CN113242209B - Generalized accumulation and detection method for false data injection attack of smart grid - Google Patents

Generalized accumulation and detection method for false data injection attack of smart grid Download PDF

Info

Publication number
CN113242209B
CN113242209B CN202110378252.8A CN202110378252A CN113242209B CN 113242209 B CN113242209 B CN 113242209B CN 202110378252 A CN202110378252 A CN 202110378252A CN 113242209 B CN113242209 B CN 113242209B
Authority
CN
China
Prior art keywords
attack
representing
state
grid
detection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110378252.8A
Other languages
Chinese (zh)
Other versions
CN113242209A (en
Inventor
吴争光
陆康迪
刘妹琴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang University ZJU
Original Assignee
Zhejiang University ZJU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang University ZJU filed Critical Zhejiang University ZJU
Priority to CN202110378252.8A priority Critical patent/CN113242209B/en
Publication of CN113242209A publication Critical patent/CN113242209A/en
Application granted granted Critical
Publication of CN113242209B publication Critical patent/CN113242209B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/142Network analysis or design using statistical or mathematical methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Supply And Distribution Of Alternating Current (AREA)

Abstract

The invention discloses a generalized accumulation and detection method for false data injection attack of a smart grid, which is characterized in that a discrete time dynamic model for state estimation of the smart grid is established by utilizing an acquired power grid topological structure, a historical system state estimation value and line parameter data, the system state is estimated in real time by adopting an iterative least square estimation method as an estimation method, and the state characteristic of the system at the next moment is predicted by adopting a fractional calculus theory in combination with the estimation value of the power grid at the past moment. The method can detect false data injection attacks of the smart grid, has higher detection precision and higher detection speed compared with the prior art, and ensures safe control and stable operation of the power grid.

