Research

Adversarial machine learning

confused robot
Image source

This area has caught the attention of many researchers in the last years. While most efforts focus on analyzing the vulnerabilities of ML classifiers, I analyzed vulnerabilities of load forecast systems, which play a fundamental role in the operation of power systems. An increasing demand for precise forecasts motivates the design of complex models that use information from different sources, such as smart appliances. This research showed that an adversary can induce over or under estimations of load (consumption of electricity) by compromising some smart appliances. I propose a moving target defense mechanism that introduces uncertainties through an ensemble of predictors. The structure of the ensemble follow the equilibira of a Stackelberg game, where the defender decides first the structure of the prediction systems and the attacker then chooses its attack strategy.

Selected publications

  1. C. Barreto and X. Koutsoukos, “Design of load forecast systems resilient against cyberattacks”, in Decision and game theory for security, edited by T. Alpcan, Y. Vorobeychik, J. S. Baras, and G. Dán (2019), pp. 1–20.

  2. X. Zhou, Y. Li, C. A. Barreto, J. Li, P. Volgyesi, H. Neema, and X. Koutsoukos, “Evaluating resilience of grid load predictions under stealthy adversarial attacks”, in 2019 resilience week (rws), Vol. 1 (Nov. 2019), pp. 206–212.

  3. A. I. Ozdagli, C. Barreto, and X. Koutsoukos, “@PAD: adversarial training of power systems against denial-of-service attacks”, in Proceedings of the 7th symposium on hot topics in the science of security, HotSoS ’20 (2020), pp. 1–9.