CN108196448A - False data injection attacks method based on inaccurate mathematical model - Google Patents
False data injection attacks method based on inaccurate mathematical model Download PDFInfo
- Publication number
- CN108196448A CN108196448A CN201711423638.6A CN201711423638A CN108196448A CN 108196448 A CN108196448 A CN 108196448A CN 201711423638 A CN201711423638 A CN 201711423638A CN 108196448 A CN108196448 A CN 108196448A
- Authority
- CN
- China
- Prior art keywords
- sensor reading
- false
- mathematical model
- false data
- controlled device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B13/00—Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion
- G05B13/02—Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric
- G05B13/04—Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric involving the use of models or simulators
- G05B13/042—Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric involving the use of models or simulators in which a parameter or coefficient is automatically adjusted to optimise the performance
Abstract
The present invention provides a kind of false data injection attacks method based on inaccurate mathematical model, the performance of control system can be successfully destroyed, without being detected by the detector.Sensor reading and control instruction are stolen in network channel, pick out the inaccurate mathematical model parameter of controlled device, according to the inaccurate mathematical model parameter of identification and the sensor reading and control instruction, design false data attack sequence, the false data attack sequence is injected into sensor reading and forms false sensor reading, the false sensor reading is transferred to controller, whether controller has unusual condition, and generate control instruction according to false sensor reading and send controlled device to according to false sensor reading come detecting system.The present invention is suitable for protection effect of the test control system for false data injection attacks, and the design for defence method provides means of testing.
Description
Technical field
The present invention relates to a kind of false data injection attacks methods based on inaccurate mathematical model, belong to control system peace
Full field is the design of defence method suitable for test information physical system for the protection effect of false data injection attacks
Means of testing is provided.
Background technology
Information physical system is that computing resource cooperates with being closely integrated for physical resource with depth, has a wide range of applications neck
Domain, such as:Intelligent grid, intelligent transportation, Chemical Engineering Process Control, health care etc..With the extensive use of information physical system,
Particularly in the application of critical infrastructures so that the key that safety problem becomes the development of constraint information physical system is asked
Topic.It can be in network channel by network traffic, attacker between controller and controlled device in information physical system
In steal sensor reading and control instruction, by analyzing and being calculated the mathematical model of controlled device, then design is concealed
Attack destroys the performance of control system, without being detected by the detector.Common Stealthier Attacks mainly has:False data injection is attacked
Hit, Replay Attack, zero dy namics attack etc..
In recent years, the research of false data injection attacks mainly has:Design false data injection attacks sensor reading;If
The encoder matrix of flowmeter sensor reading, active detecting false data injection attacks;Analyze performance and the constraint of ε-Stealthier Attacks.Weight
The research for putting attack mainly has:White Gaussian noise is added in control instruction, improves the verification and measurement ratio of Replay Attack;Design optimal control
Strategy is made to weigh the verification and measurement ratio of the performance of control system and Replay Attack.The research of zero dy namics attack mainly has:For not true
Determine information physical system, design Robust Zero dynamic attacks;By changing system structure, the attack of active detecting zero dy namics.
At present, common false data injection attacks are mainly based upon accurate mathematical model, and attacker is according to accurate
Design of Mathematical Model attack sequence successfully destroys the performance of control system, without being detected by the detector.However, it is controlled in the modern times
Usually there is higher-dimension, random noise, attacker is difficult to establish accurate mathematical model in system processed.
Invention content
In view of this, the present invention provides a kind of false data injection attacks method based on inaccurate mathematical model, can
Success destroys the performance of control system, without being detected by the detector.
A kind of false data injection attacks method based on inaccurate mathematical model, includes the following steps:
Sensor reading and control instruction are stolen in network channel, picks out the inaccurate mathematical model ginseng of controlled device
Number, according to the inaccurate mathematical model parameter of identification and the sensor reading and control instruction, design false data attack
The false data attack sequence is injected into sensor reading and forms false sensor reading by sequence, by the false biography
Sensor reading is transferred to controller, and whether controller has a unusual condition according to false sensor reading come detecting system, and according to
False sensor reading generation control instruction sends controlled device to.
Further, the false data attack sequence uses the following formula:
Wherein, Aa、Ba、CaIt is the inaccurate mathematical model parameter of the controlled device picked out, yc(k) it is controlled device
Real sensor reading,Be attacker under fire after state estimation, uc(k-1) be control system under fire after
Controller sends the control instruction of controlled device to, and γ (k) is that zero-mean covariance matrix is PzaWhite Gaussian noise, wherein
Pza=CaPa(k|k-1)Ca T+Ra, Pa(k | k-1) represent that k-1 moment evaluated errors covariance matrix predicts the evaluated error at k moment
Covariance matrix, RaIt is the covariance matrix of the measurement noise of the controlled device picked out.
Beneficial effects of the present invention:
1st, attacker steals sensor reading and control instruction in network channel, picks out the inaccurate number of controlled device
Model parameter is learned, false data attack sequence is designed according to inaccurate mathematical model parameter, reduces being calculated as attacker
This
2nd, the false data attack sequence that attacker designs according to inaccurate mathematical model parameter, after can causing attack
Control system residual error is small as possible, successfully hides the testing mechanism of control system.
3rd, the present invention is suitable for protection effect of the test information physical system for false data injection attacks, is defender
The design of method provides means of testing, there is very important meaning in practical applications.
Description of the drawings
Fig. 1 is false data injection attacks control system architecture figure of the present invention.
Specific embodiment
The present invention will now be described in detail with reference to the accompanying drawings and examples.
The present invention provides a kind of false data injection attacks method based on inaccurate mathematical model, the designs of this method
Principle is:With the angle of attacker, according to the inaccurate Design of Mathematical Model false data attack sequence of identification, it is intended to destroy control
The performance of system processed, without being detected by the detector.
It is linear discrete time-invariable system firstly the need of the plant model illustrated in the present invention
Wherein, x (k) ∈ RnIt is state vector, u (k) ∈ RmIt is input vector, y (k) ∈ RqIt is output vector, ω (k) and υ
(k) white Gaussian noise that zero-mean covariance is Q and R respectively, n, m are independent from each other, q represents state vector, input respectively
The dimension of vector, output vector, A, B, C are respectively the model parameter of controlled device, and k represents the time of running.
Definition status is estimated:
Wherein,Kalman filtering gain K (k) is asked by the following formula
Solution:
Define residual error:
Residual error is that zero-mean covariance is PzWhite Gaussian noise
Pz=CP (k | k-1) CT+R (5)
STATE FEEDBACK CONTROL strategy:
Wherein, L controls to obtain by Linear-Quadratic-Gauss.
Chi-square statistic device is the detector based on residual error, the abnormal conditions being widely used in detecting and controlling system, detection
Amount is:
Wherein, g (k) is the χ that degree of freedom is m τ2Distribution, τ is window size.If g (k) is bigger than threshold value η, χ2Detector meeting
Alarm is triggered, verification and measurement ratio is:
β (k)=P (g (k) > η) (8)
As shown in Figure 1, the false data injection attacks method of the present invention carries out in the following way:
Step 1:Attacker steals a series of sensor readings and control instruction in network channel, by analyzing and counting
Calculation show that the mathematical model of controlled device is:
Wherein, xa(k)∈RnIt is state vector, ya(k)∈RqIt is output vector, ωa(k) be zero-mean covariance it is Qa's
White Gaussian noise.
Definition status is estimated:
Kalman filtering gain Ka(k) calculating formula is:
Defining residual error is:
Residual error is that zero-mean covariance matrix is PzaWhite Gaussian noise
Pza=CaPa(k|k-1)Ca T+Ra (13)
Step 2: attacker according to the inaccurate mathematical model of identification and the sensor reading stolen in network channel and
Control instruction, design false data attack sequence are injected into sensor reading, and false data attack sequence is:
Wherein, yc(k) be controlled device real sensor reading, uc(k-1) it is control after control system is attacked
Instruction, γ (k) are that zero-mean covariance is PzaWhite Gaussian noise,It is the state after attacker's system is attacked
Estimated value:
According to (6), (15) can be converted into the following formula:
Step 3: after control system is attacked, system dynamic is:
Controller is according to false sensor readingWhether carry out detecting system has a unusual condition, and according toIt is raw
Controlled device is sent into control instruction.
State estimation after control system is attacked is:
Define the evaluated error after control system is attacked:
It is combined by (16), (18) and (19):
Wherein, E [] represents it is expected, M=[KCA+ (KCaBa-KCB)L-KCaAa]
If A is unstable, then E [Δ xc(k)] it is diverging, ifStablize, thenIt is convergent.
Residual error after control system is attacked is:
It can be obtained according to (20) and (21):
Wherein,
When stablizing,Covariance converge to following matrix:
Wherein, X is the solution of following Lyapunov Equation
It is independent from each other with γ (k), therefore residual error zc(k) it is zero mean Gaussian white noise, covariance square
Battle array meets situations below:
The mathematic expectaion of g (k) is:
Wherein tr represents the mark of matrix.
G after being attackedc(k) mathematic expectaion is:
It is obtained with reference to (25),
Therefore, the verification and measurement ratio after attack:
Therefore, existStablize, A it is unstable andIn the case of, evaluated error is diverging, is detected
Rate is lower than setting false alarm rate, i.e., attacker can successfully destroy the performance of control system, without being detected by the detector.
In conclusion the foregoing is merely a prefered embodiment of the invention, it is not intended to limit the scope of the present invention.
All within the spirits and principles of the present invention, any modification, equivalent substitution, improvement and etc. done should be included in the present invention's
Within protection domain.
Claims (2)
- A kind of 1. false data injection attacks method based on inaccurate mathematical model, which is characterized in thatSensor reading and control instruction are stolen in network channel, picks out the inaccurate mathematical model parameter of controlled device, According to the inaccurate mathematical model parameter of identification and the sensor reading and control instruction, false data attack sequence is generated The false data attack sequence is injected into sensor reading and forms false sensor reading by row, by the false sensing Device reading is transferred to controller, and whether controller has unusual condition, and according to void according to false sensor reading come detecting system False sensor reading generation control instruction sends controlled device to.
- 2. a kind of false data injection attacks method based on inaccurate mathematical model as described in claim 1, feature exist In the false data attack sequence uses the following formula:Wherein, Aa、Ba、CaIt is the inaccurate mathematical model parameter of the controlled device picked out, yc(k) be controlled device practical biography Sensor reading,Be attacker under fire after state estimation, uc(k-1) it is control system under fire rear controller Send the control instruction of controlled device to, γ (k) is that zero-mean covariance matrix is PzaWhite Gaussian noise, wherein Pza=CaPa (k|k-1)Ca T+Ra, Pa(k | k-1) represent that k-1 moment evaluated errors covariance matrix predicts the evaluated error covariance at k moment Matrix, RaIt is the covariance matrix of the measurement noise of the controlled device picked out.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711423638.6A CN108196448A (en) | 2017-12-25 | 2017-12-25 | False data injection attacks method based on inaccurate mathematical model |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711423638.6A CN108196448A (en) | 2017-12-25 | 2017-12-25 | False data injection attacks method based on inaccurate mathematical model |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108196448A true CN108196448A (en) | 2018-06-22 |
Family
ID=62583840
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711423638.6A Pending CN108196448A (en) | 2017-12-25 | 2017-12-25 | False data injection attacks method based on inaccurate mathematical model |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108196448A (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109361678A (en) * | 2018-11-05 | 2019-02-19 | 浙江工业大学 | A kind of intelligent network connection automobile automatic cruising system false data detection method for injection attack |
CN109375514A (en) * | 2018-11-30 | 2019-02-22 | 沈阳航空航天大学 | A kind of optimal track control device design method when the injection attacks there are false data |
CN109670302A (en) * | 2018-12-19 | 2019-04-23 | 浙江工业大学 | A kind of classification method of the false data injection attacks based on SVM |
CN109814381A (en) * | 2019-01-08 | 2019-05-28 | 华东理工大学 | A kind of Controller Design for Networked Control Systems method based on event triggering |
CN109873833A (en) * | 2019-03-11 | 2019-06-11 | 浙江工业大学 | A kind of Data Injection Attacks detection method based on chi-Square measure KNN |
CN110855683A (en) * | 2019-11-18 | 2020-02-28 | 东北电力大学 | Method for carrying out attack detection and reconstruction on electric power information physical system |
CN110865616A (en) * | 2019-11-07 | 2020-03-06 | 河南农业大学 | Design method of event trigger zone memory DOF controller under random FDI attack |
CN111079271A (en) * | 2019-12-02 | 2020-04-28 | 浙江工业大学 | Industrial information physical system attack detection method based on system residual fingerprint |
CN111208731A (en) * | 2020-01-12 | 2020-05-29 | 东北电力大学 | Method for carrying out attack detection and reconstruction on electric power information physical system |
CN111698257A (en) * | 2020-06-17 | 2020-09-22 | 武汉科技大学 | Industrial information physical system security detection method for multi-class malicious attacks |
CN111708350A (en) * | 2020-06-17 | 2020-09-25 | 华北电力大学(保定) | Hidden false data injection attack method for industrial control system |
CN112327632A (en) * | 2020-11-23 | 2021-02-05 | 哈尔滨理工大学 | Multi-agent system tracking control method for false data injection attack |
TWI777117B (en) * | 2020-01-02 | 2022-09-11 | 財團法人資訊工業策進會 | Device, method and non-transitory tangible machine-readable medium for testing a cyber defense mechanism of a device under test |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102522743A (en) * | 2011-11-08 | 2012-06-27 | 西安交通大学 | Method for defending false-data injection attack in direct-current state estimation of electrical power system |
CN102761122A (en) * | 2012-07-06 | 2012-10-31 | 华北电力大学 | Defense method of false data injection attack of power state estimation system |
CN104573510A (en) * | 2015-02-06 | 2015-04-29 | 西南科技大学 | Smart grid malicious data injection attack and detection method |
CN106099920A (en) * | 2016-07-13 | 2016-11-09 | 武汉大学 | A kind of modern power transmission network false data attack method based on parameter estimation |
CN107016236A (en) * | 2017-03-23 | 2017-08-04 | 新疆电力建设调试所 | Power network false data detection method for injection attack based on non-linear measurement equation |
-
2017
- 2017-12-25 CN CN201711423638.6A patent/CN108196448A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102522743A (en) * | 2011-11-08 | 2012-06-27 | 西安交通大学 | Method for defending false-data injection attack in direct-current state estimation of electrical power system |
CN102761122A (en) * | 2012-07-06 | 2012-10-31 | 华北电力大学 | Defense method of false data injection attack of power state estimation system |
CN104573510A (en) * | 2015-02-06 | 2015-04-29 | 西南科技大学 | Smart grid malicious data injection attack and detection method |
CN106099920A (en) * | 2016-07-13 | 2016-11-09 | 武汉大学 | A kind of modern power transmission network false data attack method based on parameter estimation |
CN107016236A (en) * | 2017-03-23 | 2017-08-04 | 新疆电力建设调试所 | Power network false data detection method for injection attack based on non-linear measurement equation |
Non-Patent Citations (2)
Title |
---|
PANG ZHONGHUA等: "False Data Injection Attacks for Output Tracking Control Systems", 《PROCEEDINGS OF THE 34TH CHINESE CONTROL CONFERENCE》 * |
侯方圆: "输出跟踪控制系统的虚假数据注入攻击设计", 《中国优秀硕士学位论文全文库 信息科技辑》 * |
Cited By (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109361678A (en) * | 2018-11-05 | 2019-02-19 | 浙江工业大学 | A kind of intelligent network connection automobile automatic cruising system false data detection method for injection attack |
CN109361678B (en) * | 2018-11-05 | 2021-10-12 | 浙江工业大学 | False data injection attack detection method for intelligent networked automobile automatic cruise system |
CN109375514A (en) * | 2018-11-30 | 2019-02-22 | 沈阳航空航天大学 | A kind of optimal track control device design method when the injection attacks there are false data |
CN109670302A (en) * | 2018-12-19 | 2019-04-23 | 浙江工业大学 | A kind of classification method of the false data injection attacks based on SVM |
CN109670302B (en) * | 2018-12-19 | 2023-04-18 | 浙江工业大学 | SVM-based classification method for false data injection attacks |
CN109814381A (en) * | 2019-01-08 | 2019-05-28 | 华东理工大学 | A kind of Controller Design for Networked Control Systems method based on event triggering |
CN109814381B (en) * | 2019-01-08 | 2022-07-12 | 华东理工大学 | Network control system controller design method based on event triggering |
CN109873833A (en) * | 2019-03-11 | 2019-06-11 | 浙江工业大学 | A kind of Data Injection Attacks detection method based on chi-Square measure KNN |
CN109873833B (en) * | 2019-03-11 | 2021-08-03 | 浙江工业大学 | Data injection attack detection method based on chi-square distance KNN |
CN110865616B (en) * | 2019-11-07 | 2020-09-25 | 河南农业大学 | Design method of event trigger zone memory DOF controller under random FDI attack |
CN110865616A (en) * | 2019-11-07 | 2020-03-06 | 河南农业大学 | Design method of event trigger zone memory DOF controller under random FDI attack |
CN110855683B (en) * | 2019-11-18 | 2021-08-10 | 东北电力大学 | Method for carrying out attack detection and reconstruction on electric power information physical system |
CN110855683A (en) * | 2019-11-18 | 2020-02-28 | 东北电力大学 | Method for carrying out attack detection and reconstruction on electric power information physical system |
CN111079271A (en) * | 2019-12-02 | 2020-04-28 | 浙江工业大学 | Industrial information physical system attack detection method based on system residual fingerprint |
CN111079271B (en) * | 2019-12-02 | 2024-03-22 | 浙江工业大学 | Industrial information physical system attack detection method based on system residual fingerprint |
TWI777117B (en) * | 2020-01-02 | 2022-09-11 | 財團法人資訊工業策進會 | Device, method and non-transitory tangible machine-readable medium for testing a cyber defense mechanism of a device under test |
CN111208731A (en) * | 2020-01-12 | 2020-05-29 | 东北电力大学 | Method for carrying out attack detection and reconstruction on electric power information physical system |
CN111208731B (en) * | 2020-01-12 | 2022-05-24 | 东北电力大学 | Method for attack detection and reconstruction of electric power information physical system |
CN111698257A (en) * | 2020-06-17 | 2020-09-22 | 武汉科技大学 | Industrial information physical system security detection method for multi-class malicious attacks |
CN111708350A (en) * | 2020-06-17 | 2020-09-25 | 华北电力大学(保定) | Hidden false data injection attack method for industrial control system |
CN112327632A (en) * | 2020-11-23 | 2021-02-05 | 哈尔滨理工大学 | Multi-agent system tracking control method for false data injection attack |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108196448A (en) | False data injection attacks method based on inaccurate mathematical model | |
US10817394B2 (en) | Anomaly diagnosis method and anomaly diagnosis apparatus | |
Kurt et al. | Online cyber-attack detection in smart grid: A reinforcement learning approach | |
Ahmed et al. | Noise matters: Using sensor and process noise fingerprint to detect stealthy cyber attacks and authenticate sensors in cps | |
Ahmed et al. | Noiseprint: Attack detection using sensor and process noise fingerprint in cyber physical systems | |
Amin et al. | Cyber security of water SCADA systems—Part II: Attack detection using enhanced hydrodynamic models | |
CN108803565B (en) | Real-time detection method and device for industrial control system hidden attack | |
Shoukry et al. | Secure state reconstruction in differentially flat systems under sensor attacks using satisfiability modulo theory solving | |
CN111079271B (en) | Industrial information physical system attack detection method based on system residual fingerprint | |
CN108494802A (en) | Key message infrastructure security based on artificial intelligence threatens Active Defending System Against | |
CN110889862B (en) | Combined measurement method for multi-target tracking in network transmission attack environment | |
Griffioen et al. | An optimal design of a moving target defense for attack detection in control systems | |
CN108234430B (en) | Abnormal flow monitoring method for distributed control system | |
Li et al. | Security estimation under denial-of-service attack with energy constraint | |
CN109936568B (en) | Malicious attack prevention sensor data acquisition method based on recurrent neural network | |
Shafique et al. | Intelligent security measures for smart cyber physical systems | |
Eyisi et al. | Energy-based attack detection in networked control systems | |
Zhu et al. | Revisit dynamic arima based anomaly detection | |
CN111698257A (en) | Industrial information physical system security detection method for multi-class malicious attacks | |
WO2022015246A1 (en) | Method and system for characterising a programmable logic controller (plc) and/or attack detection in a networked control system | |
CN107273728B (en) | Smart watch unlocking and authentication method based on motion sensing behavior characteristics | |
Koley et al. | Formal synthesis of monitoring and detection systems for secure cps implementations | |
CN115022031A (en) | Security consistency control method for solving influence of FDI attack on multi-agent system | |
Mboweni et al. | A machine learning approach to intrusion detection in water distribution systems–A review | |
Bonczek et al. | Detection of hidden attacks on cyber-physical systems from serial magnitude and sign randomness inconsistencies |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180622 |
|
WD01 | Invention patent application deemed withdrawn after publication |