CPS: Medium: Secure Constrained Machine Learning for Critical Infrastructure CPS

CPS：中：关键基础设施 CPS 的安全约束机器学习

• 批准号: 2038922
• 负责人: Jinyuan Stella Sun
• 金额: $ 120万
• 依托单位: University of Tennessee Knoxville
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2021
• 资助国家: 美国
• 起止时间: 2021-02-01 至 2025-01-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2038922&HistoricalAwards=false
• 关键词: CPS; Medium; Secure; Constrained; Machine

Machine learning has found many successes in modern commercial application domains like computer vision, speech analysis, and natural language processing. However, its broader use in critical infrastructure cyber-physical systems (CI-CPS), such as, energy, water, transportation, and oil and natural gas systems, has been far less than ideal. This is mainly due to concerns with the reliability of existing machine learning techniques and the lack of explainability of the learned models. Moreover, CI-CPS often borrow techniques directly from commercial applications that fail to consider physical and topological constraints inherent in these systems. Security of machine learning has been extensively studied recently, revealing vulnerabilities of machine learning models and the effectiveness in deviating learning outcomes by polluting the model input. This is especially devastating in CI-CPS where learning is used for safety-critical operations and such deviation can cause irreversible harm to people and physical assets. Secure machine learning that models unique CI-CPS constraints is thus a much needed research area and is the focus of this project. This proposal intersects three fields - security, machine learning, and CI-CPS - to enhance the safety and resiliency of essential infrastructures in modern society. We use two CI-CPS, power systems and transportation systems, as target application domains to illustrate the general applicability of the proposed approach. The proposed work is carried out by four research tasks. First, the project will devise a suitable threat model under which adversarial machine learning attacks, ConAML, are developed subject to CI-CPS constraints. Second, the project will propose a mitigation method for ConAML attacks by introducing random input padding in both training and inference. Third, the project will propose a new “data-representation-model-task” association framework that realizes secure constrained machine learning from ground up, by designing a variation Dirichlet-network that bridges the input data with machine learning models in the representation space instead of the raw data space. Lastly, the project team will apply the proposed secure constrained machine learning to electric load forecasting and traffic forecasting, implement these applications in testbeds, and evaluate their security and performance under ConAML attacks. The proposed research seeks to improve the security, reliability and resiliency of CI-CPS. It contributes to the knowledge base of secure machine learning for CI-CPS, and applies to all safety-critical large interconnected CPS. The multi-disciplinary nature of the proposed work lends itself to cross-disciplinary education and training of future scientists and engineers.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

机器学习在现代商业应用领域中发现了许多成功，例如计算机视觉，语音分析和自然语言处理。然而，它在关键基础设施网络物理系统（CI-CP）中的广泛使用（例如能源，水，运输以及石油和天然气系统）远非理想。这主要是由于对现有机器学习技术的可靠性以及缺乏学习模型的解释的关注。此外，CI-CP通常直接从无法考虑这些系统固有的物理和拓扑约束的商业应用中借用技术。机器学习的安全性最近进行了广泛研究，揭示了机器学习模型的漏洞以及通过污染模型输入来偏离学习成果的有效性。在CI-CP中，这尤其是毁灭性的，在CI-CP中，学习用于安全至关重要的操作，这种偏差可能会对人和物理资产造成不可逆转的伤害。安全的机器学习对独特的CI-CPS约束进行建模是一个急需的研究领域，并且是该项目的重点。该建议与三个领域（安全，机器学习和CI -CP）相交，以提高现代社会基本基础设施的安全性和恢复能力。我们使用两个CI-CP，电源系统和运输系统作为目标应用领域来说明拟议工作的工作是由四项研究任务执行的。首先，该项目将设计一个合适的威胁模型，在该模型下，对对抗机器学习攻击Conaml的开发受到CI-CPS约束。其次，该项目将通过在训练和推理中引入随机输入填充，提出一种用于cONAML攻击的方法。第三，该项目将提出一个新的“数据代表模型任务”关联框架，该框架通过设计一个变体Dirichlet网络来实现安全的机器学习，该变化将输入数据桥接在表示空间中的机器学习模型而不是原始数据空间中。最后，项目团队将将建议的安全约束机器学习应用于电预测和流量预测，在测试台中实施这些应用程序，并在Conaml攻击下评估其安全性和性能。拟议的研究旨在提高CI-CPS的安全性，可靠性和弹性。它有助于CI-CPS安全机器学习的知识库，并适用于所有安全关键的大型互连CP。拟议作品的多学科性质为未来的科学家和工程师的跨学科教育和培训提供了自身。该奖项反映了NSF的法定任务，并通过使用基金会的知识分子优点和更广泛的影响审查标准来评估，被认为是珍贵的支持。

项目成果

Early Alarm: Robust Event Analysis for Power Systems using 1-D Fully Convolutional Network

• DOI: 10.1109/smartgridcomm57358.2023.10333935
• 发表时间: 2023-10
• 期刊: 2023 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)
• 作者: Chengcheng Li;Wei Wang;Zhihao Jiang;Lin Zhu;Jinyuan Sun;Yilu Liu;Hairong Qi

ConAML: Constrained Adversarial Machine Learning for Cyber-Physical Systems

• DOI: 10.1145/3433210.3437513
• 发表时间: 2020-03
• 期刊: Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security
• 作者: Jiangnan Li;Jin Young Lee;Yingyuan Yang;Jinyuan Sun;K. Tomsovic

Online Knowledge Distillation by Temporal-Spatial Boosting

• DOI: 10.1109/wacv51458.2022.00354
• 发表时间: 2022-01
• 期刊: 2022 IEEE/CVF Winter Conference on Applications of Computer Vision (WACV)
• 作者: Chengcheng Li;Zi Wang;Hairong Qi

Towards Adversarial-Resilient Deep Neural Networks for False Data Injection Attack Detection in Power Grids

• DOI: 10.1109/icccn58024.2023.10230180
• 发表时间: 2021-02
• 期刊: 2023 32nd International Conference on Computer Communications and Networks (ICCCN)
• 作者: Jiangnan Li;Yingyuan Yang;Jinyuan Sun;K. Tomsovic;H. Qi

Privacy-preserving Computation for Large-scale Security-Constrained Optimal Power Flow Problem in Smart Grid

• DOI: 10.1109/access.2021.3119618
• 发表时间: 2021
• 期刊: IEEE Access
• 影响因子: 3.9
• 作者: Xiangyu Niu;H. Nguyen;Jinyuan Sun;Zhu Han