Sage Journals: Discover world-class research

Abstract

With the widespread deployment of smart meters in smart grids and the transformation of communication methods from wired to wireless, the communication security issues are becoming more and more prominent, especially facing dynamic attack threats such as malicious signal interference and meter data corruption, but there are also problems of low detection efficiency and resource waste. To address this problem, this paper proposes a dynamic attack and defense detection model based on Bayesian game under resource-constrained conditions. In order to characterize the game behavior of attackers and defenders under incomplete information conditions, a two-stage game process is designed to simulate attack scenarios such as eavesdropping and interference, and the Beta distribution is introduced for dynamic belief update to enhance the defender’s adaptability to attack situations. Combining the performance and communication characteristics of heterogeneous nodes, a bipartite graph matching mechanism is introduced, and the optimal allocation of defense resources is achieved based on the Hungarian algorithm, thereby reducing the overall defense cost while ensuring system security. The simulation experimental results show that the proposed model can effectively improve the defense success rate in a dynamic environment, which is better than random defense, full coverage defense and traditional machine learning methods. The strategy optimized by the Hungarian algorithm reduces costs and increases benefits. Its feasibility and efficiency in actual smart grid applications are verified.

Keywords

smart meter Bayesian game wireless channel bipartite graph optimization

Introduction

The world faces the challenges of climate change and energy sustainability, achieving dual carbon goals critical for sustainable development. Smart meters are essential for energy management, providing accurate data, facilitating intelligent regulation, and enhancing efficiency. They monitor consumption, reduce costs, influence habits, and optimize industrial and commercial processes. Smart meters also play a crucial role in innovative city development and energy market regulation, supporting sustainable energy systems and transforming the energy industry.

With the rise of new load terminals like electric vehicles, smart meter deployment is growing. Power companies are leveraging wireless technology for cost savings in data transmission. Wireless smart meter systems, which include meters, communication modules, data processing units, and remote monitoring systems, are integral to smart grids.¹ As shown in Figure 1, meter devices are responsible for real-time collection of electrical energy data, communication modules achieve remote communication with power companies, data processing units process the collected data and generate reports, while remote monitoring and control systems handle monitoring and control functions of the meters.

Figure 1.

Smart meter transmission system.

The use of wireless channels in smart meter systems can reduce the deployment cost of smart meter data transmission. they also introduce new problems. Compared to wired transmission, wireless channels are more susceptible to interference and eavesdropping, allowing unauthorized third parties to access or tamper with user electricity data potentially. Such interference can lead to data transmission interruptions or errors, affecting the operation and management of the power system. Moreover, the physical security of smart meters faces challenges, such as being susceptible to tampering or destruction, resulting in forged or stolen electricity consumption data. The security of power data has always been a major challenge facing the power security industry. The widespread use of smart meter systems has made the manipulation of electricity data more subtle and complex. According to industry statistics, electricity theft and abnormal data behaviors lead to significant economic losses each year. For example, China reports annual losses of nearly 10 billion yuan, while India experiences the most severe power data falsification globally, with losses exceeding 16.2 billion dollars.² These figures highlight the urgent need for effective security mechanisms in smart meter systems.

There have been numerous studies on attacking smart meters at home and abroad. To detect cyberattacks on a single smart meter, Du et al.³ proposed a novel data-driven method based on dimensionality enhancement of recursive graphs (RP) and visual geometry group networks (VGGNet) for detecting false data injection in smart meters. Wang et al.⁴ introduced honeypot technology into the smart grid AMI network to deal with DDoS attacks. They considered the anti-honeypot problem from the attacker’s perspective and proposed a honeypot game strategy to analyze the strategic interaction between attackers and defenders. Jim Solomon Raja et al.⁵ proposed an intrusion detection and prevention system designed to be implemented on a real-time AMI testbed. Transmission Control Protocol (TCP) synchronization (SYN) attacks of different intensities were simulated, and data packets were captured. The optimality was ensured by verifying the existence of a Nash equilibrium in a two-player non-cooperative game. Ryu proposed a physical unclonable function (PUF) lightweight encryption method to enhance the wireless connection security of smart meter sensor nodes.⁶

In the case of abnormal electricity consumption data, it is crucial to consider the security of smart meter systems in wireless environments. Haq et al.,⁷ Chen et al.,⁸ and El-Toukhy et al.⁹ proposed theft detection models based on historical data, but these models react after theft occurs rather than preventing it. Wang et al. have proposed a game model under node capability differences,¹⁰ which can reduce the detection cost for intruders while ensuring a specific detection rate. However, they did not consider the impact of channel parameters in wireless environments on the model. Kumar et al.¹¹ studied the performance of smart meters under wired and wireless network security attacks and evaluated the performance of wired and wireless smart meters under network security attacks. Tu et al.¹² proposed a secure network architecture based on cognitive radio (CR) as a countermeasure. By dynamically utilizing unused PU bands, it is more difficult for data streams to be intercepted. Dai et al. presented the implementation of Quantum Key Distribution (QKD) in smart grids.¹³ Through theoretical analysis and application scenario evaluation, we demonstrated the feasibility of using QKD to ensure wireless security in smart grids. Xu et al. proposed a cooperative jamming attack strategy for the smart grid,¹⁴ in which a team of mobile attackers interferes with the electricity price signal sent by the control center to the power user, and stops the jamming when the real price value detected by the attacker changes significantly. Ma et al.¹⁵ proposed a multi-behavior dynamic game strategy between attackers and defenders to initiate interference attacks in the power market. Gai et al.¹⁶ proposed an attack strategy against Cognitive Wireless Network (CRN) in Wireless Smart Grid Networks (WSGN). The proposed method using the Maximum Attack Strategy for Spoofing and Jamming (MAS-SJ) optimizes the allocation of power in spoofing and jamming attacks by applying dynamic programing. Mensi et al.¹⁷ used a hybrid beamforming design for wireless communication in smart grids. Design and evaluate the Gradient Ascent algorithm to find the best combiner/waveform to maximize the confidentiality of smart grid communications.

Based on the above research status of smart meters at home and abroad, the author believes that the following aspects need to be further explored and clarified:

Wireless Characteristics: The characteristics of wireless channels, such as signal interference and transmission instability, significantly affect electricity abnormal data behavior. Understanding how the wireless channel environment alters abnormal data behavior patterns and optimizing and adjusting defense strategies accordingly are crucial for ensuring effective defense under various wireless channel conditions. Effectively addressing the challenges posed by the wireless environment requires an in-depth analysis of how channel characteristics impact data transmission and attack behavior, thereby formulating more precise and flexible defense strategies.

Dynamic Nature: The diversity and complexity of malicious destruction of power data behaviors demand that defense systems possess a high degree of flexibility and adaptability. Researching and developing mechanisms that can monitor and analyze theft behaviors in real-time and dynamically adjust defense strategies are essential for enhancing system defense capabilities. The defense system must be able to quickly respond to different types of attacks and continuously optimize strategies in a changing environment to maintain a high level of defense efficiency.

Effectiveness: In resource-constrained scenarios, such as limited computational power and communication bandwidth, improving the efficiency and effectiveness of defense measures is critical. Exploring effective resource allocation and optimization methods to ensure that the defense system can still effectively identify and respond to malicious modification of power data behaviors under limited resources is key to achieving efficient defense. This requires the development of intelligent resource management and optimization algorithms to maximize the utilization of available resources, ensuring the best balance between cost and performance.

In response to these problems, this paper focuses on improving detection accuracy by studying malicious modifications to electricity usage data in real time, even under resource-limited conditions. By analyzing the strengths and weaknesses of various models and algorithms listed in Table 1, the authors introduce a game-theoretic model to optimize the security of smart meter systems through a dynamic attack-defense game. Specifically, the main contributions of this paper are as follows:

Dynamic Bayesian game model: To address dynamic attacks in wireless channels, the authors construct a dynamic Bayesian game model. Malicious modifications to electricity data are considered attackers, while those who prevent them from causing anomalies are considered defenders. This game model allows defenders to adopt different strategies based on the attacker’s behavior in the wireless channel. By combining historical attack data and current anomalies in electricity data with Bayesian probabilities, defense strategies are optimized, achieving dynamic and efficient defense under various channel conditions.

Wireless channel environment simulation: The attack and defense scenarios are simulated based on the wireless channel, and the impact of wireless channel characteristics such as signal interference and transmission instability on node capabilities is considered in detail. This improvement makes the game model closer to the actual scenario and can more accurately evaluate the potential threats and impacts of different nodes in the wireless environment, thereby improving the accuracy and real-time performance of electricity theft detection.

Hungarian Algorithm Optimization: To improve the effectiveness of defense measures under resource-constrained conditions, the Hungarian algorithm is introduced in the smart meter scenario to calculate the weight matrix to achieve the optimal defense match between the defender and the wireless smart meter. This optimization method ensures that the defense system can achieve efficient defense at a lower cost under limited computing and communication resources, thereby improving the overall defense effect and resource utilization efficiency of the system.

Table 1.

Applications of Bayesian games.

Ref.	Type of study	Positives	Cons
Habib Benbouhenni¹⁸	Bayesian and stochastic game joint approach for Cross-Layer optimal defensive	Learning optimal defense strategies with incomplete information	The complex relationships and scattered scenes between players are not considered in depth
Shen and Feng¹⁹	pure-strategy and mixed-strategy perfect Bayesian Nash equilibrium (PBNE)	The defender’s optimal strategy against potential attacks	Difficult to analyze attacker types and prior probabilities
Wu et al.,²⁰	Dynamic Bayesian Game Model	System defenders quickly gain equilibrium strategies	The problem of solving mixed strategy Nash equilibrium in the game model is not considered
Li et al.²¹	A Bayesian-based method for updating posterior-type beliefs	Update the opponent’s type belief by using the boundary probability based on Bayesian Nash equilibrium	May cause over-defense
Sadia et al.²²	Resource-aware Static Intrusion Detection Bayesian Game (S-IDBG)	Dynamically adapt to changes in attack patterns and system vulnerabilities	The real-time adaptability of the system is not strong enough
Zarreh et al.²³	An Epistemic Bayesian Game	Determining appropriate defense strategies when there is not enough prior data	Gaming payoffs may vary depending on when and what kind of state occurs.
Liu et al.²⁴	A parallel particle swarm optimization method to solve Nash equilibrium of Bayesian games	The defender’s benefits decrease as the false alarm rate increases and decrease as the detection rate decreases	However, the model is less applicable in analyzing other attack behaviors besides intrusion detection.

Through this study, the author hope to provide valuable insights for the security design of smart meter systems, better cope with the challenges faced by the power industry, and ensure the reliable operation of smart grids.

The paper is structured as follows: Section 2 reviews the technical overview of smart meter systems, security challenges, and research gaps. Section 3 constructs the game model, analyzes pure strategy and Bayesian equilibrium, and considers the impact of attack and defense capabilities in wireless channels. Section 4 optimizes the model using the Hungarian algorithm to derive the optimal defense strategy. Section 5 discusses experimental design and result analysis. Section 6 concludes the research and explores future directions.

Related work

Overview of smart meter systems and security research

Several scholars have explored the security issues of smart meter systems. Bhattacharjee et al.²⁵ used false injection attacks to manipulate consumption data, while Kumar et al.²⁶ focused on denial-of-service attacks on commercial-grade smart meters. Díaz Redondo et al.²⁷ investigated vulnerabilities by conducting denial-of-service and malicious software attacks on residential smart meters. Studies on grid attacks have examined various attack types, including man-in-the-middle attacks on smart meters,²⁸ denial-of-service attacks,²⁹ and electricity load attacks, showing that authentication alone does not protect meters.³⁰

While most existing research focuses on technical vulnerabilities and attack strategies, relatively little attention has been paid to the resource cost of attackers. However, attacker resource consumption (such as computation and communication overhead) can affect the sustainability of large-scale attacks. Considering these factors can provide a more realistic perspective for defense strategy design, although this paper primarily emphasizes the defense efficiency under limited defender resources. as it relates to the sustainability, cost, and potential impacts of attacks. Research should not only focus on technical attack details and system vulnerabilities, but also consider the resources attackers use during implementation. Modeling attacker resource consumption will offer new insights for power system security research, helping to develop more comprehensive and sustainable defense strategies.

Application of game theory in power systems

Game theory, widely used in fields like operations research, economics, and ecology, focuses on decision-making methods to maximize individual interests. Recently, game theory has been applied to smart grids,^31–33 particularly in power system security. Hasan et al.³⁴ used game theory to design an attacker-defender model where attackers determine attack timings to maximize system damage. Ge et al.³⁵ proposed a resource allocation method based on game theory for defending against potential network attacks in smart grids. Pilz et al.³⁶ introduced a false data injection attack on demand prediction data and its effects on system parameters, with proposed monitoring strategies and game theory support for utility companies’ defense resource allocation.

Existing research mainly focuses on the benefits of both sides in the game, but lacks in-depth analysis of target node values and the actual capabilities of attackers and defenders. More research is needed to explore these elements in the dynamic game process to improve understanding and help develop more effective defense strategies for power systems.

Attacks and defenses in wireless channels for smart meters

Common signal interference attack methods

In wireless channel environments, interference attacks are a means of causing denial of service by preventing data packet exchanges between legitimate nodes.³⁷ Interferers may choose to occupy the channel or cause collisions, disrupting data packets and forcing nodes to retransmit.³⁸ The following are introductions to standard interference attack models for wireless sensor networks:

Constant Interference Attack³⁹: The basic strategy of this attack is to transmit random bits on the channel to occupy the transmission channel. Attackers occupy channel resources by continuously sending random bits, thereby preventing standard data transmission between legitimate nodes.

Deceptive Interference Attack⁴⁰: Unlike constant interference attacks, attackers in deceptive interference attacks do not send random bits but continuously transmit data packets on the channel. This method may mislead legitimate nodes, causing them to fail to identify valid data packets, thereby degrading communication quality correctly.

Random Interference Attack⁴¹: This method allows attackers to save energy by transitioning from active to sleep states at random time intervals. Attackers can selectively interfere with channels based on specific strategies to maximally affect the communication of target nodes while minimizing energy consumption.

These interference attack methods pose significant threats to wireless communication in smart meter systems, disrupting data transmission and potentially compromising the security and reliability of the entire system. Therefore, effective defense mechanisms need to be developed to mitigate the impact of such attacks and ensure the secure and reliable operation of smart meter systems.

Introduction to detection mechanisms

The overall idea of detecting interference attacks on wireless channels involves analyzing changes in sensitive attributes of senders or receivers before and after the occurrence of interference attacks.

Signal Strength⁴²: Signal strength is a parameter that measures the communication quality between devices. An abnormal change in signal strength may indicate external interference affecting communication between devices.

Packet Loss Rate⁴³: The packet loss rate reflects the reliability of data transmission, and abnormal packet loss may be caused by signal interference.

Spectrum Analysis⁴⁴: Spectrum analysis is used to observe the distribution of signals in the wireless spectrum. Abnormal activity suggests possible external interference.

Carrier Sense Time⁴⁵: Carrier sense time refers to the time during which wireless communication devices listen to the spectrum before transmitting data to detect whether other devices are using the spectrum. During interference attack monitoring, abnormal carrier sense time may indicate the presence of illegal signals on the spectrum, that is, interference attacks.

In practical smart meter attack and defense scenarios, few people combine specific wireless channel attack defense with energy consumption considerations. Although the design of modern smart meter systems is increasingly focused on security, when considering attack and defense, more attention is often paid to aspects such as data security and encryption of communication protocols.^46,47 Defense against wireless channel attacks is often underestimated, with relatively less attention paid to energy consumption. Defense measures against wireless channel attacks may impact the energy consumption of smart meters. For example, to combat malicious persistent interference attacks, smart meters may need to continuously monitor channel status and take additional protective measures, which would increase device energy consumption. Additionally, some efficient defense mechanisms may require more computational resources and communication overhead, further increasing the energy consumption of smart meter systems.

Therefore, in the design of smart meter attack and defense, in addition to focusing on security and functionality, consideration should also be given to the impact of defense measures on energy consumption. If these factors are considered during the design phase, a balance between security and energy efficiency can be achieved, ensuring that smart meter systems can maintain stable operation when facing security threats without excessively consuming of energy resources.

Two-stage Bayesian dynamic game model in wireless channel

This section presents a two-stage Bayesian dynamic game model for wireless channels, illustrating the strategic interactions between defenders and attackers in a smart meter environment. We begin by analyzing the two-stage attack-defense game, focusing on the defenders’ and attackers’ strategic choices before and after monitoring. Next, we extend the model to a dynamic Bayesian game, employing Bayesian methods and Beta distributions to update the defender’s understanding of the game state. Finally, the authors study pure and mixed strategy Nash equilibria, identifying optimal strategies for attackers and defenders under different cost and probability scenarios. This model provides valuable insights into attack-defense dynamics in smart meter systems, offering both theoretical and practical support for tackling various attack strategies.

Strategic interaction

In the two-stage attack-defense game model, the strategic interaction between defenders and attacker present a complex dynamic relationship. In smart meter systems, the defender’s task is to monitor and protect the meter from illegal operations, while the attacker attempts to implement illegal operations through various means. Figure 2 illustrates the four possible scenarios of strategic interaction between the two sides.

Figure 2.

illustrates the strategic interaction between defenders and attacker.

Figure 2 shows four strategic interactions between defender and attacker. The defender monitors meters, while the attacker attempts illegal actions. Figure (a) illustrates a successful defense, where the attacker is discovered and penalized. Figure (b) illustrates the absence of monitoring, allowing the attacker to attack undetected. Figure (c) illustrates wasted resources, as the defender monitors but the attacker’s actions are not carried out. Figure (d) shows no attack or monitoring. These scenarios highlight the interdependence of strategies, where defenders aim to optimize monitoring, and attacker adapt to avoid detection.

Model parameters

The game model defines the strategic interaction between the attacker and the defender (power distribution company). The attacker attempt to disrupt smart meter energy data through signal jamming, while the defender aims to detect and punish such behavior through monitoring. The model parameters are defined as follows:

G = {N, A, H, P, Ω, μ}

(1)

N (Players): Represents the set of participants in the game. Each participant may have different strategies and information. In this model, there are two participants: the attacker and the defender (referred to as the power distribution company).

A (Actions): Represents the set of actions or strategies that each participant can take. In this model, the attacker’s strategy set includes channel monitoring, signal interference, and no attack, while the defender’s strategy set includes defense and non-defense.

H(Information): Represents the set of information each participant has when making decisions. This could be complete or incomplete information. The model in this paper belongs to the incomplete information model because the defender does not know whether the attacker has obtained information about the meter.

P(Payoffs): Represents the payoff of each participant in each state. Typically represented as a function that maps the action combinations of each participant to their payoff values.

$Ω$ (States): Represents the set of states the game could be in. Before the attacker engages in signal interference, we consider the attacker’s behavior in obtaining information about the meter. Specifically, we divide the state set into two states: Non-Eavesdropped and Eavesdropped. The definitions of the two states and the corresponding game payoff matrix for each stage are described below:

In the Non-Eavesdropped State (T1), the attacker has not monitored the channel and lacks information about the meter. The attacker can choose to monitor or not, while the defender can choose to defend or not. The corresponding payoff matrix is as follows:

In this context, $l_{a}^{i}$ represents the cost incurred by the attacker for wireless channel eavesdropping, $I^{i}$ is the value of the information obtained when eavesdropping goes undetected, $c_{d}^{i}$ denotes the defense cost for the defender, and $v^{i}$ signifies the penalty imposed on the attacker upon successful defense.

In state T1, the payoffs for both the attacker and the defender are determined by their respective strategy combinations. Firstly, suppose the attacker chooses to eavesdrop on the channel while the defender opts for defense. In that case, the attacker’s payoff is the eavesdropping cost $- l_{a}^{i}$ minus the penalty $v^{i}$ incurred upon detection, resulting in a total payoff of $- l_{a}^{i} - v^{i}$ . The defender’s payoff, on the other hand, is the defense cost $- c_{d}^{i}$ plus the value of the information obtained $I^{i}$ , yielding a total payoff of $- c_{d}^{i} + I^{i}$ . Secondly, suppose the attacker chooses to eavesdrop while the defender decides not to defend, the attacker’s payoff is the eavesdropping cost $- l_{a}^{i}$ plus the value of the information obtained $I^{i}$ , resulting in a total payoff of $- l_{a}^{i} + I^{i}$ . In this scenario, the defender incurs no defense cost but loses the value of the information, leading to a total payoff of $- I^{i}$ . Lastly, if the attacker opts not to eavesdrop, regardless of whether the defender chooses to defend or not, the attacker experiences no gain or loss. The defender, if choosing to defend, incurs the defense cost $- c_{d}^{i}$ ; if choosing not to defend, neither gains nor loses.

Eavesdropped State (T2) In this state, the attacker has successfully eavesdropped on the channel and obtained information about the smart meter. They might have learned the operating patterns, communication protocols, and potential vulnerabilities of the meter. This enables the attacker to devise and execute a signal interference strategy more effectively to achieve their objectives. Therefore, in the T2 state, the attacker can choose to interfere with the signal or not, and the defender can choose to defend or not. Table 3 presents the payoff matrix for the participants in the T2 state. Here, $c_{a}^{i}$ represents the cost incurred by the attacker for executing signal interference, and $w^{i}$ denotes the value of the target smart meter:

In the T2 state, the payoffs for both the attacker and the defender are determined by their respective strategy combinations. Firstly, if the attacker chooses to interfere with the signal while the defender opts for defense. In that case, the attacker’s payoff is the interference cost $- c_{a}^{i}$ minus the penalty $v^{i}$ incurred upon detection, resulting in a total payoff of $- c_{a}^{i} - v^{i}$ . The defender’s payoff is the defense cost $- c_{d}^{i}$ plus the value of the smart meter $w^{i}$ , yielding a total payoff of $- c_{d}^{i} + w^{i}$ . Secondly, if the attacker chooses to interfere with the signal while the defender decides not to defend. In that case, the attacker’s payoff is the interference cost $- c_{a}^{i}$ plus the value of the smart meter $w^{i}$ , resulting in a total payoff of $- c_{a}^{i} + w^{i}$ . In this scenario, the defender incurs no defense cost but loses the value of the smart meter, leading to a total payoff of $- w^{i}$ . Lastly, if the attacker opts not to interfere with the signal, regardless of whether the defender chooses to defend or not, the attacker experiences no gain or loss. The defender, if choosing to defend, incurs the defense cost $- c_{d}^{i}$ ; if choosing not to defend, neither gains nor loses.

$μ$ (Belief Function): This represents each participant’s belief or probability distribution regarding the actions of other participants. It reflects the subjective perception of the likelihood of other participants’ behaviors. For this model, $μ$ represents the defender’s belief that the attacker has not yet obtained relevant information about the smart meter, indicating that the current game is still in the T1 stage. Conversely, $1 - μ$ represents the defender’s belief that the attacker has already obtained the relevant information, and the game has entered the T2 stage.

$μ_{0}$ (Prior Belief Function): This represents the defender’s prior belief regarding the game being in Stage T1 (i.e. the attacker has not yet intercepted the smart meter information). Its primary functions include:

Belief Function: $μ_{0}$ provides the defender with an initial belief foundation, guiding strategic decisions during the early phase of the game. For example, a higher value of $μ_{0}$ indicates that the defender is more likely to believe the attacker has not intercepted the meter information, potentially leading to a more conservative monitoring strategy. Conversely, a lower $μ_{0}$ suggests that the defender believes the attacker has already acquired the information, which may prompt an increase in monitoring efforts.

Utility Weighting: The utility function, $μ_{0}$ is used to weigh the utility values across different game states, enabling the model to account for the strategic interactions between Stage T1 and Stage T2, thus influencing the overall utility outcome.

Based on the situations in Tables 2 and 3, we have derived the final utility functions for both the attacker and the defender in each round of the game. Here, $i = 1$ represents the attacker executing the corresponding behavior for the game state, and $j = 1$ represents the defender choosing to defend. $n$ denotes the number of smart meters, and the final utilities for both sides are obtained by summing the situations for each meter.

Table 2.

Payoff matrix for the T1 stage game.

Attacker\defender	Defense	No defense
Channel sensing	$- l_{a}^{i} - v^{i}, - c_{d}^{i} + I^{i}$	$- l_{a}^{i} + I^{i}, - I^{i}$
No sensing	$0, - c_{d}^{i}$	$0, 0$

Table 3.

Payoff matrix for the T2 stage game.

Attacker\defender	Defense	No defense
Signal interference	$- c_{a}^{i} - v^{i}, - c_{d}^{i} + w^{i}$	$- c_{a}^{i} + w^{i}, - w^{i}$
No interference	$0, - c_{d}^{i}$	$0, 0$

Calculation of Attacker’s Payoff in the Non-Eavesdropped State (equation (2)):

U_{a}^{T 1} = \sum_{i = 1, j = 1}^{n} (- l_{a}^{i} - v^{i}) + \sum_{i = 1, j = 0}^{n} (- l_{a}^{i} + I^{i})

(2)

Here, $l_{a}^{i}$ is the cost incurred by the attacker for wireless channel eavesdropping, $v^{i}$ is the value of the information obtained when eavesdropping goes undetected, and $I^{i}$ represents the attacker’s payoff when the smart meter information is not obtained. In the non-eavesdropped state, the attacker can choose to eavesdrop on the channel or not. If the attacker chooses to eavesdrop and the defender chooses to defend, the attacker’s payoff is the eavesdropping cost minus the penalty upon detection, that is, $- l_{a}^{i} - v^{i}$ . If the attacker chooses to eavesdrop and the defender chooses not to defend, the attacker’s payoff is the eavesdropping cost plus the value of the information obtained, that is, $- l_{a}^{i} + I^{i}$ . The total payoff for the attacker in the non-eavesdropped state is the sum of the payoffs in these two scenarios.

Then the calculation of Attacker’s Payoff in the Eavesdropped State (equation (3)):

U_{a}^{T 2} = \sum_{i = 1, j = 1}^{n} (- c_{a}^{i} - v^{i}) + \sum_{i = 1, j = 0}^{n} (- c_{a}^{i} + w^{i})

(3)

Here, $c_{a}^{i}$ is the cost incurred by the attacker for executing signal interference, and $w^{i}$ is the value of the target smart meter. In the eavesdropped state, the attacker can choose to interfere with the signal or not. If the attacker chooses to interfere with the signal and the defender chooses to defend, the attacker’s payoff is the interference cost minus the penalty upon detection, that is, $- c_{a}^{i} - v^{i}$ . If the attacker chooses to interfere with the signal and the defender chooses not to defend, the attacker’s payoff is the interference cost plus the value of the smart meter, that is, $- c_{a}^{i} + w^{i}$ . The total payoff for the attacker in the eavesdropped state is the sum of the payoffs in these two scenarios.

The total Utility Function of the Attacker can be calculated by equations (2) and (3) (equation (4)):

U_{a} = μ_{0} U_{a}^{T 1} + (1 - μ_{0}) U_{a}^{T 2}

(4)

This equation is derived based on the payoff matrix in the game model, which includes costs and benefits for different action combinations. The attacker can choose different actions in each state and obtain corresponding payoffs or incur costs based on the outcomes of these actions. Ultimately, the total utility of the attacker is obtained by weighting the payoffs in each state, where the weights are determined by the defender’s belief function $μ_{0}$ .

Following calculation of Defender’s Payoff in the Non-Eavesdropped State (equation (5)):

\begin{matrix} U_{d}^{T 1} = \sum_{i = 1, j = 1}^{n} (- c_{d}^{i} + I^{i}) + \sum_{i = 1, j = 0}^{n} (- I^{i}) \\ + \sum_{i = 0, j = 1}^{n} (- c_{d}^{i}) \end{matrix}

(5)

In the non-eavesdropped state, the defender can choose to defend or not. If the defender chooses to defend and the attacker chooses to eavesdrop on the channel, the defender’s payoff is the defense cost minus the penalty upon detection, that is, $- c_{d}^{i} + I^{i}$ . If the defender chooses to defend but the attacker chooses not to eavesdrop, the defender’s payoff is the negative value of the obtained information, that is, $- I^{i}$ . If the defender chooses not to defend, the defender’s payoff is the negative value of the defense cost, that is, $- c_{d}^{i}$ . The total payoff for the defender in the non-eavesdropped state is the sum of the payoffs in these three scenarios.

Defender’s Payoff in the Eavesdropped State (equation (6)):

\begin{matrix} U_{d}^{T 2} = \sum_{i = 1, j = 1}^{n} (- c_{d}^{i} + w^{i}) + \sum_{i = 1, j = 0}^{n} (- w^{i}) \\ + \sum_{i = 0, j = 1}^{n} (- c_{d}^{i}) \end{matrix}

(6)

In the eavesdropped state, the defender can also choose to defend or not. If the defender chooses to defend and the attacker chooses to interfere with the signal, the defender’s payoff is the defense cost minus the penalty upon detection, that is, $- c_{d}^{i} + w^{i}$ . If the defender chooses to defend but the attacker chooses not to interfere, the defender’s payoff is the negative value of the smart meter, that is, $- w^{i}$ . If the defender chooses not to defend, the defender’s payoff is the negative value of the defense cost, that is, $- c_{d}^{i}$ . The total payoff for the defender in the eavesdropped state is the sum of the payoffs in these three scenarios.

Finally, the total utility function of the defender is obtained by weighting the payoffs in the non-eavesdropped and eavesdropped states according to the defender’s belief about the attacker’s behavior:

U_{d} = μ_{0} U_{d}^{T 1} + (1 - μ_{0}) U_{d}^{T 2} .

(7)

This equation integrates the defender’s payoffs in different states, considering the defender’s beliefs about the attacker’s behavior, to derive the defender’s total utility.

In equations (4) and (7), $μ_{0}$ is used to weight the utility values across different game states, thereby integrating the strategic interactions between Stage T1 and Stage T2 into the overall utility. This weighting mechanism allows the model to reflect the defender’s subjective assessment of the current game state in an uncertain environment, guiding both the defender and the attacker in adopting optimal strategies at different stages. In traditional static, single-stage games, the value of μ₀ is typically set based on historical data and statistical analysis, system characteristics, asset values, expert knowledge, and experience. In the Bayesian model we propose, a dynamic updating method based on Bayesian algorithms will be introduced.

Dynamic Bayesian game model

While the static game in Subsection 3.2 solves the strategy selection problem between defenders and attackers in a single stage, dynamic games more accurately reflect the evolution and adjustment of strategies in real-world attack-defense scenarios. Therefore, this section extends the single-stage game into a dynamic Bayesian game model to better describe defenders’ decision-making in multi-round games.

To better describe the decision-making process of the defender in multi-round games, we employ Bayesian statistical methods and the $Beta$ distribution to dynamically update the defender’s judgment of the current game state, making the model more flexible and adaptive. Specifically, we use Bayesian statistics to analyze the attacker’s historical behavior in order to determine whether the current game is in Stage T1 or T2. Bayesian statistics update the posterior probability of the current game state by considering the attacker’s historical actions, combining prior probabilities, and observed data, allowing the defender to assess the current game status more accurately.

In this model, the $Beta$ distribution is used to calculate the prior probability, which represents the defender’s initial estimation of the attacker’s behavior patterns. The $Beta$ distribution is flexible and adaptive, and its parameters $α$ and $β$ can be adjusted based on the defender’s experience and historical attack data, reflecting different beliefs about the attacker’s behavior. The choice of the $Beta$ distribution is motivated by the following reasons:

Suitable for Describing Probability Distributions: The domain of the $Beta$ distribution lies within the range [0, 1], making it particularly appropriate for describing probabilistic variables. In this model, we aim to represent the defender’s belief regarding the likelihood that the attacker will initiate an attack, which naturally aligns with a probability distribution within the range [0, 1]. Therefore, the $Beta$ distribution provides an ideal mathematical framework for our purpose.

Flexibility and Adjustability: The $Beta$ distribution has two parameters, $α$ and $β$ , allowing it to flexibly represent different shapes of probability distributions depending on the values chosen. For instance, when the defender lacks sufficient prior knowledge about the attacker’s behavior, $α$ and $β$ can be set to small values, indicating greater uncertainty. Conversely, when the defender has gathered more accurate attack patterns from historical data, $α$ and $β$ can be increased, thereby reducing uncertainty. Thus, the $Beta$ distribution can be adjusted based on the defender’s experiential knowledge and historical observations, perfectly matching the model’s need for dynamic defense strategy adjustment.

Integration with Historical Data: By appropriately selecting values for $α$ and $β$ , the $Beta$ distribution can effectively combine historical attack behaviors and observational data for dynamic updates. The defender’s beliefs are not only based on prior knowledge but also adjusted according to the data from each round of the game. This allows the defense strategy to evolve flexibly with real-time information, improving the accuracy of predictions.

Conjugacy and Simplicity: The $Beta$ distribution is the conjugate prior for the $Binomial$ distribution, providing computational simplicity in Bayesian inference. If we choose the $Beta$ distribution as the prior, after observing new data, the posterior distribution will remain a $Beta$ distribution following Bayesian updating. This conjugacy makes the belief updating process highly efficient, avoiding complex numerical calculations, and enhancing the model’s practicality and real-time applicability.

This flexibility makes the $Beta$ distribution an ideal choice for modeling the defender’s beliefs within the Bayesian framework, as it not only reflects the defender’s prior knowledge but can also be adjusted based on observational data, thereby improving the accuracy of decision-making.

In each round of the game, the observed data of the attacker are used to update the posterior probability. The attacker’s behavior in each round is recorded using the definition (8) $H_{a}$ , where $a^{1}, \dots \dots a^{n}$ record the strategies chosen by the attacker in round $i$ .

H_{a} = {a^{1}, \dots \dots a^{n}}

(8)

The prior probability reflects the defender’s subjective judgment on whether the attacker will execute an attack in the current round. We will use a $Beta$ . distribution to model it as in equation (9):

μ_{H} (T | H_{a}) = Beta (α, β)

(9)

Here, $α$ and $β$ are parameters of the $Beta$ distribution. The selection of these two parameters may be influenced by empirical knowledge and historical attack behavior.

We use Bayes’ theorem to construct the belief update formula for the defender (equation (10)):

μ_{H} (T | H_{a}, a^{n}) = \frac{P (a^{n} | T, H_{a}) \cdot μ_{H} (T | H_{a})}{\sum_{i = 1}^{N} P (a^{i} | H_{a}) \cdot μ_{H} (T | H_{a})}

(10)

Here, $μ_{H} (T | H_{a}, a^{n})$ represents the posterior probability that the defender believes the current game type is T after observing the attacker’s behavior $a^{n}$ . $P (a^{n} | T, H_{a})$ denotes the probability of the attacker acting $a^{n}$ given the game type T and the observed historical behavior $H_{a}$ . $\sum_{i = 1}^{N} P (a^{i} | H_{a}) \cdot μ_{H} (T | H_{a})$ represents the sum of all possible attacker behaviors $a^{i}$ weighted by their probabilities $P (a^{i} | H_{a})$ and the prior probability $μ_{H} (T | H_{a})$ . This term serves as a normalization factor to ensure that the posterior probabilities sum up to 1.

In equation (10), the defender updates their belief about the current game state based on the observed attacker behavior, combining prior knowledge with new information to make an updated assessment of the game state.

To intuitively illustrate the belief update process and the transition between game states, we present a flowchart in Figure 3. The flowchart shows how the game transitions from the Non-Eavesdropped state (T1) to the Eavesdropped state (T2) based on the attacker’s behavior, and how the defender dynamically updates its belief using the Beta distribution.

Figure 3.

Dynamic Bayesian game tree for smart meter security.

Figure 3 illustrates the dynamic Bayesian game process between the attacker and the defender in a wireless smart meter environment. The game begins with the defender’s belief state $μ_{t}$ , representing the probability that the attacker has not yet obtained meter information. Depending on the belief, the game proceeds to either Stage T1 (non-eavesdropped) or Stage T2 (eavesdropped). In each stage, the attacker chooses an action—either to sense or not (in T1), or to interfere or not (in T2)—and the defender responds by deciding whether to defend. The outcome of these interactions feeds back into the defender’s belief, which is updated using a Bayesian inference mechanism (specifically, a Beta distribution). This updated belief $μ_{t + 1}$ is then used to guide the next round of strategic interaction. The tree structure captures the recursive nature of the game and highlights how both players adapt over time based on incomplete information and observed behavior.

Nash equilibrium

This subsection will explore the important concept in game theory -the Nash equilibrium. First, the basic concept and definition of Nash equilibrium will be introduced. Then, the possibility of a pure strategy Nash equilibrium will be discussed in detail and analyzed accordingly. Next, the concept of mixed strategy Bayesian Nash equilibrium will be introduced, and the equilibrium point that may exist between the two parties in the game will be sought through mathematical derivation and analysis. Finally, the results will be explained and discussed to understand better the possible game behaviors in the smart meter system.

Pure strategy Nash equilibrium

Nash equilibrium is a stable state where no player can improve their payoff by unilaterally changing their strategy. In the smart meter system, the attacker aims to disrupt the meter via signal interference, and the defender aims to detect and penalize this interference. We look for a state where both players’ strategies are stable, meaning neither can improve their payoff by changing their strategy. There is no pure strategy Nash equilibrium in the two-stage wireless channel game model of the smart meter system. The complete derivation and explicit mathematical formulations are provided in Appendix 2.

Although pure strategy Nash equilibrium does not exist, there may still be mixed strategy Nash equilibrium, where participants mix different strategies with certain probabilities. The introduction of mixed strategies can alter the dynamics of the game and may lead to a state of equilibrium under certain probability distributions. Therefore, the next research direction is to find mixed strategy Bayesian Nash equilibrium by considering participants’ uncertainty about their opponents’ strategies, further deepening the understanding of game behaviors in smart meter systems, and proposing corresponding strategy designs and security defense measures.

Mixed strategy Bayesian Nash equilibrium

In the previous subsection, a clear pure strategy equilibrium point was not found in the simple Nash equilibrium analysis, which means that the attacker and the defender do not have only a single optimal strategy choice. Therefore, we turn to the mixed strategy Nash equilibrium. In this case, participants can choose different strategies with a certain probability, making it difficult for the opponent to adopt a clear advantage strategy. In the smart meter system, this mixed strategy equilibrium is more realistic because the behavior of participants is often affected by various factors, including uncertainty and the actions of the opponent. Therefore, the mixed strategy Nash equilibrium provides a more comprehensive analysis framework to help us better understand and predict the behavior patterns of participants, thereby guiding the formulation of system security and defense strategies. There exists a mixed strategy Bayesian Nash equilibrium in the two-stage wireless channel game model G of smart meter systems. The complete derivation and explicit mathematical formulations are provided in Appendix 3.

Attack and defense costs under different node capabilities

In Subsection 3.3, a Bayesian game model was constructed, and the stable solution of the smart meter system under Nash equilibrium was discussed in Subsection 3.4. However, it was found that the model did not take into account the ability differences between participants and the connections between participants and various types of meters, which may be important influencing factors in practical applications. Therefore, these factors will be further explored in Subsections 3.5–3.7. Specifically, the value assessment method of smart meters and the cost analysis of the attacker and defender under the difference in node capabilities will be focused on.

First, we analyze the value of smart meters, focusing on the power load and the connection between the meter and key equipment. In order to quantify the value of smart meters, we introduce the following calculation equation (11):

V = γ \times P + δ \times C

(11)

Here, $γ \times P$ reflects the impact of the power load borne by the smart meter on its value. Where $γ$ is the weighting coefficient of the power load, $P$ is the power load borne by the smart meter. $δ$ is the weighting coefficient of the connectivity of key devices, $C$ is the connectivity between the smart meter and key devices. $V$ represents the total value of the smart meter. Equation (11) comprehensively considers the power load and the connectivity with key devices, providing a more comprehensive perspective on the value of smart meters for attackers and defenders. Such a value concept can help evaluate the importance of smart meters in attack-defense games and provide strong support for formulating optimal security strategies and resource allocation strategies.

Cost analysis of attackers under node capability differences

In the cost analysis of attackers in smart meter systems, the attackers’ behavior patterns and their impact on the system are studied in depth. When conducting eavesdropping, attackers may be more focused on collecting information rather than launching attacks directly, so the capability differences between nodes are relatively small. Therefore, the model does not particularly emphasize the cost and utility in this scenario, but focuses on the game strategy of attackers when implementing signal interference attacks and the cost-benefit relationship between the two parties. By introducing the channel attenuation model and analyzing the energy consumption of signal interference attacks, the costs and benefits of attackers’ interference behaviors can be more accurately evaluated. In addition, by incorporating the attacker’s benefits under wireless channel modeling into the utility function of the game model, the differences in attacker attributes can be considered, so as to better understand the actual costs of the attackers. Next, we will study in depth how the channel attenuation model and energy consumption-related factors affect the attacker’s cost, and how to calculate the attacker’s benefits under wireless channel modeling. The signal attenuation model considers factors such as the distance between system nodes, and the calculation method of the signal strength of the wireless channel in the normal smart meter system is given based on the free path loss formula in the wireless channel. See Appendix 4. The calculation method of Signal Interference Attack Energy Consumption Analysis is shown in Appendix 5. The whole process and calculation of Attacker Profit under Wireless Channel Modeling shown in Appendix 6.

Defender’s cost analysis under node capability differences

In the environment of wireless channel interference, defenders face challenges that involve not only effectively detecting and preventing attacks but also managing the associated costs. This section provides a detailed analysis of the energy consumption of defenders in detecting interference attacks and the costs under different wireless channel conditions. By establishing energy consumption and cost models, we can gain a deeper understanding of the economic benefits of defense strategies, providing theoretical basis and practical guidance for devising more effective defense measures.

Energy consumption analysis of defenders in interference attack detection. Based on the analysis in the previous article, an energy consumption formula for interference attack detection is proposed. The calculation process is shown in Appendix 7. Comprehensive consideration can more comprehensively evaluate the overall energy consumption of defenders when facing interference attacks. This energy consumption analysis is crucial for designing effective interference attack defense strategies.

Defender benefits under wireless channel modeling. This model more comprehensively considers the various costs of defenders in the background of wireless channel interference. The overall calculation process is shown in Appendix 8, which provides a basis for further optimizing defense decisions.

Optimized response strategies for smart meter systems under wireless channel influence

In Section 3, a Bayesian game model of the smart meter system was constructed, and the stable solution under the Nash equilibrium was explored. However, in practical applications, the differences in the capabilities of the participants and their connections with the smart meters are crucial. Therefore, the system is further modeled in a wireless channel environment, and the impact of these factors on the attack and defense costs is analyzed. In this chapter, based on the previous model, we will explore in depth how to generate the optimal response strategy through optimization algorithms. First, the Hungarian algorithm is introduced, which optimizes the target selection of the attacker and the defender respectively by constructing a bipartite graph model and a weight matrix. Next, the dynamic update of the observation data and its application in the generation of the optimal strategy are analyzed. Finally, the optimal strategies of the attacker and the defender under different conditions are proposed and verified. This comprehensive strategy optimization process will provide effective theoretical support and practical guidance for the security protection of the smart meter system.

Bipartite graph construction

The Hungarian algorithm is a mature graph theory method that is widely used to solve the maximum weight matching problem. Its application in game theory models can more efficiently match participants and smart meters, thereby improving the overall performance of the system. Based on previous research, a Bayesian game model was developed that takes into account the differences in node capabilities. In each round of target selection, the traditional strategy of “more capability, more workload” may not be able to obtain the optimal strategy. Therefore, the Hungarian algorithm was introduced to optimize the strategies of the attacker and defender in each round of target device selection.

In the game model, two bipartite graphs: one for attackers and smart meters, and another for defenders and smart meters, as illustrated in Figure 4. In the bipartite graph of attackers and smart meters, attackers are represented as one set of nodes, while smart meters constitute the other set. An edge exists between an attacker and a smart meter if the attacker can target the smart meter. Similarly, in the bipartite graph of defenders and smart meters, defenders form one set of nodes and smart meters the other. An edge exists between a defender and a smart meter if the defender needs to protect the smart meter.

Figure 4.

Bipartite graph model.

Applying the Hungarian algorithm facilitates optimal resource matching during the attack and defense process, thereby improving system efficiency and overall performance. By optimizing the matching between participants and smart meters, we can better address the challenges of attacks and defenses, achieving optimal results within the game model. This approach provides robust support for system coordination and optimization, ensuring the effective utilization of resources throughout the attack and defense process.

Edge weight design

Updating posterior probabilities with observed data

In each round of the game, the observed attack and defense behavior data are used to update the posterior probabilities. By defining $H_{a}, H_{d}$ to record the number of attempts and successes of attack and defense actions in each round, the posterior probability distributions for attackers and defenders can be dynamically updated using the observed data.

Specifically, the posterior probability $P_{a}^{i}$ for attackers and $P_{d}^{i}$ for defenders can be obtained through the update rules of the $Beta$ distribution (equation (12)):

\begin{matrix} P_{a}^{i} = Beta (α_{a} + s_{a}^{i}, β_{a} + a^{i} - s_{a}^{i}), \\ P_{d}^{i} = Beta (α_{d} + s_{d}^{i}, β_{d} + d^{i} - s_{d}^{i}), \\ H_{a} = {a^{1}, \dots \dots a^{n}, s_{a}^{1} \dots \dots s_{a}^{n}}, \\ H_{d} = {d^{1}, \dots \dots, d^{n}, s_{d}^{1} \dots \dots s_{d}^{n}} \end{matrix}

(12)

Here, $α_{a}, β_{a}, α_{d}, β_{d}$ are the parameters of the prior distributions. The lengths of $H_{a}, H_{d}$ are both $2 n$ , which is twice the number of smart meters. The first $n$ entries record the total number of attacks or defenses for each smart meter, while the latter $n$ entries record the number of successful attacks or defenses for each smart meter. Variables $a^{i}, d^{i}, s_{a}^{i}, s_{d}^{i}$ respectively represent the attack and defense actions and their success counts for the $i$ smart meter.

The advantage of dynamic updating is that it not only relies on static prior probabilities but also allows the probability distributions to be adjusted based on actual observed data, more accurately reflecting the capabilities of both attackers and defenders. This makes the model more adaptive and flexible, better capturing the changes in real-world scenarios.

Weight matrix

To achieve more effective matching, we introduce weight values, assigning weights to the edges between attackers and smart meters, as well as defenders and smart meters. This weight matrix more accurately reflects the preferences of participants in selecting target devices. The weight matrix considers the relationships between attackers and defenders and incorporates various factors from the game process.

In the weight matrix, each element $w_{i, k}$ represents the weight of attacker $k$ attacking smart meter $i$ , and $w_{j, k}$ represents the weight of defender $k$ defending smart meter $j$ . The methods for determining $w_{i, j}, w_{j, k}$ are as follows:

First, use equation (12) and Appendix 8 to derive the attack cost matrix $C_{a}$ and the defense cost matrix $C_{d}$ . Next, we calculate the net gain matrix $I$ based on the value of the smart meters and the incurred costs. Additionally, we calculate the posterior probability matrices of successful attacks $P_{a}$ and successful defenses $P_{d}$ using equation (13).

w_{i, k} = (I_{k} - c_{a_{k}}^{i}) P_{a_{k}}^{i} V_{k}, w_{j, k} = (I_{k} - c_{d_{k}}^{j}) P_{d_{k}}^{j} V_{k}

(13)

Equation (13) provide the methods for determining $w_{i, k}$ and $w_{j, k}$ , respectively. Taking $w_{i, k}$ as an example, it represents the weight of the $k$ attacker attacking the $i$ smart meter, where $I_{k}$ is the value of the $k$ smart meter, $c_{a_{k}}^{i}$ is the cost incurred by the $k$ attacker in attacking the $i$ smart meter, and $P_{a_{k}}^{i}$ is the posterior probability of a successful attack by the $k$ attacker on the $i$ smart meter.

Establishing this weight matrix provides effective input data for the subsequent application of the Hungarian algorithm, making the matching process more precise and better reflecting the strategic choices of the participants.

Multi-to-multi matching optimization

We have optimized the virtual node method in applying the Hungarian algorithm for multi-target attack scenarios. Traditional methods assign virtual nodes the maximum weight to prioritize actual nodes, but this approach fails to represent an attacker’s intentions when targeting multiple smart meters.

Our solution introduces multiple virtual attacker nodes for a single attacker, where each virtual node represents a distinct attack instance, allowing the attacker to target multiple meters simultaneously. If there are fewer attackers than smart meters, we replicate attacker nodes to match the number of smart meters. Similarly, defender nodes are also replicated to enable one defender to protect multiple meters.

The weight of the edges for virtual nodes is now calculated based on equation (13), ensuring accurate representation of attack and defense strategies in multi-target scenarios while preserving the bipartite structure required by the Hungarian algorithm. This optimization enables flexible many-to-many matching between attackers, defenders, and smart meters, improving resource allocation efficiency.

By enhancing the model’s flexibility and applicability, this optimization ensures the Hungarian algorithm performs well in multi-target matching, thus supporting the overall security and resource efficiency of the system.

Analysis of optimal strategies in the game

In this subsection, we will describe in detail the algorithmic process for determining the optimal strategies for both attackers and defenders, including their decision-making processes.

Obtaining attack and defense sequences

To reduce the size of matrix calculations and speed up computation, we propose setting a threshold $X$ and assigning a weight of 0 to elements with posterior probabilities $P \leq X$ . This approach is justified by the following reasons: if the posterior probability is too low, it indicates a high probability of attack or defense failure. Under resource constraints, these elements can be excluded to reduce computational complexity while maximizing gains.

Using the Hungarian algorithm, we optimize the calculated weight matrix to obtain the optimal attack and defense sequences:

S_{A} = (A_{1}, \dots \dots, A_{N}), S_{D} = (D_{1}, \dots \dots, D_{N})

(14)

Here, $A_{i}, D_{i}$ denote the actions of the $i$ participant toward the $A_{i}$ smart meter, where 0 represents no action and represents acting.

By setting the threshold $X$ and employing the Hungarian algorithm, we successfully obtain the optimized attack and defense sequences. This ensures that under resource constraints, the system can more efficiently respond to attacks and implement defenses. This step provides a more practical solution for the system, meeting the needs for optimal decision-making under resource limitations.

Generation of optimal strategies

For participants, the core of the optimal strategy is to select attack or defense sequences that achieve the maximum gain with the minimum cost. Our goal is to achieve this, and based on the previous analysis, we propose Algorithm 1 for determining the optimal strategies for attackers and defenders in each round of the game.

Algorithm 1.

Wireless Smart Meter Channel Game Optimal Strategy

Input:

n_{a}, n_{d}, n_{s}, I

Output: attack sequence, defend sequence
Initialize

W_{a}, W_{d}, H_{a} = {a^{1}, \dots \dots a^{n}, s_{a}^{1} \dots \dots s_{a}^{n}}, H_{d} = {d^{1}, \dots \dots, d^{n}, s_{d}^{1} \dots \dots s_{d}^{n}}

for

i

=1, 2, …,

n_{a}

;

j

=1, 2, …,

n_{d}

;

k

=1, 2, …,

n_{s}

calculate cost c_{a_{k}}^{i}, P_{a}^{i}, w_{i, k}, c_{d_{k}}^{j}, P_{d}^{i}, w_{j, k}

w_{i, k}, w_{j, k}

update

W_{a}, W_{d}

H_{a}, H_{d} \leftarrow H_{a} + {a_{i}, s_{a}^{i}}, H_{d} + {a_{d}, s_{d}^{i}}

end for

Add virtual nodes to W_{a}, W_{d}

attack sequence, defend sequence = Hungarian Algorithm (W_{a}, W_{d})

return

attack sequence, defend sequence

Figure 5 shows the flowchart of the optimal strategy generation algorithm. The specific algorithmic process is as follows: Firstly, input parameters for the current round of the game, including the number of participants and the number of smart meters. Then, iterate over attackers (or defenders) and smart meters to calculate the cost matrix and gain matrix. Based on this data, compute the posterior probability matrix. Using the cost matrix and posterior probability matrix, compute the weight matrix for attackers or defenders regarding smart meters. Inputting the obtained weight matrix into the Hungarian algorithm for optimization, ultimately yielding the optimal attack or defense sequence. This optimal sequence represents the best decisions made by both attackers and defenders in the current round, enhancing the overall efficiency and performance of the system.

Figure 5.

Wireless smart meter channel game optimal strategy flow chart.

Simulation experiments and comparative analysis

In this study, we simulate 2000 smart meters, representing a medium-sized community, with 300 attackers and 300 defenders for a balanced adversarial scenario. This setup considers defense resource limitations and computational complexity. We model node capability differences using uniform and Gaussian distributions to reflect realistic data fluctuations. Our parameter settings follow Chinese national standards (GB/T 19862-2005, DL/T 645-2007), ensuring technical, communication, and security protocols are met. These settings ensure the simulation’s validity and practical applicability.

Analysis of game results under Bayesian equilibrium

Analysis of defense success rate under different strategies

In the Bayesian game model, we set the strategies of both attackers and defenders to Bayesian equilibrium. We compared the defense success rate of this strategy with that of full defense and random defense strategies, as shown in Figure 6.

Figure 6.

Comparison of defense success rates under different strategies.

Figure 6 presents the comparison of defense success rates under different defense strategies. Our proposed optimal strategy significantly outperforms the random defense strategy. In the long term, the defense success rate stabilizes at around 0.85. Specifically, in the initial stages, the defense success rate is higher as attackers have not fully understood the defense strategy. However, as the game progresses, attackers optimize their attack strategies, causing some fluctuation in the defense success rate, but it remains consistently high.

Analysis of defense costs under different strategies

We compared the defense costs under different strategies, as shown in Figure 7.

Figure 7.

Comparison of defense costs under different strategies.

From the Figure 7, the defense cost required by our proposed strategy is significantly lower than that of the full defense strategy. In the early stages of the game, the cost of our strategy is like that of the random defense strategy. However, in the later stages of the game, due to the increasing number of targets attacked by the attackers, the cost of the Bayesian defense strategy becomes higher than that of the random defense strategy, but remains much lower than the cost of the full defense strategy.

Analysis of defense benefits under the same cost

Previous sections have analyzed the defense success rates and associated costs of different strategies. In practical applications, defense resources are typically limited, making the cost-effectiveness of defense strategies particularly important. To further highlight the superiority of the proposed algorithm, this study compares the benefits of various defense strategies under a fixed cost threshold, thereby demonstrating the differences in effectiveness of different defense methods with identical resource investments.

As illustrated in Figure 8, although the comprehensive defense strategy exhibits strong defensive capabilities, its high costs limit its application under a fixed cost constraint, resulting in defense success benefits that are significantly lower than those of the proposed strategy. In contrast, the random defense strategy, while incurring lower costs than the comprehensive strategy, suffers from the randomness and lack of targeting in its defensive approach, leading to defense success benefits that are also inferior to those of the proposed strategy.

Figure 8.

Comparison of the benefits of different strategies at the same cost.

In stark contrast, the Bayesian game strategy achieves considerably higher defense benefits under the same cost conditions. This is primarily because the Bayesian game strategy can dynamically adjust defense decisions based on real-time game information, thereby flexibly optimizing limited defense resources. This approach enhances the success rate of defenses without incurring additional costs.

In summary, under the same cost threshold, the Bayesian game strategy not only effectively increases the defense success rate but also maximizes resource utilization, providing higher defense benefits. These analytical results indicate that the Bayesian game strategy offers an efficient and cost-effective defense option in practical applications, especially in environments with limited defense resources.

The impact of confidence levels on defense success rate

Attackers need only obtain the meter information once to launch an attack. If the attacker successfully monitors in the T1 state, the game proceeds to the second phase, where subsequent attacks are signal interference attacks. This implies that most attacks occur during the T2 phase. Therefore, if the current calculated $μ$ is below a certain threshold, the defender considers the game to be in the T2 phase; otherwise, it is in the T1 phase. Increasing the confidence threshold allows defenders to classify more games as being in the T2 phase, thereby enabling them to adopt more effective defense strategies.

We set $μ$ as the defender’s confidence level in the current game phase and tested its impact on the defense success rate, as shown in Figure 9. From Figure 9, it is evident that the defense success rate increases with the rise in confidence level, which aligns with our analysis. However, we do not recommend setting the confidence threshold to 1 in the experiments. This is because monitoring always occurs before an attack, and monitoring causes less harm to the meter. To prevent the game from advancing to the second phase, it is necessary for the defender to try to stop the attacker from successfully monitoring during the T1 phase.

Figure 9.

The impact of confidence on defense success rate.

Factors influencing optimal decision making under node ability discrepancy

Impact of interference source distance on power theft costs

In smart metering systems, the distance between the interference source and the electric meter is a crucial factor affecting the cost allocation for power attack. This influence can be studied by configuring different distance settings and interference intensities.

As shown in Figure 10, the authors categorized the distance between the interference source and the electricity meter into several levels and calculated the total cost incurred by the attacker during the game. The results show that as the distance increases, the attacker’s cost decreases. The reason is that for attackers, attacking a meter located farther away is more difficult and requires more resources and effort. Therefore, attackers typically avoid targeting meters that are farther away and tend to focus on meters that are closer, as the attack cost is lower for these meters. This analysis helps us understand that when selecting targets, attackers will exclude meters that are farther away due to the higher attack cost involved. As a result, overall, as the distance increases, the attacker’s cost decreases because meters located at a greater distance are excluded from the attack range.

Figure 10.

Influence of distance on attacker’s resource allocation.

Sensitivity analysis of node capability based on interference distance

To systematically analyze the influence of node capability differences on optimal resource allocation, we perform a sensitivity analysis by varying the distance between the attacker and smart meters. Specifically, we simulate a range of distances from 5 to 100 m, with increments of 5 m. Using Appendices 4 and 5, we compute the required interference signal strength and the corresponding attack cost at each distance.

As shown in Figure 11, the attack cost increases exponentially as the distance grows, reflecting the path loss characteristics of wireless channels. This trend significantly affects the attacker’s selection strategy. When the distance is short, the required interference power is low, making those meters more attractive targets. As distance increases, attack cost rises sharply, resulting in lower probabilities of selection in the matching process.

Figure 11.

Impact of distance on attack cost.

This sensitivity analysis highlights that the spatial distribution of smart meters plays a critical role in the resource allocation of both attackers and defenders. It further demonstrates the importance of considering physical-layer constraints in designing adaptive security strategies for smart grid systems.

Impact of smart meter value on cost allocation for both parties

In Subsection 3.5, we calculated the value of smart meters using equation (11), which comprehensively considers the power load $P$ and the connectivity degree $C$ with critical infrastructure. To validate the impact of smart meter value on defense benefits, we compared the defense benefits with and without the incorporation of smart meter value under identical cost conditions.

As shown in Figure 12, the introduction of smart meter value significantly enhances the defense benefits. This improvement is primarily because, during the game-theoretic process, smart meters with higher value coefficients receive more defensive resources, thereby achieving greater benefits. Specifically, the high value of smart meters reflects their importance within the distribution network, prompting defenders to allocate more resources to these critical meters to ensure their security, thus increasing the overall defense benefits.

Figure 12.

Impact of smart meter value on defense benefits.

To further investigate the influence of the smart meter value coefficient on the cost allocation for both attackers and defenders, we normalized the values of all smart meters. The authors divided them into five equal levels, designated as Level 1 through Level 5. This categorization allows for a comparative analysis of resource investment and cost allocation by both parties across different value levels.

Figure 13 illustrates how the smart meter value coefficient impacts the cost allocation between attackers and defenders. The experimental results show that as the smart meter value increases, the costs for both parties rise significantly. This indicates that high-value smart meters are more attractive targets, leading both attackers and defenders to focus their resources on these critical assets. On the other hand, smart meters with lower value levels receive less resource investment due to their reduced importance.

Figure 13.

Impact of smart meter value on cost allocation for attackers and defenders.

These findings validate the model’s assumption that the value of smart meters plays a crucial role in regulating the attack-defense game. High-value smart meters become primary targets, influencing resource allocation and cost investment for both attackers and defenders.

By categorizing smart meters into five value levels and analyzing the cost allocations for each, we gain insights into how smart meter value affects strategies. This provides a foundation for more precise attack-defense strategies, optimized resource allocation, and enhanced security in distribution networks. Defenders can allocate resources based on the value levels of meters, while attackers can target high-value meters to maximize benefits and optimize their strategies under resource constraints.

Performance evaluation of Hungarian optimization strategy

Comparison of attacker strategy optimization effects

The authors compared the costs incurred and the pure profits obtained between the random attack strategy, Bayesian attack strategy, and our proposed optimal strategy in each round of the game process.

Figure 14 illustrates the costs borne by attackers in each round across the three strategies. The results show that the proposed strategy has the lowest per-round expenditure cost. Moreover, this strategy reduces the total expenditure cost by half compared to the other two strategies. Furthermore, the attacker’s net profit under different strategies is presented. The strategy optimized by the Hungarian algorithm demonstrates robust profitability, particularly in the latter stages of the game, significantly outperforming both random and traditional Bayesian game strategies.

Figure 14.

Comparison of attack costs and income for different strategies.

Comparison of defender strategy optimization effects

To compare the effects of defense strategy optimization, the author conducted experiments to compare the defense costs and pure profits of the random defense strategy, Bayesian defense strategy, and the defense strategy proposed in this paper.

In Figure 15, compares the attack costs and returns under different defense strategies. From a cost perspective, the author proposed optimal strategy significantly outperforms both random defense and mixed Bayesian Nash equilibrium strategies. Specifically, the author optimal strategy shows remarkable cost-effectiveness by substantially reducing the economic burden on attackers. Regarding returns, while initially the author strategy yielded slightly lower returns compared to random defense, it demonstrated a pronounced upward trend with increasing game rounds, surpassing the returns of random defense. This indicates the author optimal strategy’s ability to adapt dynamically to changes in the game, adjusting strategies promptly to achieve cost control and optimize returns simultaneously. In this way, the authors not only effectively mitigate attack costs but also ensure sustainable growth in long-term returns, showcasing the significant advantages of their strategy in applied game theory.

Figure 15.

Comparison of defense costs for different strategies.

Comparison with popular defense methods

To further evaluate the effectiveness of our proposed scheme in resource-constrained environments, the authors design a comparative experiment against several popular defense strategies.

XGBoost⁴⁸: A passive defense scheme based on anomaly detection, where the defender uses XGBoost and LSTM models to detect malicious traffic.

Agent-based IDS-IPS⁴⁹: An adaptive defense scheme based on rule configuration, where the defender builds custom rule files and updates them periodically to achieve real-time detection and defense against abnormal behaviors.

Zero-Sum Game⁵⁰: A defense scheme based on static zero-sum game theory, where the defender executes defense strategies according to the Nash equilibrium.

Full Defense⁵¹: A comprehensive defense scheme in which the defender performs anomaly detection and defense operations on all smart meter nodes in each round, achieving the highest defense coverage.

Under the same dataset and attack settings, the authors compare the defense cost and defense benefit in each round. The results are shown in Figures 15 and 16.

Figure 16.

Cost comparison of different defense solutions.

As shown in Figure 16, XGBoost incurs relatively high defense costs (ranging from 323.25 to 356.14) due to its lack of adaptability and vulnerability to false positives. Although the Zero-Sum Game strategy incorporates cost into the Nash equilibrium calculation, it relies on static strategies and lacks dynamic adjustment capability. The Agent-based IDS-IPS scheme uses rule-based updates and starts with a low cost, but the cost gradually increases over time, reaching an average of 286.31. In contrast, the author proposed scheme maintains consistently low resource consumption throughout the entire game process (with an average cost below 232.53), thanks to belief updating and the optimization of resource allocation using the maximum weight matching algorithm.

In terms of defense benefit (Figure 17), XGBoost shows relatively low performance due to frequent misjudgments, with benefits ranging from 913.21 to 1227.75. The Zero-Sum Game offers slightly better results, but is still limited by its static strategy. Agent-based IDS-IPS demonstrates improved performance in the later stages, but still falls short of the ideal outcome achieved by Full Defense. The authors proposed scheme surpasses all comparison methods after round 45 and closely approaches the defense performance of Full Defense in later stages, ultimately reaching a total benefit of 3523.74.

Figure 17.

Comparison of benefits of different defense solutions.

In summary, under the context of complex attack behaviors and limited computational resources in smart grid environments, Bayesian game-based defense scheme achieves better performance than traditional data-driven methods. Data-driven approaches often rely on large-scale labeled datasets and static detection thresholds, making them less effective in data-scarce or dynamic scenarios. In contrast, the authors scheme requires no large-scale training, and can perform adaptive defense through belief updating and strategy optimization, ensuring both efficiency and interpretability while enhancing the system’s overall security.

Conclusion and future directions

Limitations

Despite the effectiveness of the proposed Bayesian game model and the Hungarian algorithm optimization in enhancing smart meter system security, several limitations remain:

Adaptive Attacks Not Modeled: The current model assumes static or probabilistic attacker behavior characterized by the Beta distribution. However, in real-world scenarios, attackers may adopt adaptive jamming strategies that evolve based on past outcomes. These dynamic patterns are not fully captured by the current belief update mechanism.

Simplified Network Topology: This study assumes a direct mapping between attackers, defenders, and smart meters. Complex network structures involving multi-hop communication, cooperative attacks, or clustered defenses are not considered, which may affect the model’s generalizability.

Measurement and Estimation Errors: The accuracy of the defender’s strategy relies on precise observations of signal strength, packet loss, and other features. In practical deployments, sensor noise or measurement errors may impact decision-making and belief updates.

Assumed Independence Between Nodes: The model currently treats smart meters as independent targets. In practice, correlation may exist between meters (e.g. geographic proximity or shared infrastructure), which could influence optimal resource allocation strategies.

These limitations suggest opportunities for future research, such as incorporating adaptive learning techniques (e.g. reinforcement learning), modeling richer network interactions, and introducing robust estimation methods under uncertainty.

Future work

This paper proposes a dynamic game theory-based attack-defense model for smart meters to address current protection shortcomings. The main contributions include dynamically modeling the capabilities of attackers and defenders using Bayesian game methods and achieving optimal attack-defense target matching through the Hungarian algorithm. Based on this model, we designed an optimal strategy algorithm to maximize cost-effectiveness and pure profit by optimizing the decisions of attackers and defenders. Simulation experiments validate the effectiveness of the model, showing that the proposed algorithm effectively reduces attack costs and increases overall pure profits.

Future work could focus on the following aspects:

1. Consider the impact of channel uncertainty and communication environment fluctuations on model robustness

This study assumes that wireless channel interference can be modeled and predicted to a certain extent, but in actual scenarios, complex communication environment factors such as channel fading, shielding effects, and non-Gaussian interference may cause model performance to degrade. Therefore, in the future, robust optimization or deep reinforcement learning methods can be introduced to improve robustness and generalization capabilities under uncertain conditions.

2. Expand application to wireless security protection in other key infrastructure fields

Although this study takes smart meters as the starting point, the dynamic Bayesian game model constructed has strong versatility and can be extended to key infrastructures such as electric vehicle charging piles and power Internet of Things devices that also rely on wireless communications in the future to build a unified game-driven security protection framework.

3. Expand the defense resource constraint model to be close to the actual deployment constraints

This paper adopts a one-to-one match between defense resources “node-protection measures” and does not consider multi-dimensional resource constraints such as deployment cost, communication delay, computing resources, and real-time constraints. In the future, multi-objective constraints can be introduced into the optimization model to form a multi-objective combination optimization model or a resource allocation strategy for task scheduling to improve the feasibility of real deployment.

Footnotes

Appendix 2

Appendix 3

Appendix 4

Appendix 5

Appendix 6

Appendix 7

Appendix 8

Appendix 1.

This appendix provides a complete list of parameters used in this article. These definitions can be used as a reference to interpret the meaning of the formulas in this article.

$l_{a}^{i}$	The cost incurred by the attacker for wireless channel eavesdropping
$I^{i}$	The value of the information obtained when eavesdropping goes undetected
$c_{d}^{i}$	The defense cost for the defender
$v^{i}$	The penalty imposed on the attacker upon successful Defense
$c_{a}^{i}$	The cost incurred by the attacker for executing signal interference
$w^{i}$	The value of the target smart meter
$μ (Belief Function)$	Each participant’s belief or probability distribution regarding the actions of other participants
$μ_{0}$	The defender’s prior belief regarding the game being in Stage T1
$μ_{H} (T \| H_{a}, a^{n})$	The posterior probability that the defender believes the current game type is T after observing the attacker’s behavior $a^{n}$
$P (a^{n} \| T, H_{a})$	The probability of the attacker acting $a^{n}$ given the game type T and the observed historical behavior $H_{a}$
$\sum_{i = 1}^{N} P (a^{i} \| H_{a}) \cdot μ_{H} (T \| H_{a})$	The sum of all possible attacker behaviors $a^{i}$ weighted by their probabilities $P (a^{i} \| H_{a})$ and the prior probability $μ_{H} (T \| H_{a})$
$γ \times P$ .	The impact of the power load borne by the smart meter on its value
$γ$	The weighting coefficient of the power load
$P$	The power load borne by the smart meter
$δ$	Weighting coefficient of the connectivity of key devices
$C$	e connectivity between the smart meter and key devices.
$V$	The total value of the smart meter
$P_{t}$	The transmission power
$P_{L} (d_{0})$	The path loss at the reference distance $d_{0}$
$λ$	The path loss exponent
$d$	The distance between the transmitter and receiver
$G_{t}$	The gains of the transmitter
$G_{r}$	The gains of the receiver antennas
$X_{σ}$	White Gaussian noise with mean $μ_{G}$ and variance $σ_{G}$
$J (μ, σ)$	The signal sent by the malicious interference source, following a normal distribution with mean $μ_{j}$ and variance $σ_{j}$
$P_{t}, G_{t}, d_{t}, L_{t}$	The signal strength, antenna gain, distance between the signal transmitter and the smart meter for normal signals
$J, G_{j}, d_{j}, L_{j}$	The signal strength, antenna gain, distance between the interference source and the smart meter for the malicious interference signal
$J (μ_{j}, σ_{j})$	The signal strength that the interference source needs to emit
$t_{j}$	The time for executing the interference attack
$f$	The frequency of sending interference signals
$E_{b}$	The basic energy consumption of the interference source device per unit time
$T$	The duration of the device’s continuous operation.
$c_{a_{k}}^{i}$	The cost that the $k - th$ attacker needs to pay to attack the $i - th$ smart meter
$J_{k}^{i} (μ_{k}, σ_{k})$	The interference signal strength required if the $k - th$ attacker wants to launch an attack on the $i - th$ meter
$t_{i}, f_{k}^{i}$	The duration and sending frequency of the interference signal
$E_{k}, T_{k}$	The unit time basic energy consumption and operation time of the interference source
$E_{signal}$	The energy consumption per unit time for signal strength detection
$E_{listen}$	The energy consumption per unit time for carrier sensing
$E_{loss}$	The energy consumption per unit time for packet loss analysis
$E_{analysis}$	The energy consumption per unit time for spectrum analysis.
$E_{b}$	The basic energy consumption per unit time for device operation
$c_{d_{k}}^{i}$	The cost that the $k - th$ defender needs to bear for defending the $j - th$ smart meter
$E_{signal}^{k}, E_{listen}^{k}, E_{loss}^{k}, E_{analysis}^{k}$	The energy consumption per unit time for signal strength, carrier sensing, packet loss rate, and spectrum analysis measurement by the $k - th$ defender
$E_{k}, T_{k}$	The basic energy consumption per unit time and running time of the device
$H_{a}, H_{d}$	Record the number of attempts and successes of attack and defense actions in each round
$P_{a}^{i}$	The posterior probability for attackers
$P_{d}^{i}$	The posterior probability for defenders
$α_{a}, β_{a}, α_{d}, β_{d}$	The parameters of the prior distributions
$a^{i}, d^{i}, s_{a}^{i}, s_{d}^{i}$	Represent the attack and defense actions and their success counts for the $i$ smart meter.
$w_{i, k}$	The weight of attacker $k$ attacking smart meter $i$
$w_{j, k}$	The weight of defender $k$ defending smart meter $j$
$C_{a}$	The attack cost matrix
$C_{d}$	The defense cost matrix
$P_{a}$	The posterior probability matrices of successful attacks
$P_{d}$	The posterior probability matrices of successful defenses
$I_{k}$	The value of the $k$ smart meter
$c_{a_{k}}^{i}$	The cost incurred by the $k$ attacker in attacking the $i$ smart meter
$P_{a_{k}}^{i}$	The posterior probability of a successful attack by the $k$ attacker on the $i$ smart meter.
$A_{i}, D_{i}$	The actions of the $i$ participant towards the $A_{i}$ smart meter

ORCID iD

Yiming Zhao

Consent for Publication

The corresponding author gave consent for the publication of the identifiable details.

Consent to participate

There is no such case.

Ethical considerations

All patients provided written informed consent.

Informed consent/patient consent

All authors provide informed consent.

Author contributions

Yiming Zhao: Writing- Original Draft, Conceptualization. Yulong Zhao: Methodology, Funding acquisition. Changsheng Wan: Writing- Review & Editing. Dong Du: Writing- Review & Editing, Supervision.

Funding

The authors received no financial support for the research, authorship, and/or publication of this article.

Declaration of conflicting interests

The authors declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Trial registration number/date

November 2024.

Data availability statement

Data available on request from the authors.

References

Sun

Cardell-Oliver

, et al. A privacy-preserving framework using homomorphic encryption for smart metering systems. Sensors 2023; 23(10): 4746.

Xia

Lin

Jia

, et al. ETD-ConvLSTM: a deep learning approach for electricity theft detection in smart grids. IEEE Trans Inf Forensics Secur 2023; 18: 2553–2568.

Yan

A dimensional augmentation-based data-driven method for detecting false data injection in smart meters. IEEE Trans Smart Grid 2024; 15(1): 1180–1183.

Wang

Maharjan

, et al. Strategic honeypot game model for distributed denial of service attacks in the smart grid. IEEE Trans Smart Grid 2017; 8(5): 2474–2482.

Jim Solomon Raja

Hemavathi

Sriranjani

, et al. Integrated game theoretic and honeypot based distributed denial of service attack detection and mitigation in advanced metering infrastructure. IEEE Trans Instrum Meas 2025; 74: 1–10.

Ryu

Deep learning based security enhancement of wireless connectivity. In: 2023 IEEE 47th Annual Computers, Software, and Applications Conference (COMPSAC). Torino, Italy: IEEE; 2023. pp.996–997.

Haq

Pei

Zhang

, et al. Electricity-theft detection for smart grid security using smart meter data: a deep-CNN based approach. Energy Rep 2023; 9: 634–643.

Chen

Nanehkaran

Chen

, et al. Data-driven intelligent method for detection of electricity theft. Int J Electr Power Energy Syst 2023; 148: 108948.

El-Toukhy

Badr

Mahmoud

MMEA

, et al. Electricity theft detection using deep reinforcement learning in smart power grids. IEEE Access 2023; 11: 59558–59574.

10.

Wang

Gong

Chen

, et al. Analysis of safe electricity consumption on load side based on attack and defence game model. J Eng 2024; 2024(4): e12380.

11.

Kumar

Nnaji

Kumar

Smart meter performance under wired and wireless cyber security attack. In: 2024 IEEE World AI IoT Congress (AIIoT). Seattle, WA: IEEE; 2024. pp.61–67.

12.

Liu

, et al. Cyber-attacks in PMU-based power network and countermeasures. IEEE Access 2018; 6: 65594–65603.

13.

Dai

Sun

, et al. Multi-scenario quantum key distribution mechanism for power grid terminals. In: 2024 12th International Conference on Information Systems and Computing Technology (ISCTech). Xi’an, China: IEEE; 2024. pp.1–5.

14.

Jin

, et al. Cooperative jamming attack strategy against power balance of wireless smart grid networks. In: 2021 22nd IEEE International Conference on Industrial Technology (ICIT). Valencia, Spain: IEEE; 2021. pp.1042–1047.

15.

Liu

Song

, et al. Multiact dynamic game strategy for jamming attack in electricity market. IEEE Trans Smart Grid 2015; 6(5): 2273–2282.

16.

Gai

Qiu

Ming

, et al. Spoofing-jamming attack strategy using optimal power distributions in wireless smart grid networks. IEEE Trans Smart Grid 2017; 8(5): 2431–2439.

17.

Mensi

Rawat

Balti

. Gradient ascent algorithm for enhancing secrecy rate in wireless communications for smart grid. IEEE Trans Green Commun Netw 2022; 6(1): 107–116.

18.

Yao

Jiang

Yan

, et al. Bayesian and stochastic game joint approach for cross-layer optimal defensive decision-making in industrial cyber-physical systems. Inf Sci 2024; 662: 120216.

19.

Shen

Feng

Cross-layer security design for encrypted CPS based on modified security signalling game. Asian J Control 2020; 22: 956–975.

20.

Dong

Wang

Research on game theory of air traffic management cyber physical system security. Aerospace 2022; 9: 397.

21.

Liu

, et al. Incomplete information stochastic game theoretic vulnerability management for wide-area damping control against cyber attacks. IEEE J Emerg Sel Top Circuits Syst 2022; 12(1): 124–134.

22.

Sadia

Saadat

Faheem

, et al. Cloud security in the age of adaptive adversaries: a game theoretic approach to hypervisor-based intrusion detection. J Syst Archit 2024; 156: 103281.

23.

Zarreh

Lee

Janahi

, et al. Cyber-physical security evaluation in manufacturing systems with a Bayesian game model. Procedia Manuf 2020; 51: 1158–1165.

24.

Liu

Zheng

WM.

PPSO and Bayesian game for intrusion detection in WSN from a macro perspective. Complex Intell Syst 2024; 10: 7645–7659.

25.

Bhattacharjee

Madhavarapu

VPK

Silvestri

, et al. Attack context embedded data driven trust diagnostics in smart metering infrastructure. ACM Trans Priv Secur 2021; 24(2): 1–36.

26.

Kumar

Alvarez

Kumar

. Experimental evaluation of smart electric meters’ resilience under cyber security attacks. IEEE Access 2023; 11: 55349–55360.

27.

Díaz Redondo

Fernández-Vilas

Fernández Dos Reis

Security aspects in smart meters: analysis and prevention. Sensors 2020; 20(14): 3977.

28.

Hadjidemetriou

Tertytchny

Karbouj

, et al. Demonstration of man in the middle attack on a feeder power factor correction unit. In: 2020 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe). The Hague, Netherlands, 2020. pp.126–130. IEEE.

29.

Zhao

Zhang

Shi

Observer-based sampled-data adaptive tracking control for heterogeneous nonlinear multi-agent systems under denial-of-service attacks. IEEE Trans Autom Sci Eng 2025; 22: 4771–4779.

30.

Harishma

Mathew

Patranabis

, et al. Safe is the new smart: PUF-based authentication for load modification-resistant smart meters. IEEE Trans Dependable Secure Comput 2022; 19(1): 663–680.

31.

Moniruzzaman

Yassine

Benlamri

Blockchain and cooperative game theory for peer-to-peer energy trading in smart grids. Int J Electr Power Energy Syst 2023; 151: 109111.

32.

Devi

Thokchom

Singh

, et al. Multi-stage bargaining of smart grid energy trading based on cooperative game theory. Energies 2023; 16(11): 4278.

33.

Moafi

Ardeshiri

Mudiyanselage

, et al. Optimal coalition formation and maximum profit allocation for distributed energy resources in smart grids based on cooperative game theory. Int J Electr Power Energy Syst 2023; 144: 108492.

34.

Hasan

Dubey

Karsai

, et al. A game-theoretic approach for power systems defense against dynamic cyber-attacks. Int J Electr Power Energy Syst 2020; 115: 105432.

35.

Zhao

Yue

, et al. A game theory based optimal allocation strategy for defense resources of smart grid under cyber-attack. Inf Sci 2024; 652: 119759.

36.

Pilz

Naeini

Grammont

, et al. Security attacks on smart grid scheduling and their defences: A game-theoretic approach. Int J Inf Secur 2020; 19: 427–443.

37.

Jasim

Hamid

Alhyani

NJ.

A review of jamming attacks in wireless systems. Int J Latest Technol Eng Manag 2023; 8(1): 16–22.

38.

Lyu

Hoang

Gong

, et al. IRS-based wireless jamming attacks: when jammers can attack without power. IEEE Wirel Commun Lett 2020; 9(10): 1663–1667.

39.

Zahra

Bostanci

Soyturk

. Real-time jamming detection in wireless IoT networks. IEEE Access 2023; 11: 70425–70442.

40.

Wang

Wen

Men

, et al. Photonics-based radar jamming signal generation and self-interference cancellation. J Lightwave Technol 2023; 41: 5922–5929.

41.

Al-Husseini

ZSM

Chaiel

Meddeb

, et al. A detailed review of wireless sensor network, jammer, the types, location, detection and countermeasures of jammers. Serv Oriented Comput Appl 2024; 18: 225–247.

42.

Tan

Xie

, et al. Detection of jamming attacks for the physical-layer authentication. IEEE Trans Wirel Commun 2023; 22(12): 9579–9594.

43.

Che

Shi

Yang

, et al. Covert wireless communication against jamming-assisted proactive detection. IEEE Wirel Commun Lett 2023; 12(8): 1304–1308.

44.

Nawaz

Alzahrani

Machine-learning-assisted cyclostationary spectral analysis for joint signal classification and jammer detection at the physical layer of cognitive radio. Sensors 2023; 23(16): 7144.

45.

Sharma

Wang

Mishra

, et al. Conservative interference injection to minimize Wi-Fi sensing privacy risks and bandwidth loss. Future Internet 2025; 17: 20.

46.

Saputra

Gaol

Abdurachman

, et al. Architectural model and modified long range wide area network (LoRaWAN) for boat traffic monitoring and transport detection systems in shallow waters. Emerg Sci J 2023; 7(4): 1188–1205.

47.

Sun

Zhang

Swindlehurst

AL.

Alternate-jamming-aided wireless physical-layer surveillance: Protocol design and performance analysis. IEEE Trans Inf Forensics Secur 2021; 16: 1989–2003.

48.

Wang

A host-based anomaly detection framework using XGBoost and LSTM for IoT devices. Wirel Commun Mob Comput 2020; 2020(1): 8838571–8838613.

49.

Kisielewicz

Stanek

Zytniewski

A multi-agent adaptive architecture for smart-grid-intrusion detection and prevention. Energies 2022; 15(13): 4726.

50.

Hyder

Govindarasu

Optimization of cybersecurity investment strategies in the smart grid using game-theory. In: 2020 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT). Washington, DC, 2020. pp.1–5. IEEE.

51.

Nemade

Kishor Maharana

Kulkarni

, et al. Revolutionizing smart grid security: A holistic cyber defence strategy. Front Artif Intell 2024; 7: 1476422.

Dynamic attacks on smart meters over wireless channels in smart grid and the corresponding defensive policy: A Bayesian game model approach

Abstract

Keywords

Introduction

Related work

Overview of smart meter systems and security research

Application of game theory in power systems

Attacks and defenses in wireless channels for smart meters

Common signal interference attack methods

Introduction to detection mechanisms

Two-stage Bayesian dynamic game model in wireless channel

Strategic interaction

Model parameters

Dynamic Bayesian game model

Nash equilibrium

Pure strategy Nash equilibrium

Mixed strategy Bayesian Nash equilibrium

Attack and defense costs under different node capabilities

Cost analysis of attackers under node capability differences

Defender’s cost analysis under node capability differences

Optimized response strategies for smart meter systems under wireless channel influence

Bipartite graph construction

Edge weight design

Updating posterior probabilities with observed data

Weight matrix

Multi-to-multi matching optimization

Analysis of optimal strategies in the game

Obtaining attack and defense sequences

Generation of optimal strategies

Simulation experiments and comparative analysis

Analysis of game results under Bayesian equilibrium

Analysis of defense success rate under different strategies

Analysis of defense costs under different strategies

Analysis of defense benefits under the same cost

The impact of confidence levels on defense success rate

Factors influencing optimal decision making under node ability discrepancy

Impact of interference source distance on power theft costs

Sensitivity analysis of node capability based on interference distance

Impact of smart meter value on cost allocation for both parties

Performance evaluation of Hungarian optimization strategy

Comparison of attacker strategy optimization effects

Comparison of defender strategy optimization effects

Comparison with popular defense methods

Conclusion and future directions

Limitations

Future work

Footnotes

Appendix 2

Appendix 3

Appendix 4

Appendix 5

Appendix 6

Appendix 7

Appendix 8

Appendix 1.

ORCID iD

Consent for Publication

Consent to participate

Ethical considerations

Informed consent/patient consent

Author contributions

Funding

Declaration of conflicting interests

Trial registration number/date

Data availability statement

References