False Data Detector for Electrical Vehicles Temporal-Spatial Charging Coordination Secure Against Evasion and Privacy Adversarial Attacks

As the number of electric vehicles on roads significantly increases, spatial-temporal charging coordination mechanisms have been introduced for balancing charging demand and energy supply. However, electric vehicles could send false data, such as state-of-charge (SoC), to the charging coordination mechanism for gaining high charging priority illegally. Machine Learning models can be used to detect false data. However, in our application the detector is trained on a dataset that contains sensitive information, such as the locations and SoC values of the electric vehicles. Therefore, attackers could launch adversarial attacks against the detector, such as membership inference and model inversion, for revealing sensitive information on the drivers whose data are used to train the detector. Furthermore, attackers could launch evasion attacks against the detector by computing false SoC values that are classified benign by the detector. Addressing the three attacks simultaneously makes the problem more complicated because a countermeasure to one attack may degrade the model's accuracy and unintentionally make the model more susceptible to other attacks. Accordingly, in this article, we propose a deep-learning training approach for false data detector in spatial-temporal charging coordination. Our approach can deal with the tradeoffs and balance the detector's accuracy and robustness against the adversarial attacks. Specifically, our approach combines three techniques, including mimic learning, dropout, and differential privacy, in a certain way that makes the detector highly accurate in detecting false data and also robust against adversarial attacks. To validate our approach, we have conducted a set of experiments and the given results demonstrate the robustness and accuracy of our detector.