Description

Generalized accumulation and detection method for false data injection attack of smart grid
Technical Field
The invention belongs to the field of information security of a smart power grid, and particularly relates to a generalized accumulation and detection method for false data injection attacks of the smart power grid.
Background
The smart grid achieves the goals of reliability, safety, economy and high efficiency of the grid through advanced measurement sensing equipment and an advanced control method. However, in recent years, the vulnerability of the smart grid is exposed due to frequent occurrence of malignant network attacks at home and abroad, and an alarm clock is sounded for enhancing the information security construction of the smart grid. Particularly, false data injection attack utilizes a vulnerability of a bad detection method in a power grid to covertly tamper a measurement value and a state variable of the power grid, and the safe and stable operation of the power grid is seriously damaged. Therefore, how to design effective detection of false data injection attack to ensure safe control and stable operation of the power grid has important engineering application value.
At present, the mainstream method for detecting false data injection attacks of the smart grid mainly comprises the following steps: (1) the detection method based on the comparison between the residual error detection principle and the set threshold has the defects of low detection precision, low detection efficiency, high false alarm rate and the like; (2) based on the artificial intelligence attack detection methods such as deep learning and reinforcement learning, the artificial intelligence method has the defects of complex adjustable parameters and low calculation efficiency, and simultaneously needs a large amount of data for training. The prior art is difficult to completely meet the requirement of quickly and accurately detecting false injection attacks of the smart grid.
The general accumulation and detection method is based on sequential probability ratio detection, utilizes current and recent process data to detect a signal sequence with little mean or variance change, has been successfully applied to network abnormal flow detection and fault detection, but is rarely applied to false data injection attack detection of a smart grid. The problem of detecting false data injection attacks of the smart grid can be regarded as abnormal detection in nature. However, at present, how to combine the dynamic characteristics of the power grid and the generalized accumulation and detection method is also one of the key technologies which need to be solved urgently in the academic circles at home and abroad.
Disclosure of Invention
The invention aims to provide a generalized accumulation and detection method for false data injection attacks of a smart grid aiming at the defects of the prior art.
The purpose of the invention is realized by the following technical scheme: a generalized accumulation and detection method for false data injection attacks of a smart grid comprises the following steps:
(1) and acquiring power grid data.
(2) And establishing a discrete time dynamic model of the state estimation of the intelligent power grid.
(3) And setting initialization parameters.
(4) And reading a current moment measurement value and a system historical state value, and predicting the state of the power grid under the condition of attack and non-attack respectively.
(5) And respectively calculating an attack vector estimation value, a generalized likelihood ratio and decision statistic at the current moment.
(6) And estimating the state of the power grid by adopting an iterative weighted least square method to obtain state estimation values of the current time under the non-attack condition and the attack condition.
(7) And judging whether the system receives the attack.
Further, in step (1), the grid data includes a grid topology, line parameters and historical state estimation values of the system.
Further, in step (2), the discrete-time dynamic model of the state estimation of the smart grid is:
xk=Akxk-1+vk (1)
zk=h(xk)+ωk (2)
where k denotes the sampling instant xkRepresenting the state of the system, including node voltage magnitude and voltage phase angle, AkRepresenting the system state transition matrix, vkAnd ωkRandom white noise, z, representing the system process noise and the observed noise, respectively, both obeying a normal distributionkRepresents the measured value, hkRepresenting a functional relationship between the state variable and the measured value.
Further, the system process noise and the observation noise are both subjected to normally distributed random white noise; the measured value zkThe method comprises node active power and reactive power, branch active power and reactive power.
Further, in step (3), the parameter includes a maximum value t of a system operation time windowmaxDecision statistic gkAttack detection threshold afAn attack amplitude threshold lambda and an attack generation time tau.
Further, in the step (4), predicting the state of the power grid specifically includes:
Figure BDA0003011675130000021
Figure BDA0003011675130000022
Figure BDA0003011675130000023
wherein
Figure BDA0003011675130000024
Wherein,
Figure BDA0003011675130000025
and
Figure BDA0003011675130000026
respectively representing the predicted values of the states in the case of no attack and in the case of attack,
Figure BDA0003011675130000027
and
Figure BDA0003011675130000028
respectively representing the state estimates at time k-1, A, in the absence of an attack and in the presence of an attackkPredicted by fractional calculus theory, wherein
Figure BDA0003011675130000029
α12,…,αnRepresenting a fractional order; x is the number ofk-1,…,xk-wIs the system historical state value.
Further, the step (5) is specifically as follows:
Figure BDA00030116751300000210
Figure BDA0003011675130000031
wherein
Figure BDA0003011675130000032
gk=max((gk-1k),0) (8)
Wherein,
Figure BDA0003011675130000033
representing the estimated value of the attack vector at time k,
Figure BDA0003011675130000034
represents the attack magnitude estimation of the D-th measured value at time k, D is 1,2, …, D represents the measured quantity; e.g. of the typek,dIndicating the error between the measured value at the d-th time and the predicted value,
Figure BDA0003011675130000035
set representing sequence numbers of attacked measurement tables, p0And pfProbability density functions representing the measurement values in the case of no attack and in the case of attack, respectively; beta is akRepresenting a generalized likelihood ratio, gkRepresenting the decision statistic.
Further, in step (6), the system state vector x is passedcThrough the same process, the state estimation values of the current time under the condition of no attack and under the condition of attack are obtained
Figure BDA0003011675130000036
And
Figure BDA0003011675130000037
the method comprises the following substeps:
(6.1) starting iteration, and setting the maximum iteration number ImaxSetting the current iteration number c to be 0;
(6.2) initializing the System State vector xc
(6.3) computing the gain matrix G (x)c),G(xc)=HT(xc)R-1H(xc) Wherein H (x)c) Representing a Jacobian matrix obtained from the state vector and the measurement vector, wherein R represents a weight matrix;
(6.4) according to equation [ G (x)c)]Δxc+1=HT(xc)R-1(zk-h(xc) Where Δ x)c+1=xc+1-xcDecomposition of G (x)c) And calculates Δ xc
(6.5) it is judged whether or not the termination condition, i.e. |. DELTA.x, is reachedc|<Epsilon or c>Imax
(6.6) if the termination condition is not satisfied, updating xc+1=xc+ΔxcAnd c ═ c +1, jump to substep (6.3) until a termination condition is met.
Further, the step (7) is specifically:
if g iskWhen equal to 0, set up
Figure BDA0003011675130000038
If g isk>afIf yes, the system k is attacked at the current moment, and the detection is stopped; if g isk≤afJumping to step (4) until k>tmaxWhen the detection is finished, the detection is finished.
Compared with the prior art, the invention has the following beneficial effects:
1. according to the method, the state characteristic of the system at the next moment is predicted by using the fractional calculus theory, compared with a prediction method based on an integer order, the dynamic characteristic which is more in line with a power grid can be obtained, and the state of the system can be estimated on line in real time by combining an iterative weighted least square method;
2. the method adopts generalized accumulation as a detection tool, has high detection speed and high detection precision, can accumulate errors generated by attacks, and reduces the false alarm rate;
3. the invention has higher detection precision and higher detection speed, and ensures the safe control and stable operation of the power grid.
Drawings
FIG. 1 is a block diagram of an IEEE-30 node power system embodying the present invention;
FIG. 2 is a schematic diagram of an implementation process of a generalized accumulation and detection method for false data injection attacks on a smart grid;
fig. 3 is a schematic diagram of the detection result of the spurious data injection attack considering 253 different situations in the embodiment of the present invention.
Detailed Description
The purpose and effect of the present invention will be more apparent from the following further description of the present invention with reference to the accompanying drawings.
Taking the IEEE-30 node power system shown in fig. 1 as an example, the generalized accumulation and detection method for false data injection attacks on the smart grid of the invention includes the following steps, as shown in fig. 2, by acquiring a power system measurement data set through MATPOWER software:
(1) acquiring power grid data: grid topology (including pre-line connection status, switch open condition) and line parameters (including line admittance, to earth susceptance) and historical state estimates for the system.
(2) Establishing a discrete time dynamic model of state estimation of the intelligent power grid:
xk=Akxk-1+vk (1)
zk=h(xk)+ωk (2)
