that state estimators are vulnerable to false data injection attacks that can pass the bad data detection mechanisms. A grand restriction of the existing countermeasures is dealing with integration of renewable energy sources and topology changes because they are designed for a specific system configuration. In this paper, to detect cyber-attacks in power systems that are affected by sustainable energy sources or system reconfigurations, a unsupervised anomaly detection algorithm is developed. The proposed method first analyzes recent historical data and detects the state vectors that are different from normal trend since they may indicate attacks. Then, among the recent state records, most similar state vectors to this suspicious vector are determined. These vectors are combined to form a new vector in a way that the attacked states have smaller/larger values than the normal ones. Finally, different outlier detection algorithms are applied on the new vector and the attacked states are determined through a majority voting among those algorithms. The proposed method is tested on the IEEE 14 bus system with different attack scenarios including attacks to the system after a contingency and integration of wind farms. Results demonstrate the robustness of our method in dealing with changes.

Original languageEnglish (US)
Pages (from-to)1349-1364
Number of pages16
JournalIEEE Transactions on Sustainable Energy
Issue number3
StatePublished - Jul 2018


  • False data injection
  • outlier detection
  • robustness
  • state estimation
  • topology changes
  • wind farm

ASJC Scopus subject areas

  • Renewable Energy, Sustainability and the Environment


Dive into the research topics of 'Identification of False Data Injection Attacks With Considering the Impact of Wind Generation and Topology Reconfigurations'. Together they form a unique fingerprint.

Cite this