Integrated with cutting-edge equipment and technologies, smart grid takes prominent advantages over traditional power systems. However, hardware and software techniques also bring smart grid numerous security concerns, especially various cyberattacks. Malicious users can launch cyberattacks to tamper with smart meters anytime and anywhere, mainly for the purpose of stealing electricity. This makes electricity theft much easier to commit and more difficult to detect. Researchers have devised many approaches to identify malicious users. However, these approaches suffer from either poor accuracy or expensive cost of deploying monitoring devices. This paper aims to locate malicious users using a limited number of monitoring devices (called inspectors) within the shortest detection time. Before inspectors conduct any inspection, suspicions that users steal electricity are comprehensively assessed, mainly through analyzing prior records of electricity theft as well as deviations between the reported and predicted normal consumptions. On the basis of these suspicions, we further propose a suspicion assessment-based inspection (SAI) algorithm, in which the users with the highest suspicions will be first probed individually. Then, the other users will be probed by a binary tree-based inspection strategy. The binary tree is built according to users' suspicions. The inspection order of the nodes on the binary tree is also determined by the suspicions. The experiment results show that the SAI algorithm outperforms the existing methods.
This work was published on IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY 15(2020):361-374.