where k denotes the sampling instant xkRepresenting the state of the system, i.e. the node voltage amplitude and the voltage phase angle, AkRepresenting the system state transition matrix, vkAnd ωkRespectively representing the process noise and the observation noise of the system at the moment k, wherein the random white noise is in normal distribution; z is a radical ofkThe representation measurement values comprise node active power and reactive power, branch active power and reactive power; h represents a functional relationship between the state variable and the measured value.
(3) Setting initialization parameters: maximum value t of system operation time window max50, decision statistic gkAttack detection threshold a of 0f=104The attack amplitude threshold λ is 0.18, and the attack generation time τ is 25.
(4) Read the current time k (k ═ 1, 2.., t)max) Measured value zkAnd system historical state value xk-1,…,xk-wAnd according to the formulas (3) to (5), predicting the state of the power grid under the condition of attack and non-attack respectively.
Figure BDA0003011675130000041
Figure BDA0003011675130000042
Figure BDA0003011675130000043
Wherein
Figure BDA0003011675130000044
Wherein,
Figure BDA0003011675130000051
and
Figure BDA0003011675130000052
respectively representing the predicted values of the states in the case of no attack and in the case of attack,
Figure BDA0003011675130000053
and
Figure BDA0003011675130000054
respectively representing state estimation values of k-1 time under a non-attack condition and under an attack condition; a. thekPredicted by fractional calculus theory, wherein
Figure BDA0003011675130000055
α12,…,αnRepresenting a fractional order; w is 1 to k.
(5) Respectively calculating attack vector estimation values at k moment according to formulas (6) to (8)
Figure BDA0003011675130000056
Generalized likelihood ratio betakAnd decision statistic gk
Figure BDA0003011675130000057
Figure BDA0003011675130000058
Wherein
Figure BDA0003011675130000059
gk=max((gk-1k),0) (8)
Wherein,
Figure BDA00030116751300000510
represents the attack amplitude estimation of the D-th measured value at time k, D is 1,2, …, D represents the measured quantity, D is 254; e.g. of the typek,dThe error between the d-th measured value and the measured predicted value at the time k is shown; sup is an upper limit function;
Figure BDA00030116751300000511
set representing sequence numbers of the attacked measurement table at time k, p0And pfRepresenting the probability density function of the measurement values in the case of no attack and with attack, respectively.
(6) Estimating the state of the power grid by adopting an iterative weighted least square method to obtain state estimation values under the condition of no attack and under the condition of attack at the current moment
Figure BDA00030116751300000512
And
Figure BDA00030116751300000513
the method comprises the following substeps:
(6.1) starting iteration, and setting the maximum iteration number Imax100, the error tolerance parameter ε is 10-6And sets the current iteration number c to 0.
(6.2) initializing the System State vector xc;xcIs composed of
Figure BDA00030116751300000514
Or
Figure BDA00030116751300000515
(6.3) computing the gain matrix G (x)c):
G(xc)=HT(xc)R-1H(xc)
Wherein, H (x)c) Representing a Jacobian matrix derived from the state vector and the measurement vector, and R representing a weight matrix.
(6.4) according to equation [ G (x)c)]Δxc+1=HT(xc)R-1(zk-h(xc) Decompose G (x)c) And calculates Δ xcWherein Δ xc+1=xc+1-xc
(6.5) it is judged whether or not the termination condition, i.e. |. DELTA.x, is reachedc|<Epsilon or c>ImaxAnd epsilon is a preset precision parameter.
(6.6) if the termination condition is not satisfied, updating xc+1=xc+ΔxcAnd c ═ c +1, jump to substep (6.3) until a termination condition is met.
(7) If g iskWhen equal to 0, set up
Figure BDA0003011675130000061
(8) If g isk>afIf so, the attack detection time is k, and the system starts an early warning signal and stops detection; otherwise if gk≤afJumping to the step (4) until k>tmaxWhen the detection is finished, the attack is not detected.
Fig. 3 is a schematic diagram of a detection result of a false data injection attack considering 253 different situations in this embodiment, and it can be seen from fig. 3 that, at an attack time, under 253 different attacks, corresponding decision statistics are all greater than a set threshold, which illustrates that whether an attack exists can be immediately detected by using the method of the present invention, and an early warning signal is sent. By adopting the technology of the invention to analyze the operation experiment result of the smart grid, the following can be found: the method and the device can detect false data injection attacks in the smart grid, have shorter detection time, higher detection precision and lower false alarm rate compared with the prior art, and can better ensure the safe control and stable operation of the power grid.
In summary, the detection of false data injection attack on the smart grid can be realized by adopting the method and the device, and the method and the device have the following advantages that the prior art does not have: the system state can be estimated on line in real time, and the estimation precision is higher; the detection efficiency is higher, the detection precision is higher, the false alarm rate is lower, and the safety control and the stable operation of the power grid are ensured.

Claims (7)

1. A generalized accumulation and detection method for false data injection attacks of a smart grid is characterized by comprising the following steps:
(1) acquiring power grid data;
(2) establishing a discrete time dynamic model of state estimation of the intelligent power grid;
(3) setting initialization parameters;
(4) reading a current moment measurement value and a system historical state value, and predicting the state of the power grid under the condition of attack and non-attack respectively, wherein the method specifically comprises the following steps:
Figure FDA0003518926890000011
Figure FDA0003518926890000012
Figure FDA0003518926890000013
wherein
Figure FDA0003518926890000014
Wherein,
Figure FDA0003518926890000015
and
Figure FDA0003518926890000016
respectively representing the predicted values of the states in the case of no attack and in the case of attack,
Figure FDA0003518926890000017
and
Figure FDA0003518926890000018
respectively representing state estimation values of k-1 time under a non-attack condition and under an attack condition; a. thekRepresenting a system state transition matrix, and predicting by a fractional calculus theory; wherein
Figure FDA0003518926890000019
α12,…,αnRepresenting a fractional order; x is the number ofk-1,…,xk-wIs a system historical state value;
(5) respectively calculating an attack vector estimation value, a generalized likelihood ratio and decision statistics at the current moment;
(6) estimating the state of the power grid by using an iterative weighted least square method and passing a system state vector xcThrough the same process, the state estimation values of the current moment under the condition of no attack and under the condition of attack are obtained
Figure FDA00035189268900000110
And
Figure FDA00035189268900000111
the method comprises the following substeps:
(6.1) starting iteration, and setting the maximum iteration number ImaxSetting the current iteration number c to be 0;
(6.2) initializing the System State vector xc
(6.3) computing the gain matrix G (x)c),G(xc)=HT(xc)R-1H(xc) Wherein H (x)c) Representing a Jacobian matrix obtained from the state vector and the measurement vector, wherein R represents a weight matrix;
(6.4) according to equation [ G (x)c)]Δxc+1=HT(xc)R-1(zk-H(xc) Where Δ x) isc+1=xc+1-xcDecomposition of G (x)c) And calculates Δ xc+1
(6.5) it is judged whether or not the termination condition, i.e. |. DELTA.x, is reachedc+1|<Epsilon or c>Imax
(6.6) if the termination condition is not satisfied, updating xc+1=xc+Δxc+1And c ═ c +1, jump to substep (6.3) until a termination condition is met;
(7) and judging whether the system receives the attack.
2. The generalized accumulation and detection method of smart-grid false-data injection attacks according to claim 1, wherein in step (1), the grid data comprises grid topology, line parameters and historical state estimates of the system.
3. The generalized accumulation and detection method for false data injection attacks on smart grid according to claim 2, wherein in the step (2), the discrete-time dynamic model of state estimation on smart grid is:
xk=Akxk-1+vk (1)
zk=h(xk)+ωk (2)
where k denotes the sampling instant, xkRepresenting the state of the system, including node voltage magnitude and voltage phase angle, vkAnd ωkRandom white noise, z, representing the system process noise and the observed noise, respectively, both obeying a normal distributionkRepresents the measured value, hkRepresenting a functional relationship between the state variables and the measured values.
4. The generalized accumulation and detection method for the smart-grid false-data injection attack as claimed in claim 3, wherein the system process noise and the observed noise both obey normally distributed random white noise; the measured value zkThe method comprises node active power and reactive power, branch active power and reactive power.
5. The generalized accumulation and detection method for the false data injection attack of the smart grid according to claim 1, wherein in the step (3), the parameter comprises a maximum value t of a system operation time windowmaxDecision statistic gkAttack detection threshold afAn attack amplitude threshold lambda and an attack generation time tau.
6. The generalized accumulation and detection method for the smart grid false data injection attack as claimed in claim 1, wherein the step (5) is specifically:
Figure FDA0003518926890000021
Figure FDA0003518926890000022
gk=max((gk-1k),0) (8)
wherein,
Figure FDA0003518926890000023
representing the estimated value of the attack vector at time k,
Figure FDA0003518926890000024
represents the attack magnitude estimation of the D-th measured value at time k, D is 1,2, …, D represents the measured quantity; e.g. of the typek,dIndicating the error between the measured value at the d-th time and the predicted value,
Figure FDA0003518926890000025
representing a set of attacked measurement table sequence numbers, p0And pfProbability density functions representing the measurement values in the case of no attack and in the case of attack, respectively; beta is akRepresenting a generalized likelihood ratio, gkRepresenting decision statistics.
7. The generalized accumulation and detection method for the smart grid false data injection attack as claimed in claim 1, wherein the step (7) is specifically:
if decision statistic gkWhen equal to 0, set up
Figure FDA0003518926890000031
If g isk>afIf yes, the system k is attacked at the current moment, and the detection is stopped; if g isk≤afJumping to the step (4) until k>tmaxWhen the detection is finished, the detection is finished.
CN202110378252.8A 2021-04-08 2021-04-08 Generalized accumulation and detection method for false data injection attack of smart grid Active CN113242209B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110378252.8A CN113242209B (en) 2021-04-08 2021-04-08 Generalized accumulation and detection method for false data injection attack of smart grid

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110378252.8A CN113242209B (en) 2021-04-08 2021-04-08 Generalized accumulation and detection method for false data injection attack of smart grid

Publications (2)

Publication Number Publication Date
CN113242209A CN113242209A (en) 2021-08-10
CN113242209B true CN113242209B (en) 2022-05-24

Family

ID=77131204

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110378252.8A Active CN113242209B (en) 2021-04-08 2021-04-08 Generalized accumulation and detection method for false data injection attack of smart grid

Country Status (1)

Country Link
CN (1) CN113242209B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114123495A (en) * 2021-11-11 2022-03-01 广东电网有限责任公司广州供电局 Power grid information physical fusion attack detection method, device, equipment and storage medium
CN115017499B (en) * 2022-05-07 2023-04-28 燕山大学 Smart power grid false data attack detection method based on robust state observer
CN115134162B (en) * 2022-07-15 2023-05-05 西南民族大学 Method for detecting and compensating malicious threat of industrial control system and electronic equipment
CN116915513B (en) * 2023-09-14 2023-12-01 国网江苏省电力有限公司常州供电分公司 False data injection attack detection method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104573510A (en) * 2015-02-06 2015-04-29 西南科技大学 Smart grid malicious data injection attack and detection method
CN110035090A (en) * 2019-05-10 2019-07-19 燕山大学 A kind of smart grid false data detection method for injection attack
CN110704838A (en) * 2019-09-30 2020-01-17 浙江大学 Malicious data injection attack detection method based on information physical fusion

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200099252A1 (en) * 2018-09-26 2020-03-26 Abb Schweiz Ag Secure distributed state estimation for networked microgrids

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104573510A (en) * 2015-02-06 2015-04-29 西南科技大学 Smart grid malicious data injection attack and detection method
CN110035090A (en) * 2019-05-10 2019-07-19 燕山大学 A kind of smart grid false data detection method for injection attack
CN110704838A (en) * 2019-09-30 2020-01-17 浙江大学 Malicious data injection attack detection method based on information physical fusion

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
输电网虚假数据攻击研究综述;王先培等;《电网技术》;20161105;第40卷(第11期);3406-3414 *

Also Published As

Publication number Publication date
CN113242209A (en) 2021-08-10

Similar Documents

Publication Publication Date Title
CN113242209B (en) Generalized accumulation and detection method for false data injection attack of smart grid
Chen et al. A novel online detection method of data injection attack against dynamic state estimation in smart grid
CN110942109A (en) PMU false data injection attack prevention method based on machine learning
CN110930265B (en) Power system false data injection attack detection method based on ground displacement distance
CN110633761A (en) Power system false data detection method based on improved Kalman filtering
CN112884237A (en) Power distribution network prediction auxiliary state estimation method and system
US20230050490A1 (en) Systems and Methods for Malicious Attack Detection in Phasor Measurement Unit Data
Basiri et al. Kalman filter based secure state estimation and individual attacked sensor detection in cyber-physical systems
CN110704838A (en) Malicious data injection attack detection method based on information physical fusion
CN113094702B (en) False data injection attack detection method and device based on LSTM network
Horvath et al. Sensor fault diagnosis of inland navigation system using physical model and pattern recognition approach
CN113268730A (en) Smart grid false data injection attack detection method based on reinforcement learning
CN112085043B (en) Intelligent monitoring method and system for network security of transformer substation
Zhu et al. A new residual generation-based fault estimation approach for cyber-physical systems
Su et al. On-line outlier and change point detection for time series
CN115145790A (en) False data injection attack detection method and system for smart power grid
CN113507430B (en) Method and system for detecting information physical cooperation attack of power system
Luo et al. GMM-based distributed Kalman filtering for target tracking under cyber attacks
Dai et al. False Data Injection Attack Detection Based on Local Linear Embedding and Extreme Learning Machine
CN115112962A (en) Non-invasive load identification method, system, storage medium and equipment
CN114063456B (en) Fault prediction and early warning method using autoregressive model and Kalman filtering algorithm
Li et al. Improved Wasserstein generative adversarial networks defense method against data integrity attack on smart grid
Sales-Setién et al. Fault detection in the blade and pitch system of a wind turbine with H2 PI observers
Jia et al. An intrusion detection method based on hierarchical hidden Markov models
CN115293244B (en) Smart grid false data injection attack detection method based on signal processing and data reduction

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant