The Association of Digital Forensics, Security and Law (ADFSL)


This article proposes a cyber-event detection framework to aid in incident Identification and digital forensics cases aimed at investigating cyber crime committed against the critical infrastructure power grid. However, unlike other similar investigative techniques, the proposed approach examines only the physical information to derive a cyber conclusion. The developed framework extracts information from the physical parameters stored in historical databases of SCADA systems. The framework uses a pseudo-trusted model derived from randomly selected power system observations found in the historical databases. Afterwards, a technique known as Bayesian Model Averaging is used to average the models and create a more trusted model. Results indicate a successful Classification of on average 89% for the simulated cyber events of varying magnitudes.


Abbasy, N. H., & El-Hassawy, W. (1996). Power system state estimation: Ann application to bad data detection and identification. In Proc. africon (Vol. 2, p. 611-615).

The american recovery and reinvestment act of 2009. (2009). [Washington, D.C. : U.S. G.P.O.].

Brinkhaus, S., & Carluccio, D. (2011). Smart hacking for privacy. In Proc. 28th chaos comm. congr.

Cios, K., Pedrycz, W., Swiniarski, R., & Kurgan, L. (2010). Data mining: a knowledge discovery approach. New York London: Springer. Energy independence and security act of 2007. (2007). [Washington, D.C. :U.S. G.P.O.: Supt. of Docs., U.S. G.P.O., distributor].

Fozdar, M., Arora, C., & Gottipati, V. (2007). Recent trends in intelligent techniques to power systems. In Universities power engineering conference, 2007. upec 2007. 42nd international (pp. 580{591).

Gastoni, S., Granelli, G., & Montagna, M. (2003). Multiple bad data processing by genetic algorithms. In Power tech conference proceedings, 2003 ieee bologna (Vol. 1, pp. 6{pp).

Geelen, D., van Kempen, G., van Hoogstraten, F., & Liotta, A. (2012, January). A wireless mesh communication protocol for smart-metering. In Proc. icnc (p. 343 -349).

Glover, J. (2012). Power System Analysis and Design (5th ed.). Stamford, CT: Cengage Learning.

Gu, Y., Liu, T., Wang, D., Guan, X., & Xu, Z. (2013). Bad data detection method for smart grids based on distributed state estimation. In Proc. icc (p. 4483-4487).

Fitiwi, D., & Rao, K. S. R. (2009, Januarary). Assessment of ann-based auto-reclosing scheme developed on single machine-infinite bus model with ieee 14-bus system model data. In Proc. tencon.

Hardle, W., & Simar, L. (2012). Applied multivariate statistical analysis. Heidelberg New York: Springer.

Hashim, N., Hamzah, N., Latip, M., & Sallehhudin, A. A. (2012, Feburary). Transient stability analysis of the ieee 14-bus test system using dynamic computation for power systems (dcps). In Proc. isms (p. 481-486).

Hatziargyriou, N., Contaxis, G., & Sideris, N. C. (1994). A decision tree method for on-line steady state security assessment. IEEE Transactions on Power Systems, 9 (2), 1052-1061.

Hatziargyriou, N., Papathanassiou, S., & Papadopoulos, M. (1995). Decision trees for fast security assessment of autonomous power systems with a large penetration from renewables. IEEE Transactions on Energy Conversion, 10 (2), 315-325.

Huang, C.-H., Lee, C.-H., Shih, K.-R., & Wang, Y.-J. (2010). Bad data analysis in power system measurement estimation using complex artificial neural network based on the extended complex kalman filter. European Transactions on Electrical Power, 20 (8), 1082-1100.

Lichtensteiger, B., Bjelajac, B., Mu andller, C., & Wietfeld, C. (2010, October). Rf mesh systems for smart metering: System architecture and performance. In Proc. smartgridcomm (p. 379 -384).

Liu, C., Rather, Z. H., Chen, Z., & Bak, C. L. (2013). An overview of decision tree applied to power systems. International Journal of Smart Grid and Clean Energy, 2 (3).

Liu, L., Esmalifalak, M., & Han, Z. (2013). Detection of false data injection in power grid exploiting low rank and sparsity. In Proc. icc (p. 4461-4465).

Lo, K., Zeng, P., Marchand, E., & Pinkerton, A. (1992). New bad-data detection and identification technique based on rotation of measurement order for sequential state estimation [for power systems]. IEEE Proceedings of Generation, Transmission and Distribution, 139 (5), 387-401.

Macaulay, Tyson. (2012). Cybersecurity for Industrial Control Systems: SCADA, DCS, PLC, HMI, and SIS. Boca Raton, FL: CRC Press.

Miller, B., & Rowe, D. (2012). A survey of SCADA and critical infrastructure incidents. In Proc. of acm conference on research in information technology (pp. 51{56).

Moghbel, M., Mokui, H., Masoum, M., & Mohseni, M. (2012, September). Reactive power control of dfig wind power system connected to ieee 14 bus distribution network. In Proc. aupec (p. 1-7).

Momoh, J., & El-Hawary, M. (2000). Electric systems, dynamics, and stability with artificial intelligence applications. New York, NY: M. Dekker.

Mori, H. (2006). State-of-the-art overview on data mining in power systems. In Proc. psce (p. 33-34).

Nian-de, X., Shi-ying, W., & Er-keng, Y. (1982). A new approach for detection and identification of multiple bad data in power system state estimation. IEEE Transactions on Power Apparatus and Systems, 101 (2), 454-462.

Shyh-Jier, H., & Jeu-Min, L. (2002). Artificial neural network enhanced by gap statistic algorithm applied for bad data detection of a power system. In Proc. t&d-ap (Vol. 2, p. 764-768).

Teeuwsen, S. P., & Erlich, I. (2006). Neural network based multi-dimensional feature forecasting for bad data detection and feature restoration in power systems. In Proc. pes-gm (p. 6).

U.S. Department of Energy. (2012, July). The american recovery and reinvestment act of 2009 smart grid investment grant program progress report. U.S. Department of Energy. (2014a, June). Advanced metering infrastructure and customer systems smart meters deployed. Report.

U.S. Department of Energy. (2014b, June). Smartgrid integrated project reporting information system. (www.sipris.energy.gov)

Van Cutsem, T., Wehenkel, L., Pavella, M., Heilbronn, B., & Goubin, M. (1993). Decision tree approaches to voltage security assessment. IEEE Proceedings of Generation, Transmission and Distribution, 140 (3), 189-198.

Wehenkel, L. (1998). Automatic learning techniques in power systems. Boston, MA: Kluwer Academic.

Yang, C.-C., & Hsu, Y.-Y. (1994). Estimation of line ows and bus voltages using decision trees. IEEE Transactions on Power Systems, 9 (3), 1569-1574.

Yano, E. T., de Abreu, W., Gustavsson, P. M., & Ahlfeldt, R.-M. (2015). A framework to support the development of cyber resiliency with situational awareness capability. In 20th international command and control research and technology symposium, june 16-19, annapolis, maryland, usa.

Yuma, G., & Kusakana, K. (2012, May). Damping of oscillations of the ieee 14 bus power system by svc with statcom. In Proc. eeeic (p. 502-507).



To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.