CN108182536B - CPS security defense method for power distribution network based on finiteness - Google Patents

CPS security defense method for power distribution network based on finiteness Download PDF

Info

Publication number
CN108182536B
CN108182536B CN201711463221.2A CN201711463221A CN108182536B CN 108182536 B CN108182536 B CN 108182536B CN 201711463221 A CN201711463221 A CN 201711463221A CN 108182536 B CN108182536 B CN 108182536B
Authority
CN
China
Prior art keywords
strategy
fortifier
distribution network
power distribution
attack
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711463221.2A
Other languages
Chinese (zh)
Other versions
CN108182536A (en
Inventor
刘鑫蕊
孙秋野
张化光
赵汀
汪刚
杨珺
吴泽群
原欣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Northeastern University China
Original Assignee
Northeastern University China
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Northeastern University China filed Critical Northeastern University China
Priority to CN201711463221.2A priority Critical patent/CN108182536B/en
Publication of CN108182536A publication Critical patent/CN108182536A/en
Application granted granted Critical
Publication of CN108182536B publication Critical patent/CN108182536B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0635Risk analysis of enterprise or organisation activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/06Electricity, gas or water supply
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection

Abstract

The invention discloses a CPS security defense method for a power distribution network based on the limited rationality, which fully utilizes power distribution network equipment data, power distribution network operation data, residence time of historical attackers, average reaction time, average repair time and other power grid multi-source data to establish a comprehensive CPS risk assessment index for the power distribution network from two aspects of a physical system and an information system, so that each line risk assessment result effectively helps a fortifier to realize the selection of a fortification strategy through a chess-playing learning method based on the limited rationality. The protection benefit value of each attack protection strategy pair is obtained from the economic benefit and the safety, the final expected benefit and the average benefit when different strategies are adopted by a protection party are obtained by adopting a logarithm synthesis method, the dynamic change rate of a certain strategy selected by the attack party and the protection party is expressed by a dynamic differential equation, and the CPS security defense satisfaction strategy of the power distribution network is obtained by establishing a dynamic differential equation set of a chess-playing learning model.

Description

CPS security defense method for power distribution network based on finiteness
Technical Field
The invention relates to the technical field of power transmission and distribution, in particular to a CPS (cyber physical system) security defense method for a power distribution network based on the limited rationality.
Background
With the continuous development of smart grid construction and the large-scale access of distributed power supplies, electric vehicles and the like, the power distribution network is gradually developed into a power distribution network CPS with various CPS typical characteristics, and the dependence degree on an information network is higher and higher. Due to the great change of the structure and the operation management of the power distribution network, if an effective and reliable power distribution network security defense strategy selection method cannot be researched by utilizing a modern technology, the power distribution network cannot effectively cope with various sudden and cascading failures so as to meet the requirements of safe and reliable power supply of users. Therefore, research on a CPS security defense strategy selection method of the power distribution network is urgently needed.
The risk assessment is to predict the probability of the power distribution network failure according to various emergencies of the power distribution network and the working state of the electrical equipment, so that the risk caused by the failure is predicted, the risk assessment is an important basis of early warning and safety defense, and the risk assessment is widely researched and applied; the traditional risk assessment indexes only consider the physical part of the power system, along with the deep coupling of power physics and information, the reliability problem of an information link also causes the operation risk of the physical system, and in order to ensure the safe, stable, continuous and effective operation of the CPS of the power distribution network, the CPS comprehensive risk assessment indexes of the power distribution network need to be constructed.
The existing power grid safety defense control is mainly passive defense, and the utilization degree of real-time information is low. The playing learning method is started in engineering practice application, and a new idea is provided for selection of a power distribution network security defense strategy. However, most of the application of the strategy is established on the basis of complete rationality, the deviation from the actual situation is large, and the reliability of the strategy selection result is reduced.
At present, chess learning based on limited rationality is taken as a cross-field and cross-task method, and attracts more and more attention of students in the field of power systems. The chess-playing learning is a fortification decision selection method for solving problems in different but related fields by using the existing knowledge. It is based on the rationality: (1) due to the influence of a large number of uncertain factors, any participant cannot accurately master the characteristics, strategy sets and benefit sets of all other participants. (2) The negative impact on the system by the attacker each time is not necessarily the most serious consequence under the current operating conditions, i.e. the participants have to seek a satisfactory decision rather than an optimal one. Meanwhile, the interdependence condition between the strategies is adopted under the same power distribution network CPS, a decision selection result closer to the actual fortifier is obtained, and the analysis and prediction of CPS security defense of the power distribution network can be effectively realized.
Disclosure of Invention
According to the problems in the prior art, the invention discloses a CPS security defense method for a power distribution network based on the limited rationality, wherein a risk assessment model is established from two aspects of a physical system and an information system by acquiring multi-source data of the power grid, so that the comprehensive risk of each line can be effectively assessed; constructing a playing learning model based on limited rationality; respectively obtaining the fortification benefit value of each attack fortification strategy pair from the two aspects of economic benefit and safety, and obtaining the final expected benefit and the average benefit when a fortifier adopts different strategies by adopting a logarithmic synthesis method; and further establishing a dynamic differential equation set of the playing learning model to obtain a satisfactory security defense strategy.
The specific scheme is as follows:
step 1: acquiring power grid multi-source data including meteorological data, power distribution network equipment data, power distribution network operation data, residence time, average reaction time, average repair time and the like of historical attackers, and establishing a risk evaluation model from two aspects of a physical system and an information system for describing risk values of all lines;
step 2: according to the risk evaluation result of each line, constructing a playing learning model based on the limited rationality, wherein the playing learning model comprises an attack party type space set, a fortifying party type space set, an attack party strategy set, a fortifying party strategy set, a participant playing benefit set and a participant playing probability set;
and step 3: aiming at the strategy selected by the attacker, selecting a reasonable fortifier strategy according to the probability set of the players to play, respectively obtaining the fortifier benefit value of each attack fortifier strategy pair from the two aspects of economic benefit and safety, and obtaining the final expected benefit and the average benefit of different strategies adopted by the fortifier by adopting a logarithmic synthesis method;
and 4, step 4: for a specific fortifier strategy, the line proportion of the strategy is selected as a function of time, and the dynamic change rate of the strategy is expressed by a dynamic differential equation. Similarly, the corresponding dynamic differential equation can be obtained for any optional attack strategy of the attacker. The negative impact on the system by the attacker each time is not necessarily the most serious consequence under the current operating conditions, i.e. the participants have to seek a satisfactory decision rather than an optimal one. And establishing a dynamic differential equation set of the playing learning model, solving a stable and balanced solution of the differential equation, and obtaining a satisfactory security defense strategy.
Further, the step 1 comprises:
risk assessment is carried out on the power distribution network physical system from three aspects such as user influence, power grid influence and external factors, and assessment indexes comprise the proportion of the number of power failure people, the power failure loss rate of users, the number of heavy-load overload equipment, the energy loss rate after failure, the power failure risk of important users, the allocation capacity of emergency equipment, repair time influence factors, weather factors and the like.
Risk assessment is carried out on the power distribution network information system from three aspects of information security, communication security and physical security, and assessment indexes comprise integrity verification, identity authentication, access control, terminal user privacy security, communication protocol security, information transmission security, operating system security, virus prevention, equipment security, network environment security and the like.
Further, the step 2 comprises:
the power distribution network CPS attack defense playing learning model M can be expressed as 4 tuples, namely M ═ N, S, B and P, and N ═ NA,NP) Is a spatial pair of participants of the playing learning model, wherein NAFor aggressor type space set, NPSetting a fortifier type space set; (S) ═ SA,SP) Is a participant policy set pair, SA={SA1,SA2,SAnN belongs to N, N is more than or equal to 2 and represents an aggressor strategy set, SP={SP1,SP2,SPnMeans a fortification squareA policy set; b ═ B (B)A,BP) Is a benefit set for the players to play chess, and is determined by the strategies of all the players; p ═ P, q is the set of probabilities of the participants playing, PiRepresenting an attacker to select an attack strategy SAiProbability of (a), qjMethod for selecting fortification strategy S by representing fortification partyPiThe probability of (c). Due to the influence of a large number of uncertain factors, any participant cannot accurately master the characteristics, strategy sets and benefit sets of all other participants.
Further, the step 3 comprises:
step 31: and (3) playing chess by adopting different strategies to obtain a corresponding economic benefit matrix and a corresponding safety matrix:
Figure GDA0003201014740000031
Figure GDA0003201014740000032
wherein, aij、bijRespectively representing an attacker and a fortifier to adopt SAi、SPjEconomic benefits of time, cij、dijRespectively representing an attacker and a fortifier to adopt SAi、SPjAnd (4) time safety, wherein n and m respectively represent the number of elements in a strategy set by a fortifier and an attacker.
Step 32: for the fortifier, the decision maker has different probabilities qiStrategy S for each fortifierPiSelection is performed, but the conditions are met for the entire policy set:
Figure GDA0003201014740000033
also, the attacker decision maker has different probabilities piFor each attack strategy SAiAnd selecting, wherein the whole strategy set meets the following requirements:
Figure GDA0003201014740000034
calculating the expected economic benefit of different fortification strategies of fortifying parties
Figure GDA0003201014740000035
And its average profit
Figure GDA0003201014740000036
Figure GDA0003201014740000037
Figure GDA0003201014740000041
Calculating expected security benefits of different fortification strategies of fortifiers
Figure GDA0003201014740000042
And its average profit
Figure GDA0003201014740000043
Figure GDA0003201014740000044
Calculating the comprehensive expected profit of different fortification strategies of fortifying parties by adopting a logarithmic synthesis method
Figure GDA0003201014740000045
And combined average profit
Figure GDA0003201014740000046
Figure GDA0003201014740000047
Further, the step 4 comprises:
step 41: because the lower profit of the fortifier can learn to imitate the strategy selected by the high profit, the optional strategy concentrated by the fortifier strategy is selectedThe line proportion of different strategies will change with the passage of time, using qi(t) is represented by, wherein qi(t) selecting a fortifier strategy SPiAnd line proportion of (1) and satisfy
Figure GDA0003201014740000048
The attack party selects the line proportion of different strategies to dynamically change along with the time, and p is usedi(t) wherein p isi(t) satisfies
Figure GDA0003201014740000049
Step 42: for a particular defense strategy SPiThe line proportion of the strategy is selected as a function of time, and the dynamic change rate can be expressed by a dynamic differential equation:
Figure GDA00032010147400000410
Figure GDA0003201014740000051
wherein λiRepresenting the random rate of change, k, using a fortification strategy iαiIs the intensity factor.
Optional attack strategy S for an attackerAiThe corresponding dynamic differential equation can be obtained:
Figure GDA0003201014740000052
Figure GDA0003201014740000053
where ρ isiRepresenting the random rate of change, k, using an attack strategy iβiIs the intensity factor.
Step 43: order to
Figure GDA0003201014740000054
And obtaining a stable equilibrium solution to obtain a satisfactory security defense strategy, namely the simplest strategy that a fortifier can defend successfully. And analyzing and predicting the security defense strategy of the power distribution network by drawing a phase diagram of a dynamic differential equation.
By adopting the technical scheme, the CPS security defense method for the power distribution network based on the rationality, provided by the invention, fully utilizes power distribution network equipment data, power distribution network operation data, power distribution network multi-source data such as residence time, average reaction time, average repair time and the like of historical attackers, establishes a comprehensive power distribution network CPS risk assessment index from two aspects of a physical system and an information system, enables each line risk assessment result to effectively help a fortifier to realize the selection of a fortification strategy through a finite-based chess learning method, particularly means that the negative influence on the system caused by the attackers each time is not necessarily the most serious consequence under the current operation condition, namely that the participants need to seek a satisfied decision rather than an optimal decision, respectively obtains the fortification benefit value of each attack fortification strategy pair from two aspects of economic benefit and safety, and obtains the final expected benefit and average benefit when the fortifier adopts different strategies by adopting a logarithmic synthesis method, and expressing the dynamic change rate of a certain strategy selected by the attacking party and the defending party by using a dynamic differential equation, and further establishing a dynamic differential equation set of the playing learning model to obtain a CPS (cyber physical system) security defense satisfaction strategy of the power distribution network. The method is essentially characterized in that a physical-information coupling comprehensive risk assessment index is constructed, the selected defense strategy is more practical through a game method based on the limited rationality, and the analysis and prediction of the CPS security defense strategy of the power distribution network are realized.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
FIG. 1 is a flow chart of the steps corresponding to the method of the present invention;
FIG. 2 is a diagram of core steps corresponding to the method of the present invention;
FIG. 3 shows a CPS comprehensive risk assessment index of the power distribution network corresponding to the method of the invention;
FIG. 4 shows the attacking party and defending party learning and playing trees corresponding to the method of the present invention;
FIG. 5(1) is a phase diagram of fortifying square dynamic differential equation corresponding to the method of the present invention;
FIG. 5(2) is a phase diagram of fortification square dynamic differential equation corresponding to the method of the present invention
Detailed Description
In order to make the technical solutions and advantages of the present invention clearer, the following describes the technical solutions in the embodiments of the present invention clearly and completely with reference to the drawings in the embodiments of the present invention:
as shown in fig. 1-5, a method for protecting CPS security of a distribution network based on finiteness includes the following steps:
step 1: acquiring power grid multi-source data including meteorological data, power distribution network equipment data, power distribution network operation data, residence time, average reaction time, average repair time and the like of historical attackers, and establishing a risk evaluation model from two aspects of a physical system and an information system for describing risk values of all lines; the historical attackers comprise physical attackers and information attackers in the past years of the power distribution network, the physical attackers comprise the phenomena of bad weather, damaged equipment and the like, and the information attackers comprise the phenomena of viruses, hackers and the like. Wherein the participants designate the defending party and the attacking party
Further, the step 1 comprises:
fig. 1 shows a CPS comprehensive risk assessment index of the power distribution network adopted by the invention. The index comprises a physical system risk assessment index and an information system risk assessment index.
Risk assessment is carried out on the power distribution network physical system from three aspects such as user influence, power grid influence and external factors, and assessment indexes comprise the proportion of the number of power failure people, the power failure loss rate of users, the number of heavy-load overload equipment, the energy loss rate after failure, the power failure risk of important users, the allocation capacity of emergency equipment, repair time influence factors, weather factors and the like. The risk level and the quantitative value of the physical system of the power distribution network are shown in the table 1.
TABLE 1 physical System Risk index values and corresponding Risk level quantification values
Figure GDA0003201014740000061
Figure GDA0003201014740000071
Risk assessment is carried out on the power distribution network information system from three aspects of information security, communication security and physical security, and assessment indexes comprise integrity verification, identity authentication, access control, terminal user privacy security, communication protocol security, information transmission security, operating system security, virus prevention, equipment security, network environment security and the like. According to the risk assessment index system of the information system, the safety level is classified into 7 grades, namely very safe (95-100), safe (85-90), safe (80-85), general (70-80), dangerous (65-70), dangerous (60-65) and very dangerous (< 60).
Step 2: according to the risk evaluation result of each line, constructing a playing learning model based on the limited rationality, wherein the playing learning model comprises an attack party type space set, a fortifying party type space set, an attack party strategy set, a fortifying party strategy set, a participant playing benefit set and a participant playing probability set; further, wherein
The step 2 comprises the following steps:
the power distribution network CPS attack defense playing learning model M can be expressed as 4 tuples, namely M ═ N, S, B and P, and N ═ NA,NP) Is a spatial pair of participants of the playing learning model, wherein NAFor aggressor type space set, NPSetting a fortifier type space set; (S) ═ SA,SP) Is a participant policy set pair, assume SA1,SA2And { S }P1,SP2The strategy sets of an attacker and a fortifier are respectively; p ═ P, q is the set of probabilities of the participants playing, PiRepresenting an attacker to select an attack strategy SAiProbability of (a), qjMethod for selecting fortification strategy S by representing fortification partyPiThe two parties select the strategies in the respective strategy sets according to different probabilities. Due to the influence of a large number of uncertain factors, any participant cannot accurately master the characteristics, strategy sets and benefit sets of all other participants. The two parties learn the tree as shown in FIG. 4.
And step 3: aiming at the strategy selected by the attacker, selecting a reasonable fortifier strategy according to the probability set of the players to play, respectively obtaining the fortifier benefit value of each attack fortifier strategy pair from the two aspects of economic benefit and safety, and obtaining the final expected benefit and the average benefit when the fortifier adopts different strategies by adopting a logarithmic synthesis method; further, the step 3 comprises:
step 31: and (3) playing chess by adopting different strategies to obtain a corresponding economic benefit matrix and a corresponding safety matrix:
Figure GDA0003201014740000081
step 32: for the fortifier, the decision maker has different probabilities qiStrategy S for each fortifierPiSelection is performed, but the conditions are met for the entire policy set:
Figure GDA0003201014740000082
also, the attacker decision maker has different probabilities piFor each attack strategy SAiAnd selecting, wherein the whole strategy set meets the following requirements:
Figure GDA0003201014740000083
calculating the expected economic benefit of different fortification strategies of fortifying parties
Figure GDA0003201014740000084
And its average profit
Figure GDA0003201014740000085
Figure GDA0003201014740000086
Figure GDA0003201014740000087
Figure GDA0003201014740000088
Calculating expected security benefits of different fortification strategies of fortifiers
Figure GDA0003201014740000089
And its average profit
Figure GDA00032010147400000810
Figure GDA0003201014740000091
Figure GDA0003201014740000092
Figure GDA0003201014740000093
Calculating the comprehensive expected profit of different fortification strategies of fortifying parties by adopting a logarithmic synthesis method
Figure GDA0003201014740000094
And combined average profit
Figure GDA0003201014740000095
Figure GDA0003201014740000096
Figure GDA0003201014740000097
Figure GDA0003201014740000098
Similarly, the expected income and the average income of different strategies of the attacker can be calculated for the attacker from the aspects of economic benefit and safety.
Figure GDA0003201014740000099
Figure GDA00032010147400000910
Figure GDA00032010147400000911
Calculating security expected benefits of different attack strategies of an attacker
Figure GDA00032010147400000912
And its average profit
Figure GDA00032010147400000913
Figure GDA00032010147400000914
Figure GDA00032010147400000915
Figure GDA00032010147400000916
Calculating the comprehensive expected profit of different defense strategies of an attacker by adopting a logarithmic synthesis method
Figure GDA00032010147400000917
And combined average profit
Figure GDA00032010147400000918
Figure GDA00032010147400000919
Figure GDA00032010147400000920
Figure GDA00032010147400000921
And 4, step 4: for a specific fortifier strategy, the line proportion of the strategy is selected as a function of time, and the dynamic change rate of the strategy is expressed by a dynamic differential equation. Similarly, the corresponding dynamic differential equation can be obtained for any optional attack strategy of the attacker. The negative impact on the system by the attacker each time is not necessarily the most serious consequence under the current operating conditions, i.e. the participants have to seek a satisfactory decision rather than an optimal one. Establishing a dynamic differential equation set of a playing learning model, solving a stable and balanced solution of a differential equation, and obtaining a satisfactory security defense strategy; further, the step 4 comprises:
for a particular defense strategy SP1The line proportion of the strategy is selected as a function of time, and the dynamic change rate can be expressed by a dynamic differential equation:
Figure GDA0003201014740000101
order SP(q) ═ 0, the solution q ═ 0, q ═ 1,
Figure GDA0003201014740000102
for a particular defense strategy SA1The line proportion of the strategy is selected as a function of time, and the dynamic change rate can be expressed by a dynamic differential equation:
Figure GDA0003201014740000103
order SA(p) 0, then the solution p is 0, p is 1,
Figure GDA0003201014740000104
order to
Figure GDA0003201014740000105
The balance state of the learning and playing can be obtained. The final solution is:
Figure GDA0003201014740000106
wherein F1Pure strategy S for selecting representation fortifierP2The attacker chooses the pure strategy SA2
Figure GDA0003201014740000107
Wherein F2Pure strategy S for selecting representation fortifierP2The attacker chooses the pure strategy SA1
Figure GDA0003201014740000108
Wherein F3Pure strategy S for selecting representation fortifierP1The attacker chooses the pure strategy SA2
Figure GDA0003201014740000109
Wherein F1Pure strategy S for selecting representation fortifierP1The attacker chooses the pure strategy SA1
Figure GDA00032010147400001010
Wherein F5Selection strategy (S) for representing fortifier by mixed probability combination (M,1-M)P1,SP2And (4) selecting a strategy (S) by an attacker through mixed probability combination (N,1-N)A1,SA2}。
And (3) aiming at the dynamic differential equations respectively existing in the two learning and playing models, taking the defense party as an example, drawing a phase diagram of the dynamic differential equations, and carrying out detailed analysis on the stable equilibrium solution obtained by the learning and playing models.
When in use
Figure GDA0003201014740000111
And is
Figure GDA0003201014740000112
And q is a satisfactory security defense strategy of the fortifier. Namely, the point that the dynamic differential equation curve intersects with the horizontal coordinate axis and the slope of the tangent is negative is the satisfactory security defense strategy of the fortifier.
(1) When p is less than M, a fortifier dynamic differential equation phase diagram is shown in figure 5(1), q is 0, q is 1, and q is 2 stable states, and q is 0 as a satisfactory security defense strategy of the fortifier based on the analysis;
(2) when p is greater than M, a fortifier dynamic differential equation phase diagram is shown in fig. 5(2), q is 0, q is 1, and q is 2 stable states, and q is 1, which is a satisfactory security defense strategy of the fortifier based on the analysis;
the stable balance of the dynamic differential equation can be obtained through the analysis of the learning and playing results, the change of a strategy selection mechanism can be analyzed and predicted, and the selection of a CPS (cyber physical system) safety defense satisfaction strategy of the power distribution network is realized.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.

Claims (4)

1. A CPS security defense method for a power distribution network based on rationality is characterized by comprising the following steps:
s1: acquiring multi-source data information of a power grid, and establishing a power grid risk evaluation model for describing risk values of all lines from a physical system and an information system, wherein the multi-source data of the power grid comprises meteorological data, power distribution network equipment data, power distribution network operation data, residence time of historical attackers, average reaction time and average repair time;
s2: constructing a CPS attack, defense and chess-playing learning model M of the power distribution network according to the risk evaluation result of each line in the power grid; wherein the construction of the model comprises the construction of an aggressor type space set, a fortifier type space set, an aggressor strategy set, a fortifier strategy set, a participant playing benefit set and a participant playing probability set;
s3: selecting a fortifier strategy according to the probability set of the players for the strategy selected by the attacker, respectively obtaining the fortifier benefit value of each attack fortifier strategy pair from the economic benefit and the safety, and obtaining the final expected benefit and the average benefit when the fortifier adopts different strategies by adopting a logarithmic synthesis method;
s4: for a specific fortifying party strategy, the line proportion of the strategy is selected to be a function of time, the dynamic change rate of the strategy is expressed by using a dynamic differential equation, a dynamic differential equation set of a playing learning model is established, and a differential equation stable equilibrium solution is obtained to obtain a satisfactory security defense strategy.
2. The CPS security defense method for the power distribution network based on the limited rationality, according to claim 1, is further characterized in that: the power distribution network CPS attack defense playing learning model M in S2 can be expressed as a quadruple, that is, M ═ N, (S, B, P), N ═ N (N)A,NP) Is a spatial pair of participants of the playing learning model, wherein NAFor aggressor type spaceSet, NPSetting a fortifier type space set; (S) ═ SA,SP) Is a participant policy set pair, SA={SA1,SA2,SAnN belongs to N, N is more than or equal to 2 and represents an aggressor strategy set, SP={SP1,SP2,SPnExpressing a fortifier strategy set; b ═ B (B)A,BP) Is a benefit set for the players to play chess, and is determined by the strategies of all the players; p ═ P (P)i,qj) Is a set of probabilities, p, of the players playingiRepresenting an attacker to select an attack strategy SAiProbability of (a), qjMethod for selecting fortification strategy S by representing fortification partyPiThe probability of (c).
3. The CPS security defense method for the power distribution network based on the limited rationality, according to claim 1, is further characterized in that: the following method is specifically adopted in S3:
s31: and (3) playing chess by adopting different strategies to obtain a corresponding economic benefit matrix and a corresponding safety matrix:
Figure FDA0003201014730000021
Figure FDA0003201014730000022
wherein, aij、bijRespectively representing an attacker and a fortifier to adopt SAi、SPjEconomic benefits of time, cij、dijRespectively representing an attacker and a fortifier to adopt SAi、SPjThe safety of the process is that n and m respectively represent the number of elements in a strategy set by a fortifier and an attacker;
s32: for the fortifier, the decision maker has different probabilities qiStrategy S for each fortifierPiSelecting, wherein the whole strategy set meets the conditions:
Figure FDA0003201014730000023
also, the attacker decision maker has different probabilities piFor each attack strategy SAiAnd selecting, wherein the whole strategy set meets the following requirements:
Figure FDA0003201014730000024
calculating the expected economic benefit of different fortification strategies of fortifying parties
Figure FDA0003201014730000025
And its average profit
Figure FDA0003201014730000026
Figure FDA0003201014730000027
Calculating expected security benefits of different fortification strategies of fortifiers
Figure FDA0003201014730000028
And its average profit
Figure FDA0003201014730000029
Figure FDA00032010147300000210
Calculating the comprehensive expected profit of different fortification strategies of fortifying parties by adopting a logarithmic synthesis method
Figure FDA00032010147300000211
And combined average profit
Figure FDA00032010147300000212
Figure FDA0003201014730000031
4. The CPS security defense method for the power distribution network based on the limited rationality, according to claim 1, is further characterized in that: s4 specifically adopts the following scheme:
s41: aiming at selectable strategies in the strategy set of the fortification party, the line proportion of different strategies is selected to change along with the time, and q is usedi(t) is represented by, wherein qi(t) selecting a fortifier strategy SPiAnd line proportion of (1) and satisfy
Figure FDA0003201014730000032
The attack party selects the line proportion of different strategies to dynamically change along with the time, and p is usedi(t) wherein p isi(t) satisfies
Figure FDA0003201014730000033
S42: for a particular defense strategy SPiThe line proportion of the strategy is selected as a function of time, and the dynamic change rate is expressed by a dynamic differential equation:
Figure FDA0003201014730000034
Figure FDA0003201014730000035
wherein λiRepresenting the random rate of change, k, using a fortification strategy iαiIs the intensity factor;
optional attack strategy S for an attackerAiObtaining a corresponding dynamic differential equation:
Figure FDA0003201014730000036
Figure FDA0003201014730000037
where ρ isiRepresenting the random rate of change, k, using an attack strategy iβiIs the intensity factor;
s42: order to
Figure FDA0003201014730000038
Obtaining a stable equilibrium solution to obtain a satisfactory security defense strategy, namely a simplest strategy that a fortifier can successfully defend; and analyzing and predicting the security defense strategy of the power distribution network by drawing a phase diagram of a dynamic differential equation.
CN201711463221.2A 2017-12-28 2017-12-28 CPS security defense method for power distribution network based on finiteness Active CN108182536B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711463221.2A CN108182536B (en) 2017-12-28 2017-12-28 CPS security defense method for power distribution network based on finiteness

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711463221.2A CN108182536B (en) 2017-12-28 2017-12-28 CPS security defense method for power distribution network based on finiteness

Publications (2)

Publication Number Publication Date
CN108182536A CN108182536A (en) 2018-06-19
CN108182536B true CN108182536B (en) 2021-11-16

Family

ID=62548563

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711463221.2A Active CN108182536B (en) 2017-12-28 2017-12-28 CPS security defense method for power distribution network based on finiteness

Country Status (1)

Country Link
CN (1) CN108182536B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109005152B (en) * 2018-06-25 2020-09-29 全球能源互联网研究院有限公司 Method and system for evaluating attack hazards of source-network-load system
CN108769062B (en) * 2018-06-26 2020-12-29 国网福建省电力有限公司 Defense method for multi-stage network attack of power information physical system
CN109191326B (en) * 2018-08-23 2021-11-30 东北大学 Attack party view angle-based network attack risk assessment method for CPS (control Performance Standard) mutual existence system of power distribution network
CN109299160B (en) * 2018-10-30 2021-10-29 东北大学 Power CPS security analysis method based on monitoring big data mining
CN109961172B (en) * 2018-12-28 2023-11-03 东南大学 CPS rare event probability prediction method based on statistical model test
CN110740143B (en) * 2019-11-22 2020-11-17 南京邮电大学 Network attack emergency coping method based on attack tracing
CN111563330B (en) * 2020-05-07 2023-08-04 东北大学 Information physical system security optimization analysis method based on zero and game countermeasures
CN112688315B (en) * 2020-12-16 2023-04-07 国网辽宁省电力有限公司经济技术研究院 Attack and defense system and method based on electric vehicle power distribution network information physical system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106953879A (en) * 2017-05-12 2017-07-14 中国人民解放军信息工程大学 The cyber-defence strategy choosing method of best response dynamics Evolutionary Game Model
CN107483486A (en) * 2017-09-14 2017-12-15 中国人民解放军信息工程大学 Cyber-defence strategy choosing method based on random evolution betting model

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7590589B2 (en) * 2004-09-10 2009-09-15 Hoffberg Steven M Game theoretic prioritization scheme for mobile ad hoc networks permitting hierarchal deference

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106953879A (en) * 2017-05-12 2017-07-14 中国人民解放军信息工程大学 The cyber-defence strategy choosing method of best response dynamics Evolutionary Game Model
CN107483486A (en) * 2017-09-14 2017-12-15 中国人民解放军信息工程大学 Cyber-defence strategy choosing method based on random evolution betting model

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
区域综合能源系统多主体非完全信息下的双层博弈策略;郝然等;《电力系统自动化》;20171223(第04期);全文 *
基于攻防演化博弈模型的防御策略选取方法;黄健明等;《通信学报》;20170125(第01期);全文 *
考虑有限理性的电力系统连锁故障多阶段动态博弈防御模型;丁明等;《电力自动化设备》;20170213(第02期);全文 *

Also Published As

Publication number Publication date
CN108182536A (en) 2018-06-19

Similar Documents

Publication Publication Date Title
CN108182536B (en) CPS security defense method for power distribution network based on finiteness
CN110138627B (en) A kind of edge side terminal security access strategy selection method based on security risk quantization
CN106101252B (en) Information Security Risk guard system based on big data and trust computing
CN109617706B (en) Industrial control system protection method and industrial control system protection device
CN105933316B (en) The determination method and apparatus of network security level
CN107454105A (en) A kind of multidimensional network safety evaluation method based on AHP and grey correlation
CN113392919B (en) Deep belief network DBN detection method of attention mechanism
CN109217296A (en) A kind of power grid key node discrimination method based on weighting trend entropy and voltage stabilization
CN107347066A (en) A kind of function equivalence body isomery degree maximizes dispatching method and device
CN105512783A (en) Comprehensive evaluation method used for loop-opening scheme of electromagnetic looped network
CN115049270B (en) Power system risk assessment method considering network attack success probability of transformer substation
CN108985566B (en) Electric power information physical fusion system elastic lifting strategy solving method
CN114330750B (en) Method for detecting federated learning poisoning attack
CN114926014A (en) Secret attack risk assessment method applied to power system
CN109871711A (en) The shared distribution risk control model of ocean big data and method
CN112422552B (en) Attack and defense evolution method under DoS attack of uplink channel in micro-grid secondary control
CN106067872B (en) The determination method and apparatus of network safe state
Li et al. Research on risk prevention and control strategy of power grid CPS system based on intrusion tolerance
CN112437407A (en) Method and system for calculating initialized safety state of power internet of things wireless terminal equipment based on mixed information entropy
CN115842681B (en) Risk assessment method and related device for public and private interactive power service system
Hu Mathematical model construction of communication security assessment method based on TST switching network matrix
CN115801460B (en) Power distribution information physical system security risk assessment method considering network attack vulnerability
Xiao et al. Research on Intelligent Dynamic Honeynet Technology for Power Industrial Control System
CN108011784A (en) A kind of dynamic optimization method of the worst connectivity of network
POLAT et al. AN EXAMINATION OF THE US-CHINA TRADE WAR WITHIN THE FRAMEWORK OF GAME THEORY

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant