CN104638762A - Method and system for detecting illegal data implantation internal attack in smart power grid - Google Patents

Method and system for detecting illegal data implantation internal attack in smart power grid Download PDF

Info

Publication number
CN104638762A
CN104638762A CN201510023003.1A CN201510023003A CN104638762A CN 104638762 A CN104638762 A CN 104638762A CN 201510023003 A CN201510023003 A CN 201510023003A CN 104638762 A CN104638762 A CN 104638762A
Authority
CN
China
Prior art keywords
attack
cluster
pdc
gathering
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510023003.1A
Other languages
Chinese (zh)
Other versions
CN104638762B (en
Inventor
鲍海勇
陆荣幸
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Gongshang University
Original Assignee
Zhejiang Gongshang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Gongshang University filed Critical Zhejiang Gongshang University
Priority to CN201510023003.1A priority Critical patent/CN104638762B/en
Publication of CN104638762A publication Critical patent/CN104638762A/en
Application granted granted Critical
Publication of CN104638762B publication Critical patent/CN104638762B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Abstract

The invention discloses a method and a system for detecting illegal data implantation internal attack in a smart power grid. The method adopts a bidirectional channel architecture consisting of gathering, clustering and control centers. The method comprises: (1) a gathering classification module; (2) a system initialization module; (3) a local trust evaluation module; (4) a global trust evaluation module; (5) an internal attach detection module. According to the method and the system, a trust model and a behavior model detection method are focused, and a monitoring and detection system for the illegal data implantation internal attack of the smart power grid is realized by utilizing the intrinsic characteristics of physical coupling and data consistency of the smart power grid on the basis of a graph theory, biotic community, power grid system characteristic vector and characteristic value, markov transition probability matrix theory and technology. The system can resist the internal attack of the smart power grid with high imperceptibility and powerful attack capacity; the implantation attack of illegal data can be high efficiently and accurately detected in the transient stable state process caused by external disturbance or faults.

Description

A kind ofly detect invalid data in intelligent grid and inject the method and system of internaling attack
Technical field
The invention belongs to intelligent power grid technology field, be specifically related to a kind ofly detect invalid data in intelligent grid and inject the method and system of internaling attack.
Background technology
Intelligent grid, by integrated communicaton, calculating and Advanced Control Techniques, achieves the fine granularity of electric network information, Real-time Obtaining and transmission, and the restructuring of electric power system efficient information resource allocation and optimization.But intelligent grid, as network system of new generation, owing to incorporating information space in electric power system physical space, makes assailant more easily be launched a offensive by open network.Thus, the safety of network system is faced with unprecedented challenge.Such as, assailant launches a offensive to electrical network by information space, causes electric power system fault, has a power failure on a large scale, even causes Power System Control Centers can not Obtaining Accurate real-time status data, makes erroneous decision etc., and finally produces serious economic loss.The existing research about safe and intelligent network system focus on how to stop outside disabled user non-through authorize, unauthorized access electric network information resource.Then, destroy stronger attack to electric power system and often come from internal system, because internal members knows the secret information of system, its attack has larger disguise, thus the person of internaling attack more easily abuses authority, and initiate more difficult internaling attack by system discovery and detection.Stage at the early-stage is also in the research that intelligent grid is internaled attack, although the achievement in research of associated machine study and model algorithm seems abundanter, and the information that can be used for attack behavior analysis seem be easy to obtain, but, closely related owing to internaling attack with the behavioural characteristic of assailant, there is property and disguise once in a while.In theory, can not accurately be detected in a short time.Therefore, set up effective in intelligent grid, accurate, for the analysis of internaling attack and detection application system, still face many disclosed technical barriers, and there is challenge highly.
The people such as Yu propose the risk evaluating system based on probability assessment model, are used for evaluating the fragility of smart electric grid system information space.The people such as Fouda, based on Diffie-Hellman IKE, propose lightweight messages authentication mechanism, achieve mutual certification and session key between intelligent electric meter user and share.The people such as Gharavi propose dynamic key update mechanism, for improving the fail safe based on IEEE802.11s standard application system, attack with the Dos/DDos resisted in intelligent grid.The people such as Liu find that assailant can avoid traditional detection method based on residual error, inject invalid data to electric power system.Since then, the study hotspot in this field turns to and how to find that invalid data injects.The people such as Cui are based on adaptability accumulation polymerization measuring technology, can not by rogue attacks and amendment by the key intelligent electric meter reading in defence intelligent grid, devise a quick invalid data detection method, data characteristics is analyzed, thus prevents invalid data injection attacks.The people such as Bobba, propose the invalid data divided based on adaptability status predication and inject detection method, by the personalized susceptibility that definition detects, and carry out many wheel circulation divisions, overall network system is divided into several subsystems, location invalid data, to concrete territory, local cell, finally detects invalid data injection attacks.The people such as Deepa, based on bunching theory, have studied communication lines by Policy model, and apply to the monitoring of intelligent grid wide area network, in addition, also find that bunching theory can be used for hierarchy type intelligent grid physics-Information System Modeling and data analysis.Due to information space attacked time, usually very of short duration for reducing disaster scope and reducing dysgenic SRT, after exceeding this reaction time, electric power system can be caused on a large scale to shake, finally bring serious disaster to electric power system.The people such as Deepa, based on multi-relation clustering technology, according to consistency, carry out clustering grouping to motor, for before electric power system is shaken on a large scale, and the firing area of attenuation systems and disturbance degree.The people such as Chris, based on the interactive strategy between user and assailant and behavioural characteristic, establish intelligent grid Markov game model.But because the computational complexity of this system is along with the growth of number of users index scale, and the intelligent grid scope of reality is wide, customer volume large, causes the operability of this system not strong.The people such as Zhang, based on bifurcation Markov model, for power distribution network element history run situation, and binding member current operating conditions and current operating environment, failure rate computation model is become when establishing power distribution network element comprehensive, propose power distribution network element operation reliability evaluation algorithm, to react the change of real-time operating condition.But Markov theory is just used for setting up hardware component model by this system, can not be used for the attack behavior signature analysis in the smart electric grid system of physics-information fusion.
To sum up, to the research of existing intelligent grid invalid data injection attacks, almost all pay close attention to external attack detection, inject for intelligent grid invalid data and internal attack the research of detection and solution lacks very much.And, to the method for general information internal system Attack Research, this typical physics-information system of intelligent grid can not be applied to.
Summary of the invention
For the defect existed in prior art, the object of the present invention is to provide a kind of detection intelligence
In energy electrical network, invalid data injects the method and system of internaling attack.
Described a kind ofly detect invalid data in intelligent grid and inject the method for internaling attack, it is characterized in that the method by assembling, the two-way communication framework that forms of cluster and control centre completes Intelligent Measurement, described gathering comprises generator/load, PMU(synchronous phase angle measuring unit), local control; Described cluster comprises multiple gathering, PDC(phase-angle data controller), fast charging and discharging actuator; Described control centre communicates with all PDC, monitors and record the operation characteristic of all gatherings, and concrete detection method is as follows:
1) clustering module
The cluster numbers C that input will divide, exports C the cluster marked off:
Cluster numbers=1, obtains Laplacian Matrix L(electric power system topology map);
(1) the characteristic vector V corresponding with minimum non-trivial characteristic value L is calculated;
(2) to k=1 to N
If an a) kth element V(k of characteristic vector V) > 0, then a kth gathering is divided into S set +in;
B) otherwise, a kth gathering is divided into S set -in;
(3) if number of clusters < is C, then
A) S in figure G is removed +and S -between all limits, obtain corresponding S +and S -subgraph G +and G -;
B) to G +and G -, calculate corresponding Laplacian Matrix L respectively +and L -;
C) cluster numbers=cluster numbers * 2;
Circulation performs (1)-(3) step;
2) system initialization module
The trust value of all gatherings of control centre's initialization and overall assessed value table:
With ;
3) local trust evaluation module
Each is assembled by calculating mutual state value deviation, assesses the trust value that other are assembled, and reports to PDC, wherein, represent at t point, assemble j to the assessed value of assembling i:
4) global trusting maintenance module
By communicating with all PDC, control centre safeguards global trusting assessed value table, and control centre calculates Markov transferring matrix simultaneously, and upgrades the trust value of all gatherings:
5) detection module is internaled attack
Through large discharge observation, each trust value assembled tends towards stability, namely , control centre carries out invalid data injection according to the trust value assembled internals attack detection: if to some , inequality set up, then can judge with corresponding gathering is subject to attack.
Described a kind ofly detect invalid data in intelligent grid and inject the system of internaling attack, it is characterized in that the double-layer double-direction communication construction that this system forms based on gathering, cluster and control centre, interior layer architecture comprises some gatherings of the physical coupling belonging to same cluster, by being connected to the multihop network link of source node and destination node between gathering, carry out data communication, and eventually through PDC(phase-angle data controller) all data in cluster are polymerized; The data aggregate node PDC of each internal layer couples together by outer framework, sets up into local area network (LAN), and intercoms mutually, realize the exchanges data between different cluster, described gathering comprises: generator/load, PMU(synchronous phase angle measuring unit), local control; Described cluster comprises: assemble, PDC, fast charging and discharging actuator, assemble realize electric energy centered by generator exchange and control, PDC is as the communication gate of all gatherings in cluster, realize outbound data communication, fast charging and discharging actuator, it is injected or absorption electric energy at motor bus node by local control, shorten temporary steady-state process, accelerating system is stablized; Described control centre and all PDC carry out the operation characteristic communicating, monitor and record all gatherings.
Compared with prior art, there is following beneficial effect in the present invention:
1) utilize biological bunching theory first, establish intelligent grid physics-information space system model and hierarchy type application system framework, utilize the physical space coupling of generator, inject to internal attack to the invalid data of information space and effectively detect;
2) present situation that the invalid data injection attacks focusing on steady-state process based on existing system detects, under achieving external disturbance and physical fault condition, temporary steady-state process intelligent grid internals attack detection system;
3) theoretical based on Markov transferring matrix first, the data dependence that each physics in Classified statistics intelligent grid centered by generator is assembled, and establish data collection and analysis and the state transition system of statistical significance;
4) according to the physical characteristic of intelligent grid, Topology partition is carried out to intelligent grid, construct the cluster entity grouping system centered by generator, and based on the physical interconnection of cluster set, achieve internaling attack behavioural analysis and internaling attack detection based on trust metric model.
Accompanying drawing explanation
Fig. 1 is present system architectural configurations schematic diagram;
Fig. 2 is present system theory structure schematic diagram;
Fig. 3 is clustering legend.
Embodiment
The present invention is described in further detail below in conjunction with accompanying drawing.
As shown in Figure 1, overall architecture of the present invention: ectonexine double-layer double-direction communication construction, interior layer architecture comprises some gatherings of the physical coupling belonging to same cluster, by being connected to the multihop network link of source node and destination node between gathering, carry out data communication, and eventually through PDC(phase-angle data controller): all data in cluster are polymerized; The data aggregate node PDC of each internal layer couples together by skin, sets up into local area network (LAN), and intercoms mutually, realize the exchanges data between different cluster.Its concrete part: assemble: comprise generator/load, PMU(synchronous phase angle measuring unit), local control; Cluster: according to physical coupling, is divided into several clusters by intelligent grid.Cluster specifically comprises, assemble: the electric energy centered by generator and control system, PDC(phase-angle data controller): all gatherings in cluster are using it as communication gate, realize outbound data communication, fast charging and discharging actuator: injected or absorption electric energy at motor bus node by local control, shorten temporary steady-state process, accelerating system is stablized; Control centre: communicate with all PDC, monitors and records the operation characteristic of all gatherings.Systematic schematic diagram is shown in Fig. 2.Native system whole concept: all gatherings 1) in each cluster are poor by comparative reading, evaluate trust value mutually; 2) trust value of the PDC in each cluster to all gatherings in this cluster is polymerized; 3) control centre is by communicating with each PDC, calculates and upgrades the global trusting value of all gatherings:
, wherein,
represent all trust values being gathered in t point;
represent all trust values being gathered in t+1 moment point;
represent Markov transferring matrix.Wherein, represent, at t point, (i value is 1 is 1 to n) to n, j value to the assessed value of assembling i to assemble j.
Present system overall architecture: the correlation technique 1) adopting biology clustering concept, sets up the method for intelligent grid physics-information system level framework; 2) physically based deformation coupling, becomes the technology of several gathering entities centered by generator by intelligent grid physical space clustering, for the method that Detection Information interior volume is attacked; 3) by setting up physics-information system level framework, and realize the technology in the discharge and recharge of motor bus node, under electric power system fault and disturbed conditions, in temporary steady-state process, invalid data injects the method for internaling attack detection.
Present system principle and global design: 1) by physical space Clustering and gathering coupling, set up the technology based on Markov transferring matrix attack analytical model, internal attack the method for detection for information space; 2) build physics-level of information formula framework, realize inside and outside layer and work in coordination with, the technology that physical space, information space merge, the method that the gathering entity trust degree for building centered by generator is evaluated; 3) Markov transferring matrix is built , the technology using PDC as data aggregate gateway, obtains for control centre, calculates and the method for synchronized update all gathering entity trusts value:
Present system module,
1) clustering module: a) theoretical based on Laplacian Matrix, for the method for electric power system topology map; B) based on the theory of electric power system topological features value and characteristic vector, for dividing the method for electric power system subgraph; C) by graph theory, binary tree theory, the method for quick two points of electric power system subgraphs is realized.
2) system initialization module: a) control centre is based on Markov transferring matrix technology, carries out initialized method to gathering trust value and overall assessed value table; B) static receiver error is combined with dynamic error, portray and assess the method for assembling trust value; C) based on the technology that coherent condition deviation calculates, for assembling the method for trust value assessment.
3) local trust evaluation module: a) cluster and gathering are divided into groups, physically based deformation is coupled, and by organizing interior state deviation, carries out the technology of trust evaluation, for setting up the method for internaling attack model; B) by the technology in conjunction with Static and dynamic deviation, the method for entity trusts evaluation is assembled for generator; C) set up ectonexine framework, carried out the technology of data summarization by PDC gateway, the method for reporting for trust value, adding up and analyzing.
4) global trusting maintenance module: a) heart sets up the technology of global trusting evaluation form in the controlling, for finding the method for internaling attack; B) by carrying out data aggregate at each cluster PDC gateway, realizing control centre and collect and analyze the technology of real time data, the method for the heart is in the controlling safeguarded global trusting assessed value table:
C) control centre is based on Markov transferring matrix, to the technology that all gathering trust values record, add up and analyze, internals attack the method for behavioral value for intelligent grid for a long time; D) each method of assembling mutual trust and evaluating in same cluster; E) trust evaluation value is added up, and to the method that global trusting value is normalized.
5) detection is internaled attack: a) technology of Corpus--based Method theory and time dimension iteration, the method for and accurate evaluation objective for attack; B) based on long-term observation and the technology of taking turns iteration, internal attack the method for behavioral value for intelligent grid more.
Concrete detection method is:
1) clustering module
The cluster numbers C that input will divide, exports C the cluster marked off:
Cluster numbers=1, obtains Laplacian Matrix L(electric power system topology map);
(1) the characteristic vector V corresponding with minimum non-trivial characteristic value L is calculated;
(2) to k=1 to N
If an a) kth element V(k of characteristic vector V) > 0, then a kth gathering is divided into S set +in;
B) otherwise, a kth gathering is divided into S set -in;
(3) if number of clusters < is C, then
A) S in figure G is removed +and S -between all limits, obtain corresponding S +and S -subgraph G +and G -;
B) to G +and G -, calculate corresponding Laplacian Matrix L respectively +and L -;
C) cluster numbers=cluster numbers * 2;
Circulation performs (1)-(3) step, and this clustering legend is shown in Fig. 3;
2) system initialization module
The trust value of all gatherings of control centre's initialization and overall assessed value table:
With ;
3) local trust evaluation module
Each is assembled by calculating mutual state value deviation, assesses the trust value that other are assembled, and reports to PDC.Wherein, represent at t point, assemble j to the assessed value of assembling i:
4) global trusting maintenance module
By communicating with all PDC, control centre safeguards global trusting assessed value table.Control centre calculates Markov transferring matrix simultaneously, and upgrades the trust value of all gatherings:
5) detection module is internaled attack
Through large discharge observation, each trust value assembled tends towards stability, namely .Control centre carries out invalid data injection according to the trust value assembled internals attack detection: if to some , inequality set up, then can judge with corresponding gathering is subject to attack.
This invention focuses on the method for trust metric model and behavior model detection, ingeniously the physical coupling of smart electric grid system inherence and the characteristic of data consistency are used, based on graph theory, biological clustering, network system characteristic vector and characteristic value, Markov transferring matrix theory and technology, achieve and inject the monitoring and detection system of internaling attack for intelligent grid invalid data.System can be resisted to have and highly disguised to be internaled attack with the intelligent grid of powerful attacking ability; System can efficient and accurately detect in the temporary steady-state process caused due to external disturbance or fault, invalid data injection attacks; System is based on biology bunching theory and concept, the physical correlation of each generator carried out extracting and analyzes, utilizing Graph Theory, intelligent grid network topology is divided, establish the multiple cluster set centered by generator, accurately can follow the tracks of the historical behavior of invalid data; System is compared by the statistics feature of normal data and invalid data, normal behaviour and attack analysis, and the data dependence analysis in physically based deformation space, achieve for highly hidden information space internal attack accurately with detect in time.

Claims (3)

1. one kind is detected invalid data in intelligent grid and injects the method for internaling attack, it is characterized in that the method by assembling, the two-way communication framework that forms of cluster and control centre completes Intelligent Measurement, described gathering comprises generator/load, PMU(synchronous phase angle measuring unit), local control; Described cluster comprises multiple gathering, PDC(phase-angle data controller), fast charging and discharging actuator; Described control centre communicates with all PDC, monitors and record the operation characteristic of all gatherings, and concrete detection method is as follows:
1) clustering module
The cluster numbers C that input will divide, exports C the cluster marked off:
Cluster numbers=1, obtains Laplacian Matrix L(electric power system topology map);
(1) the characteristic vector V corresponding with minimum non-trivial characteristic value L is calculated;
(2) to k=1 to N
If an a) kth element V(k of characteristic vector V) > 0, then a kth gathering is divided into S set +in;
B) otherwise, a kth gathering is divided into S set -in;
(3) if number of clusters < is C, then
A) S in figure G is removed +and S -between all limits, obtain corresponding S +and S -subgraph G +and G -;
B) to G +and G -, calculate corresponding Laplacian Matrix L respectively +and L -;
C) cluster numbers=cluster numbers * 2;
Circulation performs (1)-(3) step;
2) system initialization module
The trust value of all gatherings of control centre's initialization and overall assessed value table:
With ;
3) local trust evaluation module
Each is assembled by calculating mutual state value deviation, assesses the trust value that other are assembled, and reports to PDC, wherein, represent at t point, assemble j to the assessed value of assembling i:
4) global trusting maintenance module
By communicating with all PDC, control centre safeguards global trusting assessed value table, and control centre calculates Markov transferring matrix simultaneously, and upgrades the trust value of all gatherings:
5) detection module is internaled attack
Through large discharge observation, each trust value assembled tends towards stability, namely , control centre carries out invalid data injection according to the trust value assembled internals attack detection: if to some , inequality set up, then can judge with corresponding gathering is subject to attack.
2. one kind is detected invalid data in intelligent grid and injects the system of internaling attack, it is characterized in that this system is based on ectonexine double-layer double-direction communication construction, interior layer architecture comprises some gatherings of the physical coupling belonging to same cluster, by being connected to the multihop network link of source node and destination node between gathering, carry out data communication, and eventually through PDC(phase-angle data controller) all data in cluster are polymerized; The data aggregate node PDC of each internal layer couples together by outer framework, sets up into local area network (LAN), and intercoms mutually, realize the exchanges data between different cluster.
3. according to claim 2ly a kind ofly detect invalid data in intelligent grid and inject the system of internaling attack, it is characterized in that described gathering comprises: generator/load, PMU(synchronous phase angle measuring unit), local control; Described cluster comprises: assemble, PDC, fast charging and discharging actuator, assemble realize electric energy centered by generator exchange and control, PDC is as the communication gate of all gatherings in cluster, realize outbound data communication, fast charging and discharging actuator, it is injected or absorption electric energy at motor bus node by local control, shorten temporary steady-state process, accelerating system is stablized; Described control centre and all PDC carry out the operation characteristic communicating, monitor and record all gatherings.
CN201510023003.1A 2015-01-19 2015-01-19 Method and system for detecting illegal data implantation internal attack in smart power grid Active CN104638762B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510023003.1A CN104638762B (en) 2015-01-19 2015-01-19 Method and system for detecting illegal data implantation internal attack in smart power grid

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510023003.1A CN104638762B (en) 2015-01-19 2015-01-19 Method and system for detecting illegal data implantation internal attack in smart power grid

Publications (2)

Publication Number Publication Date
CN104638762A true CN104638762A (en) 2015-05-20
CN104638762B CN104638762B (en) 2017-04-26

Family

ID=53217207

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510023003.1A Active CN104638762B (en) 2015-01-19 2015-01-19 Method and system for detecting illegal data implantation internal attack in smart power grid

Country Status (1)

Country Link
CN (1) CN104638762B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105515017A (en) * 2015-12-11 2016-04-20 国网智能电网研究院 Wide area measurement system (WAMS) phasor measurement unit (PMU) optimization configuration method taking information security constraint into consideration
CN105867347A (en) * 2016-03-29 2016-08-17 全球能源互联网研究院 Trans-space cascade fault detection method based on machine learning technology
CN105939319A (en) * 2015-11-25 2016-09-14 北京匡恩网络科技有限责任公司 Network security analysis method based on Markov simulation
CN108683642A (en) * 2018-04-25 2018-10-19 长沙学院 The detector and detection method of intelligent grid line status wrong data injection attacks
CN110337626A (en) * 2016-12-21 2019-10-15 Abb公司 System and method for detecting the injection of the wrong data in substation
CN113746818A (en) * 2021-08-23 2021-12-03 国网山东省电力公司济南供电公司 Power system security defense method and device for false data injection attack

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110288692A1 (en) * 2010-05-20 2011-11-24 Accenture Global Services Gmbh Malicious attack detection and analysis
CN104009992A (en) * 2014-05-29 2014-08-27 安徽师范大学 Trust evaluation system construction method based on fuzzy control
CN203933682U (en) * 2013-12-26 2014-11-05 珠海市鸿瑞信息技术有限公司 Telemechanical communication security instrument
CN104243437A (en) * 2013-06-24 2014-12-24 国家电网公司 Communication safety protection method for by means of wireless public network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110288692A1 (en) * 2010-05-20 2011-11-24 Accenture Global Services Gmbh Malicious attack detection and analysis
CN104243437A (en) * 2013-06-24 2014-12-24 国家电网公司 Communication safety protection method for by means of wireless public network
CN203933682U (en) * 2013-12-26 2014-11-05 珠海市鸿瑞信息技术有限公司 Telemechanical communication security instrument
CN104009992A (en) * 2014-05-29 2014-08-27 安徽师范大学 Trust evaluation system construction method based on fuzzy control

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105939319A (en) * 2015-11-25 2016-09-14 北京匡恩网络科技有限责任公司 Network security analysis method based on Markov simulation
CN105515017A (en) * 2015-12-11 2016-04-20 国网智能电网研究院 Wide area measurement system (WAMS) phasor measurement unit (PMU) optimization configuration method taking information security constraint into consideration
CN105515017B (en) * 2015-12-11 2018-04-20 国网智能电网研究院 Meter and the Wide Area Measurement System PMU Optimal Configuration Methods of information security constraint
CN105867347A (en) * 2016-03-29 2016-08-17 全球能源互联网研究院 Trans-space cascade fault detection method based on machine learning technology
CN110337626A (en) * 2016-12-21 2019-10-15 Abb公司 System and method for detecting the injection of the wrong data in substation
CN110337626B (en) * 2016-12-21 2021-03-19 Abb公司 System and method for detecting erroneous data injection in a substation
CN108683642A (en) * 2018-04-25 2018-10-19 长沙学院 The detector and detection method of intelligent grid line status wrong data injection attacks
CN113746818A (en) * 2021-08-23 2021-12-03 国网山东省电力公司济南供电公司 Power system security defense method and device for false data injection attack

Also Published As

Publication number Publication date
CN104638762B (en) 2017-04-26

Similar Documents

Publication Publication Date Title
Hasan et al. Blockchain technology on smart grid, energy trading, and big data: security issues, challenges, and recommendations
Liu et al. Abnormal traffic-indexed state estimation: A cyber–physical fusion approach for smart grid attack detection
CN104638762A (en) Method and system for detecting illegal data implantation internal attack in smart power grid
Li et al. Distributed host-based collaborative detection for false data injection attacks in smart grid cyber-physical system
Wang et al. Game-theory-based active defense for intrusion detection in cyber-physical embedded systems
Zhu et al. Revealing cascading failure vulnerability in power grids using risk-graph
Yan et al. Integrated security analysis on cascading failure in complex networks
Zeng et al. Dependability analysis of control center networks in smart grid using stochastic petri nets
Zhang et al. False data injection attacks against smart gird state estimation: Construction, detection and defense
Tuyen et al. A comprehensive review of cybersecurity in inverter-based smart power system amid the boom of renewable energy
Wang et al. A survey on bad data injection attack in smart grid
Chen et al. Study on attack paths of cyber attack in cyber‐physical power systems
Fan et al. A method for identifying critical elements of a cyber-physical system under data attack
CN110276200A (en) A kind of determination method of power information system state transition probability
Mirzaee et al. Smart grid security and privacy: From conventional to machine learning issues (threats and countermeasures)
Ru et al. Risk assessment of cyber attacks in ECPS based on attack tree and AHP
Hu et al. Credibility-based distributed frequency estimation for plug-in electric vehicles participating in load frequency control
Jin et al. A semidefinite programming relaxation under false data injection attacks against power grid ac state estimation
An et al. Toward data integrity attacks against distributed dynamic state estimation in smart grid
Liu et al. Enhancing Cyber-Resiliency of DER-Based Smart Grid: A Survey
CN108510162A (en) A kind of active power distribution network security effectiveness appraisal procedure
Fan et al. Review of cyber physical system and cyber attack modeling
Xia et al. Confidence-aware collaborative detection mechanism for false data attacks in smart grids
Hewett et al. Smart Grid security: Deriving informed decisions from cyber attack game analysis
Wang et al. Data framing attacks against nonlinear state estimation in smart grid

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant