A Trojan Attack Against Smart Grid Federated Learning and Countermeasures

In smart power grid, consumers can hack their smart meters to report low electricity consumption readings to reduce their bills launching electricity theft cyberattacks. This study investigates a Trojan attack in federated learning of a detector for electricity theft. In this attack, dishonest consumers train the detector on false data to later bypass detection, without degrading the detector's overall performance. We propose three defense strategies: Redundancy, Med-Selection and Combined-Selection. In the Redundancy approach, redundant consumers with similar consumption patterns are included in the federated learning process, so their correct data offsets the attackers' false data when the local models are aggregated. Med-Selection selects the median model parameters of consumers with similar usage patterns to reduce outlier influence. In Combined-Selection, we compare gradients from consumers with same consumption patterns to the median of all local models, leveraging the fact that honest consumers' gradients are closer to the median while malicious ones deviate. Our experiments using real-world data show the Trojan attack's success rate can reach 90%. However, our defense methods reduce the attack success rate to about 7%, 4%, and 3.3% for Redundancy, Med-Selection, and Combined-Selection, respectively, when 10% of consumers are malicious.