CN113242209B - Generalized accumulation and detection method for false data injection attack of smart grid - Google Patents
Generalized accumulation and detection method for false data injection attack of smart grid Download PDFInfo
- Publication number
- CN113242209B CN113242209B CN202110378252.8A CN202110378252A CN113242209B CN 113242209 B CN113242209 B CN 113242209B CN 202110378252 A CN202110378252 A CN 202110378252A CN 113242209 B CN113242209 B CN 113242209B
- Authority
- CN
- China
- Prior art keywords
- attack
- representing
- state
- grid
- detection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 55
- 238000002347 injection Methods 0.000 title claims abstract description 26
- 239000007924 injection Substances 0.000 title claims abstract description 26
- 238000009825 accumulation Methods 0.000 title claims abstract description 18
- 238000000034 method Methods 0.000 claims abstract description 28
- 238000005259 measurement Methods 0.000 claims description 15
- 239000011159 matrix material Substances 0.000 claims description 12
- 230000008569 process Effects 0.000 claims description 5
- 230000006870 function Effects 0.000 claims description 4
- 230000026676 system process Effects 0.000 claims description 4
- 238000005070 sampling Methods 0.000 claims description 3
- 230000007704 transition Effects 0.000 claims description 3
- 238000000354 decomposition reaction Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 4
- 230000007547 defect Effects 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 108010076504 Protein Sorting Signals Proteins 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013135 deep learning Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 230000003211 malignant effect Effects 0.000 description 1
- 230000002787 reinforcement Effects 0.000 description 1
- 238000012549 training Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/142—Network analysis or design using statistical or mathematical methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Probability & Statistics with Applications (AREA)
- Physics & Mathematics (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Supply And Distribution Of Alternating Current (AREA)
Abstract
The invention discloses a generalized accumulation and detection method for false data injection attack of a smart grid, which is characterized in that a discrete time dynamic model for state estimation of the smart grid is established by utilizing an acquired power grid topological structure, a historical system state estimation value and line parameter data, the system state is estimated in real time by adopting an iterative least square estimation method as an estimation method, and the state characteristic of the system at the next moment is predicted by adopting a fractional calculus theory in combination with the estimation value of the power grid at the past moment. The method can detect false data injection attacks of the smart grid, has higher detection precision and higher detection speed compared with the prior art, and ensures safe control and stable operation of the power grid.
Description
Technical Field
The invention belongs to the field of information security of a smart power grid, and particularly relates to a generalized accumulation and detection method for false data injection attacks of the smart power grid.
Background
The smart grid achieves the goals of reliability, safety, economy and high efficiency of the grid through advanced measurement sensing equipment and an advanced control method. However, in recent years, the vulnerability of the smart grid is exposed due to frequent occurrence of malignant network attacks at home and abroad, and an alarm clock is sounded for enhancing the information security construction of the smart grid. Particularly, false data injection attack utilizes a vulnerability of a bad detection method in a power grid to covertly tamper a measurement value and a state variable of the power grid, and the safe and stable operation of the power grid is seriously damaged. Therefore, how to design effective detection of false data injection attack to ensure safe control and stable operation of the power grid has important engineering application value.
At present, the mainstream method for detecting false data injection attacks of the smart grid mainly comprises the following steps: (1) the detection method based on the comparison between the residual error detection principle and the set threshold has the defects of low detection precision, low detection efficiency, high false alarm rate and the like; (2) based on the artificial intelligence attack detection methods such as deep learning and reinforcement learning, the artificial intelligence method has the defects of complex adjustable parameters and low calculation efficiency, and simultaneously needs a large amount of data for training. The prior art is difficult to completely meet the requirement of quickly and accurately detecting false injection attacks of the smart grid.
The general accumulation and detection method is based on sequential probability ratio detection, utilizes current and recent process data to detect a signal sequence with little mean or variance change, has been successfully applied to network abnormal flow detection and fault detection, but is rarely applied to false data injection attack detection of a smart grid. The problem of detecting false data injection attacks of the smart grid can be regarded as abnormal detection in nature. However, at present, how to combine the dynamic characteristics of the power grid and the generalized accumulation and detection method is also one of the key technologies which need to be solved urgently in the academic circles at home and abroad.
Disclosure of Invention
The invention aims to provide a generalized accumulation and detection method for false data injection attacks of a smart grid aiming at the defects of the prior art.
The purpose of the invention is realized by the following technical scheme: a generalized accumulation and detection method for false data injection attacks of a smart grid comprises the following steps:
(1) and acquiring power grid data.
(2) And establishing a discrete time dynamic model of the state estimation of the intelligent power grid.
(3) And setting initialization parameters.
(4) And reading a current moment measurement value and a system historical state value, and predicting the state of the power grid under the condition of attack and non-attack respectively.
(5) And respectively calculating an attack vector estimation value, a generalized likelihood ratio and decision statistic at the current moment.
(6) And estimating the state of the power grid by adopting an iterative weighted least square method to obtain state estimation values of the current time under the non-attack condition and the attack condition.
(7) And judging whether the system receives the attack.
Further, in step (1), the grid data includes a grid topology, line parameters and historical state estimation values of the system.
Further, in step (2), the discrete-time dynamic model of the state estimation of the smart grid is:
xk=Akxk-1+vk (1)
zk=h(xk)+ωk (2)
where k denotes the sampling instant xkRepresenting the state of the system, including node voltage magnitude and voltage phase angle, AkRepresenting the system state transition matrix, vkAnd ωkRandom white noise, z, representing the system process noise and the observed noise, respectively, both obeying a normal distributionkRepresents the measured value, hkRepresenting a functional relationship between the state variable and the measured value.
Further, the system process noise and the observation noise are both subjected to normally distributed random white noise; the measured value zkThe method comprises node active power and reactive power, branch active power and reactive power.
Further, in step (3), the parameter includes a maximum value t of a system operation time windowmaxDecision statistic gkAttack detection threshold afAn attack amplitude threshold lambda and an attack generation time tau.
Further, in the step (4), predicting the state of the power grid specifically includes:
whereinWherein,andrespectively representing the predicted values of the states in the case of no attack and in the case of attack,andrespectively representing the state estimates at time k-1, A, in the absence of an attack and in the presence of an attackkPredicted by fractional calculus theory, whereinα1,α2,…,αnRepresenting a fractional order; x is the number ofk-1,…,xk-wIs the system historical state value.
Further, the step (5) is specifically as follows:
gk=max((gk-1+βk),0) (8)
Wherein,representing the estimated value of the attack vector at time k,represents the attack magnitude estimation of the D-th measured value at time k, D is 1,2, …, D represents the measured quantity; e.g. of the typek,dIndicating the error between the measured value at the d-th time and the predicted value,set representing sequence numbers of attacked measurement tables, p0And pfProbability density functions representing the measurement values in the case of no attack and in the case of attack, respectively; beta is akRepresenting a generalized likelihood ratio, gkRepresenting the decision statistic.
Further, in step (6), the system state vector x is passedcThrough the same process, the state estimation values of the current time under the condition of no attack and under the condition of attack are obtainedAndthe method comprises the following substeps:
(6.1) starting iteration, and setting the maximum iteration number ImaxSetting the current iteration number c to be 0;
(6.2) initializing the System State vector xc;
(6.3) computing the gain matrix G (x)c),G(xc)=HT(xc)R-1H(xc) Wherein H (x)c) Representing a Jacobian matrix obtained from the state vector and the measurement vector, wherein R represents a weight matrix;
(6.4) according to equation [ G (x)c)]Δxc+1=HT(xc)R-1(zk-h(xc) Where Δ x)c+1=xc+1-xcDecomposition of G (x)c) And calculates Δ xc;
(6.5) it is judged whether or not the termination condition, i.e. |. DELTA.x, is reachedc|<Epsilon or c>Imax;
(6.6) if the termination condition is not satisfied, updating xc+1=xc+ΔxcAnd c ═ c +1, jump to substep (6.3) until a termination condition is met.
