AMIDS: A Multi-Sensor Energy Theft Detection

Framework for Advanced Metering Infrastructures
Stephen McLaughlin and Brett Holbert
Computer Science and Engineering
Pennsylvania State University
{smclaugh, bdh5027}@cse.psu.edu

Saman Zonouz

Electrical and Computer Engineering
University of Miami
s.zonouz@miami.edu

Abstract—The advanced metering infrastructure (AMI) is a
crucial component of the smart grid, replacing traditional analog
devices with computerized smart meters. Smart meters have not
only allowed for efficient management of many end-users, but
also have made AMI an attractive target for remote exploits and
local physical tampering with the end goal of stealing energy.
While smart meters posses multiple sensors and data sources
that can indicate energy theft, in practice, the individual methods
exhibit many false positives. In this paper, we present AMIDS, an
AMI intrusion detection system that uses information fusion to
combine the sensors and consumption data from a smart meter
to more accurately detect energy theft. AMIDS combines meter
audit logs of physical and cyber events with consumption data
to more accurately model and detect theft-related behavior. Our
experimental results on normal and anomalous load profiles show
that AMIDS can identify energy theft efforts with high accuracy.
Furthermore, AMIDS correctly identified legitimate load profile
changes that more elementary analyses classified as malicious.

I. I NTRODUCTION
The Advanced Metering Infrastructure (AMI) is changing
the way electricity is measured, consumed, and even distributed. Digital smart meters remotely report not only finegrained energy consumption data, but also logs of events indicating malfunctions, misconfigurations, and potential physical
tampering. These monitoring capabilities, coupled with largescale AMI data aggregation promise to significantly mitigate
the problem of energy theft, an especially pervasive problem
in developing countries.
However, the recent nation-wide AMI deployment effort
has had quite an opposite effect by fueling concerns about
new ways to steal power, e.g., through remote smart meter
compromise. For instance, in 2009, the FBI reported a wide
and organized energy theft attempt that may have cost up
to 400 million dollars annually to a utility following an
AMI deployment [1]. Indeed, AMI significantly increases the
attack surface that utilities have to protect by introducing new
cyber threats on physically-accessible devices [18]. Penetration
testing efforts have shown vulnerabilities in smart meters that
could lead to stealthy energy fraud. Additionally, remote meter
reading eliminates the monthly visit by technicians to record
consumptions and to visually inspect meters.
As a result, the need for an efficient monitoring solution
to detect energy theft attempts in AMI has never been more
critical. In this paper, we introduce AMIDS, an integrated
cyber-physical intrusion detection system to identify malicious
energy theft attempts. AMIDS differs from previous solutions
by evaluating multiple AMI data sources under a combination
This material is based upon work supported by the Department of Energy
under Award Number DE-OE0000097.

Robin Berthier

Information Trust Institute
University of Illinois
rgb@illinois.edu

of techniques to detect theft-related behavior while reducing
false positives. In particular, AMIDS uses an attack graph
based information fusion technique to conceptually combine
collected evidences from three types of AMI-specific information sources: 1) cyber-side network- and host-based intrusion
detection systems; 2) on-meter anti-tampering sensors; and 3)
power measurement-based anomalous consumption detectors
through nonintrusive load monitoring (NILM). The main contributions of this paper are as follows:
• We present an information fusion solution which makes
use of an AMI-specific attack graph to identify energy
theft attempts with minimum number of false positives.
• We leverage data mining techniques to identify energy
theft through nonintrusive load monitoring. We designed
two algorithms: a supervised approach that can identify
individual appliance consumption and an unsupervised
approach that learns by clustering load events.
• We build a realistic household load simulator that we used
to evaluate the different individual detection techniques
and the information fusion solution through the injection
of realistic energy theft attacks.
II. R ELATED W ORK
Several solutions to energy theft have been proposed recently [9]. A popular approach has been to apply supportvector machine (SVM) to energy consumption profiles [8],
[20]. This approach consists of training an SVM from a
historical dataset and then testing the SVM on a different
dataset to find anomalies in the customer energy consumption.
[8] reports an accuracy of 98.4% based on a training set of
440 instances and a testing set of 220 customers. The same
authors extended their approach in [10] to leverage a hybrid
neural-network model and encoding technique in order to
automatically set the many parameters required by the model.
A different approach is shown in [4]. Here, the focus is
on identifying problematic metering installations, e.g., due to
malfunction or energy theft, through a central observer meter
in each neighborhood. Neighborhood energy use is compared
with individual customer loads using a model of N linearly
independent equations. This model is solved using matrix
inversion and recursive statistical methods, i.e., least squares.
This approach is limited by its reliance on linear independence
of equations and zero resistance of power lines.
A radically different approach is taken in [7] by using
a harmonic generator to actively deteriorate appliances of
customers who steal energy. Sensors monitor consumption
values, identify suspicious non-technical losses, disconnect
genuine customers, operate the harmonic generator for few
seconds, and reconnect everyone. An important limitation of

Note that attacks in the third categories are made possible through attacks from the first and second categories. thus guaranteeing that all policy violations will be detected. IV. 2) cyber attacks.-based monitoring and meter responsiveness to detect Ac4 Observation O5 : spec. and solid-state metering mitigates some attack techniques targeting electromechanical meters. energy thieves usually bypass meters by wiring power hungry appliances directly to the grid. It does this by constraining communications made using the ANSI C12. tampering with the meter storage. T HREAT M ODEL There are a variety of known techniques for energy theft that we assume an adversary may attempt against an AMIDSequipped AMI deployment. individual load profile events are analyzed to identify appliances being turned on and off. which records an unbroken sequence of application firmware upgrades. Cyber attack techniques against AMI have been recently studied [16].g. The soundness of these constraints can be formally verified. I NDIVIDUAL E NERGY T HEFT D ETECTION M ECHANISMS A. Indeed. we draw from these attack techniques to simulate attack scenarios in order to evaluate AMIDS. The different attacks are detailed in Table I. The results are used to create a usage profile for each household.-based monitoring and meter authentication logs to detect Ac3 Observation O4 : spec. Thus. Cyber Intrusion Detection Systems To address the challenge of detecting cyber attacks introduced by AMI. or meter tampering to inhibit proper recording of consumption. due to remote exploitation. In particular. [17] and include interrupting measurements. The table is used in the following sections as a guide to ensure a comprehensive coverage of the threats from the described detection solutions. the addition of network communication and smart devices to the grid has also brought new attack vectors. it is trivial for a customer to jam meter wireless communications to suppress physical tampering alarms. But. Power Measurement-based Anomaly Detection The third class of observations to detect theft-related behavior leverages the fine-grained load profile data available from smart meters.-based monitoring to detect Ac5 Observation O6 : spec. but false positive are reduced by combining tampering alerts with additional data sources covered in the following two sections. Moreover.-based monitoring to detect Ac6 Observation O7 : remote firmware attestation to detect A p5 C. Physical Tampering Detection Solutions Smart meters are already equipped with sensors to collect and log potential physical tampering events such as removal of the meter cover and physical bumping of the meter. e. To summarize. The latter may be done by applying magnets to interfere with instruments such as electromechanical rotors or solid state current transformers. we classify energy theft techniques into three categories: 1) physical attacks. From our threat models described in Table I. or by reversing or disconnecting meters from their sockets. smart meters can detect and report certain tampering attempts. we include such tamper detection sensors in our solution to detect physical attacks. However. III. AMIDS leverages two complementary intrusion detection systems that can be implemented and deployed via firmware upgrade: 1) a remote cumulative attestation kernel (CAK) in meters [13]. meter tamper alerts provide the following observations: • • • • Observation Observation Observation Observation O8 : anti-tampering alert to detect A p1 O9 : reverse rotation alert to detect A p2 O10 : disconnect alert to detect A p3 O11 : anti-tampering alert to detect A p4 B. and 2) a specification-based network intrusion detection systems deployed on access points or dedicated sensors in the local neighborhood area network [5].. a heavy truck passing near a meter can trigger the tilt alert [15]. At the grid level. The specification-based network intrusion detection system monitors traffic among meters and access points across layers to ensure that devices are running in a secure state and their operations respect a specified security policy. At the level of customer homes.-based network monitoring to detect Ac1 Observation O2 : remote firmware attestation to detect Ac2 Observation O3 : spec. A CAK is a lightweight solution for embedded systems such as meters. or connecting their entire electric system to a feeder with a pirate transformer. These profiles will be used later to detect changes in household energy consumption patterns. the most common techniques involve either tapping an external source such as a neighbor or distribution feeder. For example. damage to genuine customers could make the cost of false positives prohibitively high. and intercepting the meter communications to block or alter consumption values being reported. In particular. a problem with some such alerts is the high rate of false positives. Addressing such physical tampering-related issues has been one of the benefits of AMI. Our cyber intrusion detection system provides the following observation capabilities to cover attacks from our threat models described in Table I: • • • • • • • Observation O1 : spec. gaining privileged access to the meter firmware. For example. we introduce . and 3) data attacks having an impact on power measurements.TABLE I M APPING BETWEEN ATTACKS AND DETECTION TECHNIQUES Id Attack technique Cyber Ac1 Compromise meters through remote network exploit Ac2 Modify the firmware/storage on meters Ac3 Steal credentials to login to meters Ac4 Exhaust CPU/memory Ac5 Intercept/alter communications Ac6 Flood the NAN bandwidth Physical A p1 Break into the meter A p2 Reverse the meter A p3 Disconnect the meter A p4 Physically extract the password A p5 Abuse optical port to gain access to meters A p6 Bypass meters to remove loads from measurement Effect on power measurements Ad1 Stop reporting entire consumption Ad2 Remove large applicances from measurement Ad3 Cut the report by a given percentage Ad4 Alter appliance load profile to hide large loads Ad5 Report zero consumption Ad6 Report negative consumption (act as a generator) this solution is that if on-meter harmonic sensors fail. This audit log can be remotely queried by a verifier to detect firmware tampering.22 standard protocol.

1]2·|A|⇥1 . . This completes the profiling phase. Once the set of appliances contribution to each edge is identified. In particular. Qx  eti + d Qx  eti + d x 0 (4) where B = [1. Pr(C|F1 . and 2) the empirical probability mass distribution of the microwave usage frequency per day. where an element represents whether its corresponding appliance contributed to the edge eti . b] represents the concatenation of the vectors a and b. c2{0. This integer programming problem is solved to get the 2 · |A|-dimensional binary vector x. We review the Naive Bayes algorithm briefly.dn fa2 . Fn ) = Pr(C) · Pr(F1 . 1.5 0 Fig. C . F2 . The algorithm has two learning phases. and 2) the identified edges within the same trace.1} i=1 (3) Supervised Anomaly Detection. a database of appliance signatures is created and stored for use by a NonIntrusive Load Monitor (NILM). d is a small threshold value to account for measurement noise. 0 (legitimate power consumer) and 1 (anomalous power measurements).d1 fa2 . The calculated profiles (distributions) are used for anomaly detection purposes with the Bayesian classifier.d2 · · · fa|A| . · · · . This is a reasonable assumption as many near-simultaneous appliance events are unlikely [12]. Given the above probability model.1 0 2 4 Fig. Each column is then used to calculate the probability mass distribution Phi . F2 . Figure 1 shows 1) a sample power consumption time series of a single household generated by our implementation that simulated turn on/off 6 8 10 12 Microwave Usage Frequency 14 16 18 20 Learned Normal Appliance Usage Profiles incidents of 25 different home appliances.d1 · · · fa|A| . 0.d2 fa2 . if the mode of theft bypassed some appliances around the meter.e. . Here.a j (v) v 2 Z that appliance a j is used v times per day in household hi . in which Q p is an |A|-dimensional vector of power appliance consumption profiles.t. In . First. −0. (5) . Here. min BT x s. The supervised technique labels each on or off edge in the load profile according to its appliance of origin. F2 . Fi represents the i-th feature. and given the independence assumption. the probability model for a classifier is a conditional model Pr(C|F1 . · · · . et1 . f2 . More specifically.d1 B fa1 . A fa1 . Z i=1 (2) can be derived. Second. · · · .. · · · . the hypothesis with the maximum a posteriori is picked: n C( f1 . Formally.4 4 1 Edge Magnitudes 20 5 Probability Density Consumtion Report 15000 x 10 0. The NILM uses this database to identify appliance usage in the home over time. In particular. The algorithms are based on Naive Bayes learning that employs the method of maximum likelihood and is known to be one of the most effective and efficient classification algorithms in complex real-world situations. a features Fi is the daily usage frequency of appliance i. Fn ) (1) n 1 P(C) · ’ Pr(Fi |C).30 Daily Profiles 25 10000 5000 15 10 0 5 10 15 20 25 Appliances 0 1000 2000 3000 Minutes 4000 5000 0. @ . . Using a Bayes’ theorem. F2 . 2. Q p ] . and [a. etn ) corresponding to on/off events are identified and recorded. Pr(C|F1 . Figure 3 shows our implementation results: 1) home appliance usage frequency reports of a single household over 20 days (each line represents a single day). Thus. the power consumption time series are analyzed and the (edges) E = (et0 . and the conditional distributions are obtained from the learned profiles.dn per household hi is saved. over an n-day learning phase.. Fn ) = where Z is a constant scaling factor representing the evidence. AMIDS learns the daily usage frequencies of each individual appliance using appliance data provided by the NILM. The algorithm then determines which appliances a 2 A are missing from power measurements. · · · .3 1000 2000 3000 Minutes 4000 5000 A Sample 4-Day Load Profile and Identified Edges two power measurement-based detection solutions based on supervised and unsupervised machine learning techniques. i. .5 −1 0.. fn ) = arg max P(C = c) · ’ P(Fi = fi |C = c). The objective is to mark a given day-long smart meter measurements as normal or anomalous based on that household’s profile. the Bayesian classifier combines this model with a decision rule. AMIDS learns based on the daily frequency of each appliance fa . a usage profile matrix 0 1 fa1 . Each edge magnitude represents one or more appliance events. Q = [Q p . Fn ) over a dependent class variable C that takes on a binary value. Fn |C) P(F1 .2 0. 1. The objective of the optimization is to minimize number of incidents per edge.. · · · . and then discuss our two load-based energy theft detection solutions.dn · · · fa|A| .d2 C B C Uhi = B . · · · . The NILM works by solving the following binary integer programming problem to determine which devices contributed to a given edge. · · · .. F2 . the prior class probability P(C) in Equation (3) can be obtained from existing energy theft data [2]. Figure 3 shows our evaluation results for the supervised detection of anomalous power measurements.

.d 1 2 2 2 2 calculate the probability mass distribution P (v) v 2N |A| hiC . Figure 2 shows information a simplified fusion attack graph for an We present anULTI attack graph-based algorithm to due to individual false alarms.2 0. .. (3) The line with ⇥ 0. The attack graph is a state-based directed detection algorithms.Normal Day 30 20 10 0 0 5 10 15 20 25 Appliances Normality Probability 1 0.d hi = . ·appliance fa|A|.d . creates a daily basis profile of each houseduring individual Over an n-day learning phase. tion profiles dimensional binary vector x. The solid line represents the pdf of events per day in clustering of the unlabelled data. The intuition here isload that each cluster average silhouette s across allconsumption clusters.. . unsupervised . . . Q p ]1 . Fi 2) are Unsupervised essentially theAnomaly dailycluster usage frequency of individual home Detection: Unlike the supervised ability P(C) in Equation (3) can be obtained from statistical are obtained from the learned profiles. classes defines a fingerprint for consumption for a particular deviate this fingerprint.2 0.d1 of fa2times · · fappliance hold calculates number is used(5) f . ·individual · · . is the a reasonable assumption because theti ously is very low.d faaEach ·. . } for all clusters 1 . f } for all clusters 1set Anor clustering of three datasets is shown in Figure 4 1 2 |c| [a. d is a comparatively small threshold objective the optimization ishas tois contributed minimize of2 ·incithe aboveaofparticular integer programming solved tonumber get theedge |A|whether appliance to the et value that edge. Given an optimal bounds onfAf and each cluster are found andown used bucket Where b( )d6 is all the dissimilarity between thetoevent f sample and all detect between other events in its cluster. The attack graph is a state-based directed goal sg )meter thatattack iswith energy theft in this case. and the conditional distributions F essentially the daily (3) usage frequency of individual home i areFor measurements asEquation normal or anomalous based on the profiles ability P(C) in can be obtained from statistical net load. For example. The tion profiles of individual home appliances.e. and a(from f used )toisappear the distance between f and all a unsupervised learning algorithm proceeds as follows.4 0 30 kW (cluster 1) 0 0.appliance. In particular. .2 0.least } events for all (positive clusters noticeable reduction inused theoperation. Unsupervised Learning of Basline. according to our empirical many possible appliance combinations for a given edge Once the setlarge of number appliances contribution to each edge hold and times each appliance used in fisa observations.. Calculation the Finetimes grained data for usage by detection schemes The calculated profiles (distributions) are used anomaly per household hiprobability is saved. Given aninoptimal Alerts from each of the security sensors discussed Section bounds cluster found and used to bucket sample of bucketed data against the clustering of the training data. sources.. AMIDS makes use of the . while theThe net load enough suspicious. Q p ]1 ..1 0. Over an n-day learning phase.dn .low.values reduction the posterior . and (cluster 4) Fig..events in a clustering of the same scenario with an HVAC system that is 30% more efficient than the baseline. Q p ] . and thewill set cause ofshould sucha residence. dents Thisof issuch a reasonable assumption because the ously is very low. i. f . Furthermore. 3.. Consequently.dn the that denotes a j [23] is used used @ a1. in The solid the events pernumbers day in data.2 0 0 5 10 15 20 25 Home Appliances Corrupted Profile 30 20 10 0 0 5 10 15 20 25 Appliances Normality Probability 0. Furthermore. PhiA calculate the probability (v) v 2 N . As can be seen.21. Calculation the aforementioned i j i The calculated profiles (distributions) are used for anomaly haveThe been raised.4 0..column ·. the linesignificantly with marks is the same the day HVAC the case pdf of events in ⇥arepresents clustering thescenario scenario with ure 1. given meter for that particular household.5 0. identified. and the set of such residence.d2 fa2. thereaccomplished are specific alerts intrusion meter firmware or exhausted CPU each on themalicious meter. In the prior class probabout energy theft [?]. test case differs significantly from the baseline and legitimate test detection algorithms. attack graph is goal a state-based directed graph which detection algorithms. the line significantly with ⇥a marks is the same the HVAC the case pdf to of events in alerts clustering thescenario same scenario with cases. malicious an HVAC system that is 30% efficient than textual information.. Legitimate. thenisused iprobability fathat ·column ·consumption ·appliance fa|A| . and Malicious Profiles Malicious ⇥ Profiles. and Malicious Profiles 0. does it groups different load by clustering on supervised their home realFi 2) are essentially dailyevents usage frequency of individual Unsupervised Anomaly Detection: Unlike the edges) from the loadthe profile.. The unsupervised i.. of such minimization results in magnitude.d1 likely . the line marks isbased the same scenario with thedata.2 0 0. Âclass is annetequivalency of appliances.e. Q = appliances. events in its own cluster. M ULTI -S OURCE I NFORMATION USION of bucketed data against the clustering of the data.to inthe which Qetpi tion profiles appliances. 1]2·|A|⇥1home . Q = appliances. resulting in with four clusters formed from each dataset. course.dn 2.d ·. malicious an HVAC system that morethe efficient than the each of four clusters from data. the to clustering offalse the malicious III. and the conditional distributions Fi 2) arealgorithm essentiallyproceeds theAnomaly dailyasusage frequency of individual home learning follows.. a usage B C 0 fa1 . The solid line theof pdf ofsame events per day in of bucketed datawith against the clustering of the training reporting energy theft solely on individual alerts will bypassing the meter..d1 C 1 |A| profile matrix Uh = B ffaa1. Inand particular. in which each element represents is an |A|-dimensional vector that represent power consumpthe above integer programming is solved to 1 get theedge 2 · |A|whether has where B a=particular [1. resulting theand netlower load enough toeach appear suspicious. detection methods to identify action needed to proceed through the graph.dn |A| @ A B faaoccupant C . a2. 1)the The attacker’s M according totheover configuration ofthat the commercial meters. the conditional a noticeable effect on the containing appliance. a usage many possible appliance combinations for a given edge Once the setlarge of number appliances contribution to each hold and calculates of times each aappliance is edge used particular. the features The objective here is to mark a given day-long smart meter for that particular household. For example. Figure 2end shows aissimplified attack forthe an graph which models various paths starting from the identified by following binary subvectors: 1) the attacker’s goal sgsmeter ) the that iscontinues energy theft in this case. the first and second graphs show normal trace forfisa profile matrix magnitude. the administrative access identified by following two binary subvectors: 1) attacker’s current privilege in the meter: this captures themalicious attacker goalin2) state ssecurity thatand isconsequences energy theft in this At each time instant.1 0 0. over the upper and lower data. . ously is very low. distribution . successful combine evidences about on-going attacks from i.d2 · · ·. calculate the in probability mass distribution Paforementioned hi . The average measure isf )used to over an 1 silhouette 1 b( f Table ) a( from threat described in I: (6) s =models entireour clustering to determine the optimal number of clusters   max{b( |C: |supervised f ). Figure 5attack shows a 2end simplified energy theft attack graph continues untilThe the malicious achieved (represented by the energy theft.dtrace 1significant · · ·leads fa|A|to . Instead.possible measurement noise. Q = contributed [Q p .4 0. To clarify.is a( fused )} to over cas•2follows.4 0. Unsupervised The average silhouette measure is and used to over an kW (cluster 4)differs clustering of the malicious case significantly from Learning of test Basline.2 0 0. set of f2the . Because these individual alerts are subject to false positives. . Unsupervised Learning of Basline.dnormal). K-means clustering is then done not have appliance labels for events in the load profile. events inthese arepresents clustering of pdf theofof same scenario with ure 1. For itexample. common energy theft scenarios should not have appliance labels for events in the profile. 0 0 10 20 30 40 50 60 70 80 kW (cluster 4) Fig. Edge detection is first to extract a set of itevents (positive deviate significantly this fingerprint.inone appliance. .1 0 0. other events sin=Oother clusters. AMIDS uses anwith attack graph-based information fusion algoenergy theft. the the priordistributions class probreports energy theft [?]. in which Q p tion is anabove |A|-dimensional vector thatisrepresent consumpthe solved topower 2 · |A|1 get where B =integer [1.. appliance asmart j is used distribution completes the profiling detection purposes using ortheanomalous Bayesian based classifier algorithm. fvectors 2the [a. current privilege thealready meterofthat can this captures theorover set actions the attacker hassetaccomplished meter exhausted CPU on?the and 2)firmware thefuture security consequences that captures the of malicious do in the and isofeither none or meter. As can be seen.. at Edge detection first to a. the features evenappliances. models attack starting from theadministrative initial state saccess 0 and identified by the following two binary values.. and a( f ) is the dissimilarity • Observation : supervised anomaly system to detect Ad2(6)   14 |C:dissimilarity | aggregated |c| f 2c max{b( f ). i. improve the test differs from the baseline and with legitimate test Finally. .data. example. clustering of the baseline. each ofexample four clusters from data. 1 2 power magnitude.1 0. practical . Equation (3) can be obtained from statistical The calculated profiles (distributions) are used for anomaly The objective here is to mark aparticular. 4. a( f )} Where b(f f and ) is all the between the event f and Aall • Observation O17 :dissimilarity anomaly system to silhouette detect c2C events between itsdata.a Over an n-day learning 1 phase. dimensional binary vector x. While . successful combine evidences about on-going attacks from multiple the security state the smart meter device (except the goal state) is continues until theof malicious achieved (represented by energy theft. are obtained from the learned profiles. Instead. . bypassing a single appliance will have are obtained from the learned profiles. Given an optimal clustering. f } for all clusters c 2 C .d the reported measurements fless · · · tofabe . models various paths starting from the initial s0 i. will cause in other clusters...probability f|c| } for clusters 1 . 1.0. data. g ) the actions thethe attacker has already accomplished such as a modified M according to over configuration ofthat the existing meters. over The dashed line isas AnBayesian clustering oftraining three datasets isupper shown Figbounds on each cluster are found and used to bucket sample proved sensors report fairly large of bucketed data line against the clustering the training data. events clustering realis an equivalency class of appliances.the set of malicious meter.. At each state time instant.d faa22. is1n C then used to . Q p ] .per usedappliances. and 2) the security consequences that captures the set of malicious do in the future and is either none ? or the administrative access identified by the following two binary subvectors: 1) the attacker’s privilege M. accounts for possible measurement noise. resulting Edge is first used to extract a set (positive first based on individual event magnitudes. in clustering of the training data. Each Calculation theisaforementioned per isfasaved. C . measurements as normal on the profiles times per day in household h .dn the that household denotes the used toc n a j patterns. Learning of Basline.classifier can be released only after physical or cyber tampering alarms detection purposes using the Bayesian algorithm. Each isn C then toc Bisfprivacy-preserving fathat ·.isina which each element represents through on/off incidents. Legitimate. of appliances such minimization results in magnitude. 1]2·|A|⇥1home . Bayesian isthree then datasets done the distribution An example clustering of is shown in Figcloser toon 1each indicates a are better clustering. first done based on individual event magnitudes.e. f ..d2 a graphs.dAs fa2times · each · · thefappliance . according to our empirical many possible large appliance combinations for a given edge objective of the optimization is to minimize number of inciprobability thatlack many get turnedusually on/off simultaneobservations. Theday-long unsupervised deThe objective here is to mark aparticular. b]ofrepresents theCconcatenation of a and b. is then thedissimilarity distribution other Bayesian events in other aclusters. As can be seen. calculates Normal and Classification Probability magnitude. Calculation the aforementioned i The calculated profiles (distributions) are used for anomaly Unsupervised Anomaly Detection.setf|c|one of bucket during normal classification firstevents done basedison individual event Bayesian magnitudes.. AMIDS creates a daily basis profile of each houseduring individualover days. fn (positive detector or negative anomaly algorithm. M -S OURCE I NFORMATION F USIONS AMI smart meter the end malicious goalmultiple being asources. theconsumption detector does it groups different load events byunsupervised clustering on realThe residence. and the set of such Of course.intrusions. dents per ThisFurthermore.of1.6 0. 2) The security consequences of attacker actions: actions the attacker has accomplished suchtheas attacker a modified M according to configuration thecaptures existingwhat commercial meters. [Q p .. tector groups individual load events into based on measurements as normal or anomalous based on the profiles P(C) inmagnitude. set clusters with line c =shows { fthe .e.. Eachthecolumn is then used to that denotes the that appliance afor j is used c distribution completes the profiling phase. To clarify. ·sidefaasmart n n nA 1. while s Of = enough (6) the load to  appear suspicious. a( f )} bypassing a large appliance around the meter might not affect f 2c c2 C noticeable reduction in the size of at least one cluster. 2follows. common energy theft scenarios should bypassing appliance around thea( meter might not affect power magnitude. In Bayesian the priorsmart class probdistribution completes the profiling phase. The dashed is An clustering oftraining datasets is the shown inline Figofan false positives and is sometimes therefore. or negative edges) from the load profile. a usage @ A B C 0 1 f f · · · f .column ·. appliances with similar for that particular household.e. the different ways that We present anULTI attack graph-based information fusion algorithm to cases. upper bounds on cluster are found used negative edges)Cfrom thec load K-means clustering is aor set of clusters with = extract { of fprofile. InOURCE particular. Q = [Q p . we defer the design of protocols for(5) 2. Instead. the identified following binary subvectors: 1)smart the attacker’s goal sg each ) the that is energy theft in ? this each time instant.·. i. distribution .of1. .bypassing b( f ) unsupervised is the Euclidean distance between f scenarios and all events noticeable reduction in the size of at one cluster.. Consequently. for that about particular household.. dimensional binary vector in which each element represents through on/off incidents.the a( f )} Where b(f f and ) is all the between f andAd3 all • Observation O15 monthly toAdetect c2C events between in its cluster. ure 1. raised concerns shown that(5) 1.. AMIDS creates a daily basis profile of each houseduring individual days.d1 · each a|A| .d2 C 0 1 B C f f · · · f asaved. fa |c|of [a.the a( f )} Where b( f ) is O the between and all Observation checkers Ad1 c2C |c| 131:dissimilarity 1 f 2c report b( ffreq.C . To clarify. Legitimate. to extractdetection ai. resulting in The unsupervised learning algorithm proceeds as follows. each time instant. residence. successful combine evidences about on-going attacks from multiple i. classes defines value a fingerprint for for a particular deviate significantly from this fingerprint.. A silhouette clustering of theclassification unlabelled training data. and the of such 2) Unsupervised Anomaly Detection: Unlike theset supervised not have appliance labels for events in the load profile.5 00 00 0.(indicating that a . Edge detection is first Unsupervised Detection: Unlike thethe supervised not have appliance labels for events in the load profile. The intuition here is that each cluster appliances.2 0. Legitimate..d a . Consequently. b] represents the concatenation of the vectors a and b. . The solid line theof pdf ofsame events per in overall accuracy.d1 in athird profile matrix 1 for individual appliances. conditional detection purposes using theanomalous Bayesian classifier algorithm. Malicious Profiles as In the power-measurement monitoring system entire clustering to determine the optimal number of clusters provides the following observation capabilities to cover attacks cas2follows. For itexample. common energy theft should aOf large appliance around theleast meter might affect Here.3 0.5 0 20 kW (cluster 1) 0. and is either none ? what orcommercial the administrator meter firmware or exhausted CPU on the meter. between f and all other events in its own cluster. anomaly detection algorithm. classification issteps then against done the distribution each ofexample four clusters from training data.a j (v) v 2 N per day household hiload-based . A silhouette clustering of theclassification unlabelled training data. fa[14].cluster.4 00 00 0. current the meter captures the attacker can the do security state of the smart meter device (except the goal state) is can inprivilege future.. the clustering of the malicious an HVAC system that 30% more efficient than the baseline. features oneevents featuref1 . silhouette 1other 1 b( fown ) changes a( f ) event other events clusters.2 0 40 kW (cluster 2) 0. Malicious Profiles entire clustering to determine optimal number of clusters the baseline and legitimate testthe cases. the pdf ofpractice. cases. The dashed is An clustering oftraining three datasets is To shown inline Figresult in many costly physical inspections. Over an n-day learning phase. M -S OURCE Ioccur.5 0. cFig. The intuition here isf ) that each cluster 1 1 b( f ) classes defines a fingerprint for consumption for a particular deviate significantly from this fingerprint. AMIDS makes use of a novel model-based cases.. accounts for the possible measurement noise.done b]detection the concatenation the andevents b.. the 0 10 20 30 40 50 60 70 80 cFig.. will cause learning algorithm proceeds asnot follows. (2) The dashed line is vectors the pdf of b. .. d is a comparatively small threshold objective ofthat the many optimization is togetminimize number of inciprobability appliances turnedusually on/off simultaneobservations. · · · . Figure shows aissimplified attack for an We present an graph-based information fusion algorithm to for a state smart meter. C . Atby node. size cluster. i. identified.2 0 0 50 60 70 80 10 20 30 50 60 70 80 50 60 70 80 40 40 50 50 60 60 70 70 80 80 40 50 60 70 80 50 60 70 80 40 40 50 50 60 60 70 70 80 80 40 50 60 70 80 50 60 70 80 40 40 50 50 60 60 70 70 80 80 40 50 60 70 80 40 10 20 30 40 kW (cluster 1) 10 10 20 20 30 30 10 20 30 kW kW (cluster (cluster 2) 1) 10 20 30 40 kW (cluster 2) 10 10 20 20 30 30 10 20 30 kW kW (cluster (cluster 3) 2) kW (cluster 3) 0. the Edgedone detection ison first used to extract a set of events (positive first based individual event magnitudes. bypassing the meter. and a( f ) is the dissimilarity • Observation O : utility-side negative consumption to 18 closer to 1 indicates a better clustering. The three datasets a 1follows. the features appliances. bypassing meter. NILMs can reveal home behaviors [19].. aand corrupted measurement 2 B fa1 .2 00 0 0.. common energy theft scenarios | C | |c| max{b( f ).d 1. Consequently.. Legitimate (dashed).a our scheme to future work.d .NILMs |A| We note that thei use@ of along meters has B fa1. and done a( f ) isGiven the closer toon1each indicates better clustering. ·individual · ·programming .e. meter or exhausted CPU that on the meter.dn mass . The dents per Thisvector is the adreasonable assumption because thei dimensional binary x.clusters detection purposes using the classifier algorithm. duringinindividual days. ·individual · · ..2 0. thebyunsupervised detector based individual resulting on in their a set does of it on groups differentevent load magnitudes. The attack graph is goal aattack state-based directed graph which detection algorithms. The intuition each cluster |c| here is that classes defines a fingerprint for for a their particular anomaly detection algorithm. The average silhouette measure an Observation O12 unsupervised systems C |c| 1 c2 1 f 2cand b( f ) a( f ) anomaly (6) s = to detect A p6 to determine entire clustering the optimal number of clusters   |C |utility-side max{b( f ). models various attack paths starting from theAt state s0 sand AMI state smart the two end malicious goal being a(state successful initial state until the goal ofinitial theft 0 and with g ) is current privilege meter captures what the goal attacker can the security state of thethe smart meter device (except the state) is continues until theover malicious end goal is achieved (represented by the energy theft.5 0 10 0 10 20 30 40 kW (cluster 3) 10 10 20 20 30 30 10 20 30 kW kW (cluster (cluster 4) 3) 0. · faahave . if the change netfeature load isper very small. clusters C with c = { f . . Bayesian classification isthree thenmiss done over distribution HVAC system that 30% more efficient than the baseline. or negative edges) from K-means clustering is then done over the Cdistribution bucketed data against theis a 1set ofrepresents clusters withthec load = of {offprofile. the unsupervised detector does reports about energy theft [?].d1 studies Uhi = |A| perprivacy household hi Bisf[21].e. a usage a single household day and the posterior Once the set of0number appliances contribution to distribution eachis edge hold and calculates of used fisa fa1 .d (5) C . line significantly with ⇥ marks is the scenario the HVAC common energy theft attack paths. M ULTI -Spaths OURCE Imalicious NFORMATION F USIONS models various attack starting from the initial state s0 and AMI smart meter with the end goal being asources. it and will causetoina The unsupervised learning algorithm proceeds as follows. thetwo security state ofAt the meter is do instate thevarious future and is paths either none orcase.. alldensity are as (1) The solid function (pdf) of events per day in each of four clusters from 1 b] represents the concatenation of the a and training[a.2 0 0. current privilege meter captures what the attacker the security state of thethe smart meter device (except goal state) is continues until malicious end goal isexisting achieved (represented by can the and the that? captures thewhat set the of do the future is either none orcase.a j B Uthe per household hiprobability saved. d comparatively small threshold is anabove |A|-dimensional vector thatisrepresent consumpthe integer programming solved topower get the 2 · |A|whether appliance has contributed to the edge eti value thata particular accounts for thex. f2 .d1 Recent 2. Figure 2 shows a simplified attack graph graph which for an We present an attack graph-based information fusion algorithm to rithm to combine evidence of on-going attacks from multiple III. given day-long smart meter theirability real-power Thus.. ) a( f ) eventtof detect as• follows. anomaly detection algorithm. one feature per appliance.d1 C profile matrix U = B C hi . an optimal |Cother | unsupervised |c| f 2c in max{b( f ). .. of clusters |C| is determined by maximizing the isnumber an equivalency class of appliances. power magnitude.1 0 0. we mention a measure to j times per day in hhousehold hi . As is can be seen. course. shown |A| . 2 1. power magnitude. in which Q p is an |A|-dimensional vector that represent power consumpwhereprofiles B = [1.4 0 0 0. The dashed line is solution correlate and provides operators with contest differs from theof baseline and with legitimate test Finally.Unsupervised The average silhouette measure is and used to over an 1. appliance 1]2·|A|⇥1home .1 0 0 5 10 15 Home Appliances 20 25 Pr[kW] (4) Pr[kW] (3) Pr[kW] (2) Pr[kW] (1) Pr[kW] (4) Pr[kW] Pr[kW] (4) Pr[kW] (4) (3) Pr[kW] Pr[kW] (3) Pr[kW] (3) (2) Pr[kW] Pr[kW] (2) Pr[kW] (2) (1) Pr[kW] Pr[kW] (1) (1) where B = [1. 1 .e. own A d5 clustering of the unlabelled training the upper and alert lower other events in other clusters. lackDay ofProfile such of minimization usually is results Fig. and 2)firmware the security consequences captures actions the attacker has already such asand a modified As shown in the figure. To clarify.the M ULTI -S Imore NFORMATION F USIONS test case the differs from thesame baseline and with legitimate test Finally. Instead.2 0 0.e. over the upper and lower data.Csummary. fa|A|. lack minimization resultsThe in value per that edge.8 0.. Unsupervised Learning of kW Basline (solid). according to our empirical through on/off incidents. K-means clustering is a example of clusters with c = { f .isina which each element represents through on/off incidents. 1the 2user’s mitigate leaks ofcompletes most legitimate distribution profiling phase.. ThisFurthermore..AMIDS creates a daily basis profile of each houseidentified.of1. whilea theThe net significantly load enoughfrom to appear suspicious. dents edge. an optimal bounds cluster are found and used toFtraining bucket sample V. Finally. comparatively small threshold objective of the optimization is to minimize number of inciprobability that manyfor appliances turned on/off simultanewhether particular appliance hasgetcontributed to the edgeThe e value thata edge.1 Fig. bypassing the meter. AMIDS leverages a set of III.1 0. However. fvectors 2 . accounts possible measurement noise.d2 2 2 |A| B a1. [Q in the which Qp p . and the cluster. the administrative access such as athemodified meter firmware or exhausted on the actions attacker has already such asCPU a modified M according to configuration of accomplished the existing commercial meters. the clustering of the the baseline..a times per day in household h . while it groups different load events by clustering on their realis an equivalency class of appliances. f · · · .dare . AMIDSdays. III. 1. aOflarge course. The attack graph is that a state-based directed graph which reached. and AMI smart the end malicious goal being asources. K-means clustering is bypassing a large appliance around the meter might not affect noticeable reduction in the size of at least one cluster. measurements normal orthe based ondistributions the profiles loadreports sizes will in (3) same The resulting ability P(C) be inasplaced Equation can be obtained from statistical are obtained from the learned profiles. As is can30% betraining seen. calculate the probability mass distribution P (v) v2N h . each ofexample four clusters from data. negative edges)Cfrom the load profile. NFORMATION F USIONS ancombine energy theft attack could reduce positives evidences about on-going attacks from multiple sources.1 marks 0 has the HVAC bypassing the meter. . objective here is to mark a given day-long meterc that denotes the probability that thephase. and a( f system ) isGiven theto dissimilarity • Observation anomaly detect Ad4(6) sin=Oother 16 : supervised   closer to 1 indicates a better clustering.d2 fa2 . the prior class probindividual clusters are more sensitive to load changes than the reports about energy theft [?]. one feature per appliance. is a reasonable assumption because the ously per is very according to empirical many possible large appliance combinations forour a given edge Once the set of appliances contribution to each edge is probability thatlack many appliances get turnedusually on/off simultaneobservations. 1]2·|A|⇥1 . the andin lower IV indicate individual attack AMI.d1 and fourth identified. HVAC the pdf of events in ⇥arepresents clustering the scenario with ure 1.

where si is an HMM state at the ith step of the attack and is unobserved. 5. i. ok+1:t ) µ Pr(ok+1:t | sk )·Pr(sk | o1:k ). and malicious. Integrated Intrusion Detection We implemented the proposed HMM-based solution for the integrated energy theft detection. In particular. yi = (si . and hence AMIDS had to infer the steps based on the attack graph structure. calculates the probability of ending up in any particular HMM state given the first k alerts in the sequence Pr(sk | o0:k ). and evaluated its overall detection capability in dealing with sensor inaccuracies. Each user profile then contains the times of day. Formally. The time of day and duration fields each have a time granularity of one minute. Ideally. (Legit-Season) reduced usage of heating or cooling appliances due to seasonal changes. This results in only negligible variations in the power usage compared to the previous model.g. i. VI. that is. HVAC. We will evaluate accuracy of the individual proposed detection solutions and the integrated AMIDS approach on various normal (baseline) and anomalous usage profiles. yn 1 ) of arbitrary lengths. We are particularly interested in the accuracy gains that can be . given the HMM model and the past IDS alerts o0:t = (o0 . B. The first attack was a 5-step energy theft attack which was reported by the intrusion detection sensors accurately (each step was reported by the corresponding sensor)... In the second pass. AMIDS will not raise any alerts for legitimate traces. AMIDS considers each attack path as a discrete-time hidden Markov process. Profiles are then created for individual occupant types. The three malicious cases are: (MalBypass) the bypassing of a large appliance. The two probability distributions can then be combined to obtain the distribution over states at any specific point in time given the entire observation sequence: Pr(st | o0:t ) = Pr(sk | o1:k .. Pr(ok+1:t | sk ). AMIDS probabilistically knows about the current state.g.e. Ideally. E XPERIMENTAL E VALUATIONS A. around the meter. Heat loss due to hot water use for showering. AMIDS makes use of the forward-backward smoothing algorithm [22].. Having solved the HMM’s smoothing problem for Pr(st | o0:t ). electronic devices.. The last incomplete attack scenario which actually does not result in the goal state is not reported as a successful energy theft attempt with 87% confidence..Attack  Graph’s  State  Notion  [Privileges | Consequences] Attacker’s  Privileges   Cyber Consequences Ø: No Access/Control on the Meter CM/CN: Meter/End2End Confidentiality M: Administrative Access on the Meter IM/IN: Firmware/Network Integrity AM/AN: Meter/Network Availability Ac6 Ø | AN Ac5 AD1 Ø | IN AD1 Ac2 Ac1 M | IM AD1-5 M|Ø Ac4 Ø|T Ap4 Ø | TCM Ac3 M|A Ac2 M | TCM Ap3 Ap2 Reduced Power Consumption Reports Negative Consumption AD6 M | CMAM No (Zero) Consumption AD1 M | CM Ac2 Fig. the probability distribution over hidden states at each time instant. Power usage for the water heater is generated as a simplified version of the model used in [11]. (7) where the last step follows from an application of Bayes’s rule and the conditional independence of ok+1:t and o1:k given sk . e. In the legitimate load. and (Mal-Reduction) a constant reduction in measured power. lighting. These occupant types can be combined to simulate the usage patterns of common household arrangements. The compressor is then simulated to approximately meet the load curve. AMIDS picks the state with highest probability using the Most Likely State (MLS) technique [6] s⇤ = arg maxs Pr(st | o0:t ) and triggers the energy theft alert if s⇤ = sg . AMIDS will raise an alert for each malicious trace. The HVAC system is simulated using a pre-calculated load curve for a given temperate pattern. AMIDS was tested against three complete and incomplete energy theft attack attempts (see Table II). Consequently. i. 3) Malicious Changes: In the malicious scenarios. the traces are perturbed to reflect load changes caused by common energy theft scenarios. P(sg |observations) = 1. Load Profile Datasets 1) Baseline: We generate realistic load profiles based on simulated residents and their electric device usage. which. and (Legit-Occupant) modified use of all appliances due to occupancy change. Each device consists of a usage profile with the device’s power consumption as obtained from common device vendor websites. event sequence Y = (y0 . some alerts were not triggered by the sensors. number of uses. the traces are perturbed to reflect legitimate deviations from the baseline. ot ).e. and the observation oi is the set of triggered intrusion detection alerts at that step..g. y1 . Accuracy We now evaluate the accuracy of AMIDS under a number of attacks on a load profile for a single occupant apartment.. that cook. Those traces are: (Legit-Replace) the replacement of a large appliance with a version 30% more efficient. due to magnets or meter hacking. AMIDS reports the energy theft attempt with 85% confidence. AD1 AD1 Ø|R Ac3 Goal State (Energy Theft) AD1-5 M | TCMAM Ø|D Ac4 Ø | CM AD1 M | TCMIM Ac4 Ap1 Initial State Ø|Ø Ap5 Physical Consequences T: Tampered with (e. Previous work has shown that refrigerators loads follow roughly a 70 minute cycle and power is only drawn for half of that duration [3]. AMIDS considers the attack graph as a hidden Markov model (HMM) [22] and the alerts triggered by different detection techniques as observables oi 2 O. AMIDS’s main responsibility is to compute Pr(st | o0:t ). · · · . the algorithm computes a set of backward probabilities that provide the probability of receiving the remaining observations given any starting point k. miscellaneous hot water usage. In particular. (Mal-Disconnect) periodic disconnection of the meter resulting in zero usage. a path from s0 to sg . During the second attack scenario (identical steps). e. AMIDS can detect the energy theft attempt accurately. after the last step. C. Each row in Table II shows the posterior distribution over the attack graph’s state space. and durations of uses of each device. broken into) D: Meter Disconnected R: Meter Terminal Inversion M | CMIM AD1-5 A Simplified Cyber-Physical Attack Graph for AMI attack graph to detect energy theft efforts by correlating alert sequences denoting a complete energy theft attack. giving us minute level load profiles. As shown in the table. oi ). in the first pass. As expected.e. i. e. and other household items drawing power. The simulated refrigerators are assigned a cycle between 60 and 70 minutes to introduce some variation into the model.e. · · · . To perform information fusion online.g. Each scenario is assigned a device profile consisting of a set of appliances. 2) Legitimate Changes: Two modifications are made to the baseline load profiles: legitimate. and ambient temperature difference is considered to decrease the water temperature at a constant rate. do other chores or are nocturnal.

In IEEE Power and Energy Society General Meeting. V. Proceedings of the IEEE. 2010. E.85 0 0. pages 176–187.95 0 0 0 M|TCM 0 0 1 0 0 M|TCM IM M|CM IM 0 0 0 0 0 0 0.htm.08 0 0 0 0. Proceedings of the IEEE. and Patrick McDaniel. D. Depuru.22 specification-based IDS.08 0 0 0. Sanders.08 0 0 0. A check mark means that the correct action was taken. Rabiner. R EFERENCES [1] FBI: Smart Meter Hacks Likely to Spread. Devabhaktuni.R. [19] A. Devabhaktuni. 1998. McLaughlin.14 0 0 0 0. 2011. LeMay and C. [11] C. L. [23] Alfredo Rial and George Danezis.com/2012/04/fbi-smart-meter-hacks-likely-to-spread/. Nonintrusive appliance load monitoring. IEEE Security and Privacy. In IEEE North American Power Symposium. 2009. We also collected a week of meter traffic in a mesh network of nine meters and made connection attempts towards meters using a rogue software client in order to test our implementation of the ANSI C12. McDaniel. 1989. Technical Report MSR-TR-2010-150. Mulligan. Podkuiko. pages 1–8. Berthier and W. [22] L.06 0. C ONCLUSIONS In this paper. Wang. [3] M. Gunter. as compared to the accuracy of the individual methods. A report for the Colorado Public Utilities Commission.14 0 0 0. In Proceedings of the Annual Computer Security Applications Conference. [21] E.S. Gudi.08 0 0 0 0. McDaniel. K. Yardley.04 0 0.06 0. and D. Cecchet. Available at http:// krebsonsecurity. 2011. Galvez-Durand. L. Energy theft in the advanced metering infrastructure. 2010. Indeed. 2010. [7] S.S. pages 163–168. and F. Computer Security–ESORICS 2009.33 0. SK Ahmed. pages 61–66. and J. and (iii) load-based IDS alerts. Inferring personal information from demand-response systems. [18] Stephen McLaughlin. and V. Consumer strategies for controlling electric water heaters under dynamic pricing. An additional false negative by the supervised approach was also resolved. Wicker. Critical Information Infrastructures Security. Our experimental results show that through an effective information fusion and using the correlation among the triggered alerts. volume 1. VII. Depuru.08 0 0 0. pages 107–116. Fu. these results show that the HMM approach used by AMIDS is an effective solution for combining smart meter data sources to identify energy theft behaviors. Depuru. pages 1–8.14 0 0 0 0. In Proceedings of the 2nd ACM Workshop on Embedded Sensing Systems for Energy-Efficiency in Building. Lisovich. 2010. Wang. pages 1–8. [9] S.01 0 0 0 M|CM AM 0 0 0 0 0 Goal state 0 0. 2008.C.04 0 0.R.13 0 0 0 0 0 0. [6] A. and AM Mohammad. Podkuiko. Smart metering and privacy: Existing law and competing policies. Sythetically derived profiles for representing occupant-driven electric loads in canadian housing.5 0 0 0 0. the unsupervised learning algorithm identified two as malicious behavior. FC Souza. D.08 0 0 0. we disconnected and reversed meters and checked that alerts were generated. pages 655–670. While additional field testing is necessary. the combined approach eliminates the false positives of the individual approaches.65 0 0 0 0 ?|TCM 0 0. Apt. and V. Multi-vendor penetration testing in the advanced metering infrastructure. 2010. Molina-Markham.57 0. Available at http://www. [15] Betsy Loeff. Deirdre K. an integrated intrusion detection solution to identify malicious energy theft attempts in advanced metering infrastructures. 2004. L. 2011. 2010. In IEEE TENCON Region 10 Conference. Measures and setbacks for controlling electricity theft. 77(2):257– 286. Cassandra. Support vector machine based data classification for detection of electricity theft. In IEEE/PES Power Systems Conference and Exposition.07 0 A p4 7! O11 A p5 7! O7 Ac3 7! O3 0 0 0 0. In Proceedings of the international conference on Critical information infrastructures security. Goh and J. [2] Electricity thefts surge in bad times. Utility Automation and Engineering.08 0 0 0 0 0 0 0 0 0 Step 7! Observation A p5 7! O7 A p3 7! O10 Ac3 7! O3 Ac2 7! O2 Ad2 7! O14 ?|? 0 0 0 0 0 ?|T 0. pages 1–6. A conceptual design using harmonics to reduce pilfering of electricity. A tutorial on hidden Markov models and selected applications in speech recognition. A hybrid neural network model and encoding technique for enhanced classification of energy consumption data.06 0 0 0 0 0 0 0 0 0 0 0 0.W. Journal of Building Performance Simulation. PhD thesis. Energy theft in the advanced metering infrastructure. H. (ii) physical tampering alerts.04 0 0 0 0.06 0 0 0 0 M|CM 0 0. Exact and approximate algorithms for partially observable Markov decision processes. Quinn. In IEEE Conference on Local Computer Networks. L.04 0 A p3 7! O10 Ac2 7! O2 Ad2 7! O14 TABLE III E MPIRICAL D ETECTION R ESULTS FOR S EVERAL ATTACK S TEPS Mal-Login (Ac3 ) Meter Breakin (A p1 ) Meter Disconnect (A p3 ) Appliance Bypass (A p6 ) Legit-Replace Legit-Season Legit-Occupant Mal-Reduction (Ad3 ) Data Modification Intercept Comm. Delozier. and P. [14] Mikhail A. as defined M|TCM AM ?|AN ?|IN M|? M|IM 0 0. Deputizing data: Using ami for revenue protection. AV Pinto Jr. JER Alves Jr. M. Hart.14 0 0 0 0. Swinton. 2010. pages 184–193. CA Magalhaes. 2009. In IEEE/PES Transmission and Distribution Conference and Exposition. ACM. Dmitry Podkuiko. A dash indicates that the experiment did not apply. and an ⇥ indicates a false positive or false negative.07 0 0. [24] T. [13] M. [5] R. MRB Loureiro. In IEEE Power and Energy Society General Meeting. Wang. SK Tiong.SENSOR E NERGY-T HEFT D ETECTION USING THE AMIDS F RAMEWORK Attack Graph States ([Privilege|Consequence]. AMIDS can detect various in Figure M|A 0 0 0 0 0 5) ?|D 0. Of particular instances are the three Legit cases designed to cause false positives in the load-based approaches.14 0 0 0. I. McLaughlin.14 0 0 0 0. 2010.R.S. Nagi. [17] S. pages 1–1. Devabhaktuni.06 0 0 0 0 ?|R 0.03 0 0 1 0 0. In IEEE Pacific Rim International Symposium on Dependable Computing. Table III shows the results of running the individual IDSs as well as the combined HMM approach on a single-occupant dwelling. Keynote address: Developing a testbed for the smart grid. Miadzvezhanka. In particular.usatoday. 1992. Beausoleil-Morrison. Carnegie Mellon Electricity Industry Center Working Paper. 2(1):15–30. Cumulative attestation kernels for embedded systems.38 0 0 0 0. AMIDS makes use of different information sources to gather sufficient amount of evidence about an on-going attack before marking an activity as a malicious energy theft. [10] S.08 0 0 0 0 0 0.13 types of energy theft attempts accurately using individually inaccurate sensors.5 0 0 0 0. Ribberink. . The lack of any cyber or physical IDS alerts in these cases resolved these false positives in the combined approach. Private memoirs of a smart meter. [4] CJ Bandim. S. Devabhaktuni. 80(12):1870–1891. Microsoft Research. 2003. Springer-Verlag. KS Yap. 2009. Wang.38 0 0. Millette.92 0 0 0 0 0 0 0. and P.S. we presented AMIDS. Nelapati. Detection of abnormalities and electricity theft using genetic support vector machines.06 0 0 0 0 ?|CM 0. pages 1–7. Irwin. P. Alerting capabilities for the cyber and physical IDSes were validated experimentally on real meters in the TCIPG testbed [24]. Armstrong.08 0 0 0 0.14 0 0 0. Privacy-Preserving Smart Metering. [8] S. Identification of energy theft and tampered meters using a central observer meter: a mathematical approach. com/money/industries/energy/2009-03-16-electricity-thefts N. and P. Brown University. A.14 0 0 0. [12] G. 8(1):11–20. 2008.H. [20] J. [16] S. 2010. Depuru. Specification-based intrusion detection for advanced metering infrastructures. Shenoy. and Stephen B. pages 176–187.14 0 0 0 0. V. and N.Attack 3 Attack 2 Attack 1 TABLE II M ULTI . (Ac5 ) Detection Cyber IDSs Physical IDSs Supervised Unsupervised AMIDS (HMM) Physical Network Exploit (Ac1 ) Cyber X X X X X X X X X X X X X ⇥ X X X X X X ⇥ X X ⇥ X X X X made through information fusion of (i) cyber IDS alerts. As can be seen.