Date of Award

January 2025

Document Type

Thesis

Degree Name

Master of Science (MS)

Department

Computer Science

First Advisor

Prakash Ranganathan

Abstract

The growing penetration of Distributed Energy Resources (DERs) into the modern power system has introduced significant challenges related to data volume and cybersecurity. Centralized approaches struggle to process the large volume of data generated by inverters or other DER-related assets securely and efficiently. This problem raise concerns about the confidentiality, integrity, availability, and accountability (CIAA) properties of DER assets. Moreover, the large deployment of Internet of Things (IoT) and edge computing devices has introduced new security vulnerabilities. Malicious actors can exploit resource-constrained edge devices for unauthorized activities and resource consumption, threatening the performance and operational capabilities of the edge infrastructure.

This research explores a scalable and privacy-preserving solution to these challenges using Federated Learning (FL) within an edge computing environment. For experimentation, an AI-ready edge testbed (AI-TB) was developed at the Center for Cybersecurity Research (C2SR), University of North Dakota (UND). The testbed comprises Nvidia Jetson Nano devices (acted as federated clients) and Jetson AGX devices (acted as federated server), representing real-world scenarios and supporting localized training without the need of transferring raw data.

This thesis covers two use cases. In the first, DER inverter frequency (Hz) data was utilized for anomaly detection using a Long Short-Term Memory (LSTM) Autoencoders trained with Flower FL framework. The frequency data was injected with False Data Injection Attacks (FDIAs) using gaussian, pulse, and sigmoid functions and used to evaluate the model performance. The FL model achieved a Mean Absolute Percentage Error (MAPE) of 0.022, slightly outperforming the Non Federated Learning (NFL) approach with a MAPE of 0.023. In the second use case, edge device security was investigated by monitoring system-level metrics such as CPU, GPU, and memory usage. LSTM and Bidirectional LSTM (BiLSTM) models were trained using two open source FL frameworks including Flower and OpenFL, to detect anomalous behavior during GPU stress test scenarios. The BiLSTM model combined with OpenFL achieved the highest performance, with F1-scores ranging from 0.96 to 0.99 across three attack patterns.

The findings establish FL as a promising solution for anomaly detection in distributed environments. FL offers privacy preservation and enhanced scalability for collaborative model training across edge nodes. The results highlight the effectiveness of FL in safeguarding both DER systems and edge infrastructure through decentralized and secure anomaly detection.

Download

Available for download on Friday, December 05, 2025

Share

COinS