Further, the step (7) is specifically:
If g isk>afIf yes, the system k is attacked at the current moment, and the detection is stopped; if g isk≤afJumping to step (4) until k>tmaxWhen the detection is finished, the detection is finished.
Compared with the prior art, the invention has the following beneficial effects:
1. according to the method, the state characteristic of the system at the next moment is predicted by using the fractional calculus theory, compared with a prediction method based on an integer order, the dynamic characteristic which is more in line with a power grid can be obtained, and the state of the system can be estimated on line in real time by combining an iterative weighted least square method;
2. the method adopts generalized accumulation as a detection tool, has high detection speed and high detection precision, can accumulate errors generated by attacks, and reduces the false alarm rate;
3. the invention has higher detection precision and higher detection speed, and ensures the safe control and stable operation of the power grid.
Drawings
FIG. 1 is a block diagram of an IEEE-30 node power system embodying the present invention;
FIG. 2 is a schematic diagram of an implementation process of a generalized accumulation and detection method for false data injection attacks on a smart grid;
fig. 3 is a schematic diagram of the detection result of the spurious data injection attack considering 253 different situations in the embodiment of the present invention.
Detailed Description
The purpose and effect of the present invention will be more apparent from the following further description of the present invention with reference to the accompanying drawings.
Taking the IEEE-30 node power system shown in fig. 1 as an example, the generalized accumulation and detection method for false data injection attacks on the smart grid of the invention includes the following steps, as shown in fig. 2, by acquiring a power system measurement data set through MATPOWER software:
(1) acquiring power grid data: grid topology (including pre-line connection status, switch open condition) and line parameters (including line admittance, to earth susceptance) and historical state estimates for the system.
(2) Establishing a discrete time dynamic model of state estimation of the intelligent power grid:
xk=Akxk-1+vk (1)
zk=h(xk)+ωk (2)
where k denotes the sampling instant xkRepresenting the state of the system, i.e. the node voltage amplitude and the voltage phase angle, AkRepresenting the system state transition matrix, vkAnd ωkRespectively representing the process noise and the observation noise of the system at the moment k, wherein the random white noise is in normal distribution; z is a radical ofkThe representation measurement values comprise node active power and reactive power, branch active power and reactive power; h represents a functional relationship between the state variable and the measured value.
(3) Setting initialization parameters: maximum value t of system operation time window max50, decision statistic gkAttack detection threshold a of 0f=104The attack amplitude threshold λ is 0.18, and the attack generation time τ is 25.
(4) Read the current time k (k ═ 1, 2.., t)max) Measured value zkAnd system historical state value xk-1,…,xk-wAnd according to the formulas (3) to (5), predicting the state of the power grid under the condition of attack and non-attack respectively.
Wherein,andrespectively representing the predicted values of the states in the case of no attack and in the case of attack,andrespectively representing state estimation values of k-1 time under a non-attack condition and under an attack condition; a. thekPredicted by fractional calculus theory, whereinα1,α2,…,αnRepresenting a fractional order; w is 1 to k.
(5) Respectively calculating attack vector estimation values at k moment according to formulas (6) to (8)Generalized likelihood ratio betakAnd decision statistic gk:
gk=max((gk-1+βk),0) (8)
Wherein,represents the attack amplitude estimation of the D-th measured value at time k, D is 1,2, …, D represents the measured quantity, D is 254; e.g. of the typek,dThe error between the d-th measured value and the measured predicted value at the time k is shown; sup is an upper limit function;set representing sequence numbers of the attacked measurement table at time k, p0And pfRepresenting the probability density function of the measurement values in the case of no attack and with attack, respectively.
(6) Estimating the state of the power grid by adopting an iterative weighted least square method to obtain state estimation values under the condition of no attack and under the condition of attack at the current momentAndthe method comprises the following substeps:
(6.1) starting iteration, and setting the maximum iteration number Imax100, the error tolerance parameter ε is 10-6And sets the current iteration number c to 0.
(6.3) computing the gain matrix G (x)c):
G(xc)=HT(xc)R-1H(xc)
Wherein, H (x)c) Representing a Jacobian matrix derived from the state vector and the measurement vector, and R representing a weight matrix.
(6.4) according to equation [ G (x)c)]Δxc+1=HT(xc)R-1(zk-h(xc) Decompose G (x)c) And calculates Δ xcWherein Δ xc+1=xc+1-xc。
(6.5) it is judged whether or not the termination condition, i.e. |. DELTA.x, is reachedc|<Epsilon or c>ImaxAnd epsilon is a preset precision parameter.
(6.6) if the termination condition is not satisfied, updating xc+1=xc+ΔxcAnd c ═ c +1, jump to substep (6.3) until a termination condition is met.
(8) If g isk>afIf so, the attack detection time is k, and the system starts an early warning signal and stops detection; otherwise if gk≤afJumping to the step (4) until k>tmaxWhen the detection is finished, the attack is not detected.
Fig. 3 is a schematic diagram of a detection result of a false data injection attack considering 253 different situations in this embodiment, and it can be seen from fig. 3 that, at an attack time, under 253 different attacks, corresponding decision statistics are all greater than a set threshold, which illustrates that whether an attack exists can be immediately detected by using the method of the present invention, and an early warning signal is sent. By adopting the technology of the invention to analyze the operation experiment result of the smart grid, the following can be found: the method and the device can detect false data injection attacks in the smart grid, have shorter detection time, higher detection precision and lower false alarm rate compared with the prior art, and can better ensure the safe control and stable operation of the power grid.
In summary, the detection of false data injection attack on the smart grid can be realized by adopting the method and the device, and the method and the device have the following advantages that the prior art does not have: the system state can be estimated on line in real time, and the estimation precision is higher; the detection efficiency is higher, the detection precision is higher, the false alarm rate is lower, and the safety control and the stable operation of the power grid are ensured.
Claims (7)
1. A generalized accumulation and detection method for false data injection attacks of a smart grid is characterized by comprising the following steps:
(1) acquiring power grid data;
(2) establishing a discrete time dynamic model of state estimation of the intelligent power grid;
(3) setting initialization parameters;
(4) reading a current moment measurement value and a system historical state value, and predicting the state of the power grid under the condition of attack and non-attack respectively, wherein the method specifically comprises the following steps:
whereinWherein,andrespectively representing the predicted values of the states in the case of no attack and in the case of attack,andrespectively representing state estimation values of k-1 time under a non-attack condition and under an attack condition; a. thekRepresenting a system state transition matrix, and predicting by a fractional calculus theory; whereinα1,α2,…,αnRepresenting a fractional order; x is the number ofk-1,…,xk-wIs a system historical state value;
(5) respectively calculating an attack vector estimation value, a generalized likelihood ratio and decision statistics at the current moment;
(6) estimating the state of the power grid by using an iterative weighted least square method and passing a system state vector xcThrough the same process, the state estimation values of the current moment under the condition of no attack and under the condition of attack are obtainedAndthe method comprises the following substeps:
(6.1) starting iteration, and setting the maximum iteration number ImaxSetting the current iteration number c to be 0;
(6.2) initializing the System State vector xc;
(6.3) computing the gain matrix G (x)c),G(xc)=HT(xc)R-1H(xc) Wherein H (x)c) Representing a Jacobian matrix obtained from the state vector and the measurement vector, wherein R represents a weight matrix;
(6.4) according to equation [ G (x)c)]Δxc+1=HT(xc)R-1(zk-H(xc) Where Δ x) isc+1=xc+1-xcDecomposition of G (x)c) And calculates Δ xc+1;
(6.5) it is judged whether or not the termination condition, i.e. |. DELTA.x, is reachedc+1|<Epsilon or c>Imax;
(6.6) if the termination condition is not satisfied, updating xc+1=xc+Δxc+1And c ═ c +1, jump to substep (6.3) until a termination condition is met;
(7) and judging whether the system receives the attack.
2. The generalized accumulation and detection method of smart-grid false-data injection attacks according to claim 1, wherein in step (1), the grid data comprises grid topology, line parameters and historical state estimates of the system.
3. The generalized accumulation and detection method for false data injection attacks on smart grid according to claim 2, wherein in the step (2), the discrete-time dynamic model of state estimation on smart grid is:
xk=Akxk-1+vk (1)
zk=h(xk)+ωk (2)
where k denotes the sampling instant, xkRepresenting the state of the system, including node voltage magnitude and voltage phase angle, vkAnd ωkRandom white noise, z, representing the system process noise and the observed noise, respectively, both obeying a normal distributionkRepresents the measured value, hkRepresenting a functional relationship between the state variables and the measured values.
4. The generalized accumulation and detection method for the smart-grid false-data injection attack as claimed in claim 3, wherein the system process noise and the observed noise both obey normally distributed random white noise; the measured value zkThe method comprises node active power and reactive power, branch active power and reactive power.
5. The generalized accumulation and detection method for the false data injection attack of the smart grid according to claim 1, wherein in the step (3), the parameter comprises a maximum value t of a system operation time windowmaxDecision statistic gkAttack detection threshold afAn attack amplitude threshold lambda and an attack generation time tau.
6. The generalized accumulation and detection method for the smart grid false data injection attack as claimed in claim 1, wherein the step (5) is specifically:
gk=max((gk-1+βk),0) (8)
wherein,representing the estimated value of the attack vector at time k,represents the attack magnitude estimation of the D-th measured value at time k, D is 1,2, …, D represents the measured quantity; e.g. of the typek,dIndicating the error between the measured value at the d-th time and the predicted value,representing a set of attacked measurement table sequence numbers, p0And pfProbability density functions representing the measurement values in the case of no attack and in the case of attack, respectively; beta is akRepresenting a generalized likelihood ratio, gkRepresenting decision statistics.
7. The generalized accumulation and detection method for the smart grid false data injection attack as claimed in claim 1, wherein the step (7) is specifically:
If g isk>afIf yes, the system k is attacked at the current moment, and the detection is stopped; if g isk≤afJumping to the step (4) until k>tmaxWhen the detection is finished, the detection is finished.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110378252.8A CN113242209B (en) | 2021-04-08 | 2021-04-08 | Generalized accumulation and detection method for false data injection attack of smart grid |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110378252.8A CN113242209B (en) | 2021-04-08 | 2021-04-08 | Generalized accumulation and detection method for false data injection attack of smart grid |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113242209A CN113242209A (en) | 2021-08-10 |
CN113242209B true CN113242209B (en) | 2022-05-24 |
Family
ID=77131204
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110378252.8A Active CN113242209B (en) | 2021-04-08 | 2021-04-08 | Generalized accumulation and detection method for false data injection attack of smart grid |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113242209B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114123495A (en) * | 2021-11-11 | 2022-03-01 | 广东电网有限责任公司广州供电局 | Power grid information physical fusion attack detection method, device, equipment and storage medium |
CN115017499B (en) * | 2022-05-07 | 2023-04-28 | 燕山大学 | Smart power grid false data attack detection method based on robust state observer |
CN115134162B (en) * | 2022-07-15 | 2023-05-05 | 西南民族大学 | Method for detecting and compensating malicious threat of industrial control system and electronic equipment |
CN116915513B (en) * | 2023-09-14 | 2023-12-01 | 国网江苏省电力有限公司常州供电分公司 | False data injection attack detection method and device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104573510A (en) * | 2015-02-06 | 2015-04-29 | 西南科技大学 | Smart grid malicious data injection attack and detection method |
CN110035090A (en) * | 2019-05-10 | 2019-07-19 | 燕山大学 | A kind of smart grid false data detection method for injection attack |
CN110704838A (en) * | 2019-09-30 | 2020-01-17 | 浙江大学 | Malicious data injection attack detection method based on information physical fusion |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20200099252A1 (en) * | 2018-09-26 | 2020-03-26 | Abb Schweiz Ag | Secure distributed state estimation for networked microgrids |
-
2021
- 2021-04-08 CN CN202110378252.8A patent/CN113242209B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104573510A (en) * | 2015-02-06 | 2015-04-29 | 西南科技大学 | Smart grid malicious data injection attack and detection method |
CN110035090A (en) * | 2019-05-10 | 2019-07-19 | 燕山大学 | A kind of smart grid false data detection method for injection attack |
CN110704838A (en) * | 2019-09-30 | 2020-01-17 | 浙江大学 | Malicious data injection attack detection method based on information physical fusion |
Non-Patent Citations (1)
Title |
---|
输电网虚假数据攻击研究综述;王先培等;《电网技术》;20161105;第40卷(第11期);3406-3414 * |
Also Published As
Publication number | Publication date |
---|---|
CN113242209A (en) | 2021-08-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN113242209B (en) | Generalized accumulation and detection method for false data injection attack of smart grid | |
Chen et al. | A novel online detection method of data injection attack against dynamic state estimation in smart grid | |
CN110942109A (en) | PMU false data injection attack prevention method based on machine learning | |
CN110930265B (en) | Power system false data injection attack detection method based on ground displacement distance | |
CN110633761A (en) | Power system false data detection method based on improved Kalman filtering | |
CN112884237A (en) | Power distribution network prediction auxiliary state estimation method and system | |
US20230050490A1 (en) | Systems and Methods for Malicious Attack Detection in Phasor Measurement Unit Data | |
Basiri et al. | Kalman filter based secure state estimation and individual attacked sensor detection in cyber-physical systems | |
CN110704838A (en) | Malicious data injection attack detection method based on information physical fusion | |
CN113094702B (en) | False data injection attack detection method and device based on LSTM network | |
Horvath et al. | Sensor fault diagnosis of inland navigation system using physical model and pattern recognition approach | |
CN113268730A (en) | Smart grid false data injection attack detection method based on reinforcement learning | |
CN112085043B (en) | Intelligent monitoring method and system for network security of transformer substation | |
Zhu et al. | A new residual generation-based fault estimation approach for cyber-physical systems | |
Su et al. | On-line outlier and change point detection for time series | |
CN115145790A (en) | False data injection attack detection method and system for smart power grid | |
CN113507430B (en) | Method and system for detecting information physical cooperation attack of power system | |
Luo et al. | GMM-based distributed Kalman filtering for target tracking under cyber attacks | |
Dai et al. | False Data Injection Attack Detection Based on Local Linear Embedding and Extreme Learning Machine | |
CN115112962A (en) | Non-invasive load identification method, system, storage medium and equipment | |
CN114063456B (en) | Fault prediction and early warning method using autoregressive model and Kalman filtering algorithm | |
Li et al. | Improved Wasserstein generative adversarial networks defense method against data integrity attack on smart grid | |
Sales-Setién et al. | Fault detection in the blade and pitch system of a wind turbine with H2 PI observers | |
Jia et al. | An intrusion detection method based on hierarchical hidden Markov models | |
CN115293244B (en) | Smart grid false data injection attack detection method based on signal processing and data reduction |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |