CN113325755B - Data driving control method for coping with denial of service attack - Google Patents

Data driving control method for coping with denial of service attack Download PDF

Info

Publication number
CN113325755B
CN113325755B CN202110528039.0A CN202110528039A CN113325755B CN 113325755 B CN113325755 B CN 113325755B CN 202110528039 A CN202110528039 A CN 202110528039A CN 113325755 B CN113325755 B CN 113325755B
Authority
CN
China
Prior art keywords
data
input
denial
matrix
control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110528039.0A
Other languages
Chinese (zh)
Other versions
CN113325755A (en
Inventor
孙健
刘文婕
王钢
陈杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
Original Assignee
Beijing Institute of Technology BIT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT filed Critical Beijing Institute of Technology BIT
Priority to CN202110528039.0A priority Critical patent/CN113325755B/en
Publication of CN113325755A publication Critical patent/CN113325755A/en
Application granted granted Critical
Publication of CN113325755B publication Critical patent/CN113325755B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B19/00Programme-control systems
    • G05B19/02Programme-control systems electric
    • G05B19/04Programme control other than numerical control, i.e. in sequence controllers or logic controllers
    • G05B19/042Programme control other than numerical control, i.e. in sequence controllers or logic controllers using digital processors
    • G05B19/0423Input/output
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/23Pc programming
    • G05B2219/23051Remote control, enter program remote, detachable programmer

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Engineering & Computer Science (AREA)
  • Automation & Control Theory (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a data driving control method aiming at denial of service attack, which comprises the following steps that firstly, information transmission is carried out between a sensor and a controller of an unknown system of a linear controllable observable model and between the controller and the system through a network, and both channels are likely to suffer from denial of service attack; and there may be network-induced noise in the sensor and controller channels; the two channels adopt a data packet-based sending mode when data transmission is carried out; in addition, before the system is operated on the formal line, a certain number of input and output tracks of the system need to be collected in an offline experiment; in the control, the controller design is directly carried out through the trajectory line and the output value received by the system in real time without system identification; if the intensity of the noise received by the system is within a certain range and the attack received by the system is not infinite length or infinite speed, the system can maintain a stable running state.

Description

Data driving control method for coping with denial of service attack
Technical Field
The invention belongs to the field of information physical system security, and particularly relates to a data driving control method for dealing with denial of service (DoS) attack when a system matrix of an information physical system is unknown and the system matrix is attacked.
Background
In recent years, the rapid development of computing level and network technology has led to the widespread use of Cyber Physical Systems (CPSs) in various industries, such as smart grids, smart furniture, unmanned vehicles, and the like. However, everything is reversible, and according to a few news reports, this system is vulnerable to network attacks such as spurious data injection attacks, replay attacks, and denial of service (DoS) attacks. In 8/2/2020, iran's radio network suffers from one hour of DoS attacks, which causes 25% of the network traffic in the country to be blocked and hundreds of facilities to be severely damaged. Such a network attack is easily released due to less required system information, thereby causing serious consequences. In particular, if a remote controller transmits control values through a network channel to control an open-loop unstable system, a long DoS attack may cause serious damage to the system and surrounding facilities. Therefore, measures to mitigate the effects of an attack are desirable.
The types of network attacks are very rich and diverse, and the common types can be listed as: spurious data injection attacks, replay attacks, and denial of service attacks (DoS) attacks, among others. In fact, doS attacks are usually released by malicious routers and disturbers and require little information from any system. Because of the ease with which this attack is released, the trainee has to devote more effort to find a more effective countermeasure against this attack. In order to better judge the effectiveness of the defense, c.perspective.de et al first proposed a generalized model that can characterize various DoS attack strategies in the literature (Input-to-state stabilizing control under initiative-of-service, IEEE trans. Automatic. Control, vol.60, no.11, pp.2930-2944, nov.2015). Under this model, they present a transmission strategy that can maintain the stability of the state feedback system. Subsequently, based on this attack model, elastic controllers suitable for different kinds of systems are proposed one after the other. For example, S.Feng et al (scientific control under noise-of-service: robust design, automatica, vol.79, pp.42-51, mar.2017) designed an elastic controller based on an observer, A.Lu et al (Input-to-state stabilizing control for cell-physical systems with multiple transmission channels under noise-of-service, IEEE transaction. Autom.Control, vol.63, no.6, pp.1813-1820, june 2018) designed an elastic output feedback controller for a multi-channel system.
The controller design listed above is based on models, so it is necessary to establish a mathematical model of the controlled object by using a mechanism or a method of identifying a model, and then realize the flexible control of the system under attack based on the model. However, as the size and complexity of current industrial control systems continue to grow, conventional model-based analysis and control approaches can present significant challenges in addressing such problems. In order to solve the difficulty, the elasticity control system based on data driving only depends on the input and output tracks of the system collected in advance, and the future tracks of the system are predicted by solving an optimization problem only depending on the tracks, so that the system is subjected to elasticity control.
Disclosure of Invention
Considering that in practical engineering, the identification cost of the system increases significantly as the complexity of the system increases, it is convenient to control the system only through a plurality of system tracks collected experimentally in advance. Meanwhile, the network channel for signal transmission is vulnerable to DoS attacks, thereby blocking information transmission.
A data-driven control method for coping with denial-of-service attacks comprises the following steps.
S0, giving a dimension upper bound of a system to be controlled
Figure GDA0003826218270000021
Constant number
Figure GDA0003826218270000022
The constant integer Q is more than or equal to 1, Q is more than or equal to 1, lambda h Is greater than 0; real positive definite symmetric matrix R 1 ,R 2 (ii) a Network noise boundary
Figure GDA0003826218270000023
S1, under different system initial values, giving q groups of control inputs u to a system to be controlled s,q Recording control input u of the system s ,q And the generated output y s,q Obtaining q sections of tracks;
s2, arranging the control inputs in the q-section tracks according to a Hankel matrix form to obtain a matrix
Figure GDA0003826218270000024
The Hankel matrixes are spliced to obtain a matrix
Figure GDA0003826218270000025
S3, repeating the steps S1 and S2 for Q times, namely collecting Q groups of system tracks, wherein each group of tracks consists of Q sections of tracks; arranging and splicing the collected outputs into a matrix in the same way as the control inputs
Figure GDA0003826218270000026
Respectively calculating Q matrixes
Figure GDA0003826218270000027
Average moment ofMatrix of
Figure GDA0003826218270000028
Q matrices
Figure GDA0003826218270000029
Is averaged
Figure GDA00038262182700000210
S4, if the sensor channel of the current system is not attacked by DoS, the controller side receives the data sent by the sensor and containing the past data
Figure GDA0003826218270000031
Data packets of a respective output quantity; the controller side then solves the following optimization problem:
Figure GDA0003826218270000032
wherein, the first and the second end of the pipe are connected with each other,
Figure GDA0003826218270000033
is a physical quantity to be solved; j. the design is a square * L () Representing a loss function; t represents the current time;
Figure GDA0003826218270000034
indicating the time before the current time t to be predicted
Figure GDA0003826218270000035
One input followed by L-1 inputs;
Figure GDA0003826218270000036
indicating the time before the current time t to be predicted
Figure GDA0003826218270000037
One input followed by L-1 outputs;
Figure GDA0003826218270000038
indicating before the current time t
Figure GDA0003826218270000039
Actual input data of the individual systems;
Figure GDA00038262182700000310
indicating slave time
Figure GDA00038262182700000311
By time t-1 the system is subjected to noise n in the network t Controller side of intrusion, actually received before the current time t
Figure GDA00038262182700000312
An output value; variable ζ t =y t +n t
Figure GDA00038262182700000313
I system inputs representing the current time t to be predicted;
Figure GDA00038262182700000314
Figure GDA00038262182700000315
i system outputs representing the current time t to be predicted;
Figure GDA00038262182700000316
wherein
Figure GDA00038262182700000317
Is that
Figure GDA00038262182700000318
R of the matrix 1 A weight norm;
Figure GDA00038262182700000319
is a matrix
Figure GDA00038262182700000320
R of (A) 2 A weight norm;
Figure GDA00038262182700000321
indicating before the current time t to be predicted
Figure GDA00038262182700000322
Input data of each system;
Figure GDA00038262182700000323
indicating before the current time t to be predicted
Figure GDA00038262182700000324
Output data of the individual systems;
Figure GDA00038262182700000325
indicating before the current time t to be predicted
Figure GDA00038262182700000326
Input data for the next L-1 systems;
Figure GDA00038262182700000327
indicating the time before the current time t to be predicted
Figure GDA00038262182700000328
Output data of the next L-1 systems;
h i (t) represents the values of i h (t) to be predicted at the previous time t.
Figure GDA0003826218270000041
Is that
Figure GDA0003826218270000042
A zero vector of the same dimension as the control input;
Figure GDA0003826218270000043
is that
Figure GDA0003826218270000044
Zero vectors of the same dimension as the control output;
Figure GDA0003826218270000045
is a given convex set;
by solving the optimization problem, a prediction input for future L steps is generated
Figure GDA0003826218270000046
And predicted output
Figure GDA0003826218270000047
Packing the 0 th to the b-1 th prediction inputs in the prediction inputs into a data packet, and transmitting the data packet to a system side through an input channel, wherein b is the size of a cache space of the system side;
s6, if the sensor channel of the current system suffers from denial of service attack, the controller side cannot receive the information sent by the sensor side
Figure GDA0003826218270000048
The controller packs and sends the control input which is obtained by solving the optimization problem for the last time and corresponds to the current moment and b-1 subsequent control inputs to the system side;
s7, if a transmission channel from the current controller to the system is attacked by denial of service, namely the system side cannot receive an input data packet sent by the controller side, the system side sequentially uses the control input corresponding to the current moment in the data packet sent last time to control;
and S8, if the transmission channel from the current controller to the system does not receive the denial of service attack, the system side can receive the input data packet sent by the controller side, and the system side adopts the state of the current received input data packet at the moment to control.
Preferably, the attack on the system is satisfied
Figure GDA0003826218270000049
While the system is capable of remaining calm, where v d And v f Is a constant number of times, and is,
Figure GDA00038262182700000410
preferably, each set of control inputs u s,q Is randomly selected from [ -1,1 ] for each component]The intervals are randomly selected.
Preferably, the total data quantity N of the q groups of tracks needs to be satisfied
Figure GDA00038262182700000411
Preferably, in the S2, a matrix is calculated
Figure GDA00038262182700000412
If the matrix is row full, the matrix is retained, otherwise the above S1 is repeated until the mosaic matrix is a row full matrix.
Preferably, in S6, if the control input corresponding to the current time and the b-1 control inputs following the current time are not enough to transmit b data, the remaining data positions are filled with data "0".
Preferably, in S7, if there is not enough control input currently, the data "0" is used for control.
The invention has the following beneficial effects:
(1) The invention provides a data driving control method for coping with denial of service attack, a controller only needs a system running track collected in advance after the method is adopted, and a system identification step is not needed, so that an unknown linear system can ensure a stable production running state under the conditions that the occurrence frequency and the duration time of denial of service attack are limited and system noise is limited;
(2) The data driving method designed by the invention realizes the unknown system under the condition that both the input channel and the output channel are attacked by denial of service for the first time, and only uses the collected input and output tracks of the system to carry out stabilization control on the system;
(3) When the duration of the denial-of-service attack is not infinite long and the frequency of occurrence is not infinite fast, and the system noise is in a certain range, the system can operate stably under the data drive controller of the present invention.
Drawings
FIG. 1 is a schematic diagram of a networked system structure of a data-driven control method for dealing with denial of service attacks according to the present invention;
FIG. 2 is a schematic diagram of a specific flow chart of a data-driven control method for handling denial of service attacks according to the present invention;
fig. 3 (a) is a plot of system state over time with the maximum upper bound on the process noise norm not exceeding 0.1 and the maximum upper bound on the network noise norm not exceeding 0.05, and fig. 3 (b) is a plot of system state over time with the maximum upper bound on the process noise norm not exceeding 0.01 and the maximum upper bound on the network noise norm not exceeding 0.01.
Detailed Description
The invention is described in detail below by way of example with reference to the accompanying drawings.
The invention provides a data-driven control method for coping with denial of service attack, which ensures that a system can keep a stable running state under the condition of limited duration and occurrence frequency of denial of service attack by designing a data-driven model prediction flexible control method.
The denial of service attack in the invention realizes the attack by blocking the communication of the transmission channel, so that the controller side (or the system side) can not receive the output data packet (or the control input data packet) at the current time. The strength of the denial-of-service attack is described by limiting the attack occurrence frequency and attack duration of the attack within a certain time period, the limits on the attack frequency and duration are as follows:
attack occurrence frequency: the moment when the system switches from the successful transmission moment to the unsuccessful transmission moment is recorded as a denial of service attack, and the accumulated times of the moment is the frequency of attack occurrence in a given time interval. Existence constant
Figure GDA0003826218270000061
Enabling the frequency n (tau, t) of the denial of service attack to meet all the time periods [ tau, t), wherein t is more than or equal to tau:
Figure GDA0003826218270000062
attack duration: the number of transmission moments at which the system fails over a period of time. Existence constant
Figure GDA0003826218270000063
Such that the duration | xi (τ, t) | of the DoS attack satisfies, for all time periods [ τ, t ≧ τ):
Figure GDA0003826218270000064
as shown in fig. 1, an embodiment of the present invention provides a data-driven control method for handling a denial-of-service attack, including the following steps:
s0, describing a dynamic equation of the system to be stabilized as follows:
x t =Ax t +Bu t +w t
y t =Cx t
wherein x is t ,u t ,y t And w t Respectively, the state, input, output, and bounded disturbance of the system. Initial value x of system 0 Any given. Noise w of the system t Is bordered, i.e.
Figure GDA0003826218270000065
And is0 is desired, while this noise does not disappear over time. The exact dimension of the system is not known, but the upper bound of the dimension of the system is known, i.e.
Figure GDA0003826218270000066
The system matrix (a, B, C, D) is unknown, but the system is appreciably controllable. It is considered that the output value of the system is eroded by noise caused by the network when the system is operated on-line, i.e.
ζ t =y t +n t
Therein, ζ t Is the output of the system actually collected by the controller side, n t Is bounded network noise, i.e.
Figure GDA0003826218270000067
Meanwhile, the input and output sides of the system both adopt a data transmission mode based on data packets. Specifically, when no attack is received, the sensors of the system send the nearest to the controller at each moment
Figure GDA0003826218270000068
An output
Figure GDA0003826218270000069
The controller of the system sends the generated b control inputs to the system at each moment
Figure GDA00038262182700000610
Where b is the buffer space capacity on the system side.
Are used separately
Figure GDA0003826218270000071
And
Figure GDA0003826218270000072
indicating the time of successful controller-to-system and sensor-to-controller transmissions.
S1, presetting a dimension upper bound of a system to be controlled
Figure GDA0003826218270000073
Constant number
Figure GDA0003826218270000074
The constant integer Q is more than or equal to 1, Q is more than or equal to 1, lambda h Is greater than 0; real positive definite symmetric matrix R 1 ,R 2 (ii) a Network noise boundary
Figure GDA00038262182700000714
S2, initial values of different systems
Figure GDA0003826218270000075
Next, each set of control inputs u s,q Is randomly selected from [ -1,1 ] for each component]Randomly selecting in interval, recording input data u used by system s,q And the generated output data y s,q . Collected q 0 Data of group track, data quantity of each section of track is N q And this q 0 The total amount of segment data, N, needs to be satisfied
Figure GDA0003826218270000076
S3, arranging the tracks formed by N input data in the q sections of tracks according to a Hankel matrix form
Figure GDA0003826218270000077
The Hankel matrixes are spliced to obtain
Figure GDA0003826218270000078
And calculating the row rank of the matrix, if the matrix is full-rank, retaining the matrix, otherwise repeating the above S2 until the mosaic matrix is full-rank. Wherein the Hankel matrix is constructed as follows:
Figure GDA0003826218270000079
wherein, N q In the q-th trackThe amount of data to be transmitted,
Figure GDA00038262182700000710
represents the input quantity at the ith time in the process of collecting the q-th section of data; i =0, \ 8230;, N q -1;
And S4, repeating the steps S2 and S3Q times, namely collecting Q groups of system tracks, wherein each group of tracks consists of Q sections of tracks and N data. Arranging the collected output data in the same way as the input data
Figure GDA00038262182700000711
Respectively calculating average input matrix corresponding to input data
Figure GDA00038262182700000712
Average output matrix corresponding to output data
Figure GDA00038262182700000713
S5, if the sensor channel of the current system is not attacked by DoS, the controller side receives the information sent by the sensor and containing the past information
Figure GDA0003826218270000081
And a single output of packets. The controller side then optimizes the packet by solving the following optimization problem based on this newly received output packet:
Figure GDA0003826218270000082
wherein the content of the first and second substances,
Figure GDA0003826218270000083
is a physical quantity to be solved; j is a unit of * L () Representing a loss function; t represents the current time;
Figure GDA0003826218270000084
indicating the time before the current time t to be predicted
Figure GDA0003826218270000085
One input followed by L-1 inputs;
Figure GDA0003826218270000086
indicating before the current time t to be predicted
Figure GDA0003826218270000087
One input followed by L-1 outputs;
Figure GDA0003826218270000088
indicating before the current time t
Figure GDA0003826218270000089
Actual input data of the individual systems;
Figure GDA00038262182700000810
indicating slave time
Figure GDA00038262182700000811
By time t-1, the system is subjected to noise n in the network t Controller side of intrusion, actually received before the current time t
Figure GDA00038262182700000812
An output value; variable ζ t =y t +n t
Figure GDA00038262182700000813
I system inputs representing the current time t to be predicted;
Figure GDA00038262182700000814
Figure GDA00038262182700000815
i system outputs representing the current time t to be predicted;
Figure GDA00038262182700000816
wherein
Figure GDA00038262182700000817
Is that
Figure GDA00038262182700000818
R of the matrix 1 A weight norm;
Figure GDA00038262182700000819
is a matrix
Figure GDA00038262182700000820
R of (A) to (B) 2 A weight norm;
Figure GDA00038262182700000821
indicating the time before the current time t to be predicted
Figure GDA00038262182700000822
Input data of each system;
Figure GDA00038262182700000916
indicating the time before the current time t to be predicted
Figure GDA0003826218270000091
Output data of each system;
Figure GDA0003826218270000092
indicating the time before the current time t to be predicted
Figure GDA0003826218270000093
Input data for the next L-1 systems;
Figure GDA0003826218270000094
indicating before the current time t to be predicted
Figure GDA0003826218270000095
Output data of the next L-1 systems;
h i (t) represents the values of i h (t) to be predicted at the previous time t.
Figure GDA0003826218270000096
Is that
Figure GDA0003826218270000097
A zero vector of the same dimension as the control input;
Figure GDA0003826218270000098
is that
Figure GDA0003826218270000099
Zero vectors of the same dimension as the control output;
Figure GDA00038262182700000910
is a given convex set, e.g. [ u ] min ,u max ]。
By solving the optimization problem, a prediction input for future L steps is generated
Figure GDA00038262182700000911
And predicted output
Figure GDA00038262182700000912
And packing the input data from time t to t + b-1 into a data packet, and transmitting the data packet to the system side through an input channel, wherein b is the size of the buffer space measured by the system.
S6, if the sensor channel of the current system suffers from DoS attack, the controller side cannot receive the data sent by the sensor side
Figure GDA00038262182700000913
And (4) output quantity, namely, the controller does not solve the optimization problem at the moment, and the controller packs and sends the control input which is obtained by solving the optimization problem at the last time and corresponds to the current moment and the subsequent b-1 control inputs to the system side, namely, sends the control inputs
Figure GDA00038262182700000914
This packet, if the current solution is not enough to have b data to send, is filled with 0's.
And S7, if the transmission channel from the current controller to the system is attacked by DoS, namely the system side cannot receive the input data packet sent by the controller side, the system side sequentially uses the input value corresponding to the current time in the data packet sent last time to control. If there is no control amount remaining in the current buffer, control is performed with 0.
And S8, if the transmission channel from the current controller to the system does not receive the DoS attack, the system side can receive the input data packet sent by the controller side, and the system side adopts the state of the current received input data packet at the moment to control.
It should be noted that only when the system is attacked is satisfied
Figure GDA00038262182700000915
The system can remain calm at all times.
As shown in fig. 3 (a) and fig. 3 (b), the effect diagram of the data-driven control method for coping with denial-of-service attack provided by the present invention is run for 20 seconds on one example. Open loop unstable reactor systems are described as
Figure GDA0003826218270000101
And y (t) = Cx (t) + Du (t), wherein:
Figure GDA0003826218270000102
Figure GDA0003826218270000103
the system was discretized with a period of 0.1. First, Q =5 input-output traces are generated, each trace having a length N =200, and noise w t Are respectively observed in [ -0.1,0.1](see FIG. 3 (a)), and [ -0.01,0.01 ]](see fig. 3 (b)) uniformly distributed random noise. Setting a prediction time domain L =12, λ h =10 3 ,R 1 =10 -4 I 2 ,R 2 =2I 2 . In a 20 second simulation cycle, doS attacks (grey shading in the figure) are randomly generated and the network-induced noise n t Are respectively observed in [ -0.05,0.05](see FIG. 3 (a)), and [ -0.01,0.01 ]](see fig. 3 (b)) uniformly distributed random noise. The simulation result shows the effectiveness of the data driving control method for coping with the denial of service attack.
In summary, the above description is only a preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (7)

1. A data-driven control method for coping with denial-of-service attacks, comprising the steps of:
s0, giving a dimension upper bound of a system to be controlled
Figure FDA0003066762490000011
Constant number
Figure FDA0003066762490000012
The constant integer Q is more than or equal to 1, Q is more than or equal to 1, lambda h Is greater than 0; true positive definite symmetric matrix R 1 ,R 2 (ii) a Network noise boundary
Figure FDA0003066762490000013
S1, giving q groups of systems to be controlled under different system initial valuesControl input u s,q Recording control input u of the system s,q And the output y produced s,q Obtaining q sections of tracks;
s2, arranging the control input in the q-section track according to a Hankel matrix form to obtain a matrix
Figure FDA0003066762490000014
The Hankel matrixes are spliced to obtain a matrix
Figure FDA0003066762490000015
S3, repeating the steps S1 and S2 for Q times, namely collecting Q groups of system tracks, wherein each group of tracks consists of Q sections of tracks; arranging and splicing the collected outputs into a matrix in the same way as the control inputs
Figure FDA0003066762490000016
Respectively calculate Q matrixes
Figure FDA0003066762490000017
Is averaged
Figure FDA0003066762490000018
Q matrices
Figure FDA0003066762490000019
Average matrix of (2)
Figure FDA00030667624900000110
S4, if the sensor channel of the current system is not attacked by DoS, the controller side receives the information sent by the sensor and containing the past information
Figure FDA00030667624900000111
Data packets of a respective output quantity; the controller side then solves the following optimization problem:
Figure FDA00030667624900000112
Figure FDA00030667624900000113
Figure FDA00030667624900000114
Figure FDA00030667624900000115
Figure FDA00030667624900000116
wherein, the first and the second end of the pipe are connected with each other,
Figure FDA0003066762490000021
is a physical quantity to be solved; j. the design is a square * L () Representing a loss function; t represents the current time;
Figure FDA0003066762490000022
indicating before the current time t to be predicted
Figure FDA0003066762490000023
One input followed by L-1 inputs;
Figure FDA00030667624900000231
indicating before the current time t to be predicted
Figure FDA0003066762490000024
One input followed by L-1 outputs;
Figure FDA0003066762490000025
indicating before the current time t
Figure FDA00030667624900000230
Actual input data of the individual systems;
Figure FDA00030667624900000232
indicating slave time
Figure FDA0003066762490000026
By time t-1, the system is subjected to noise n in the network t Controller side of intrusion, actually received before the current time t
Figure FDA0003066762490000027
An output value; variable ζ t =y t +n t
Figure FDA0003066762490000028
I system inputs representing the current time t to be predicted;
Figure FDA0003066762490000029
Figure FDA00030667624900000210
i system outputs representing the current time t to be predicted;
Figure FDA00030667624900000211
wherein
Figure FDA00030667624900000212
Is that
Figure FDA00030667624900000213
R of the matrix 1 A weight norm;
Figure FDA00030667624900000214
is a matrix
Figure FDA00030667624900000215
R of (A) 2 A weight norm;
Figure FDA00030667624900000216
indicating the time before the current time t to be predicted
Figure FDA00030667624900000217
Input data of each system;
Figure FDA00030667624900000218
indicating before the current time t to be predicted
Figure FDA00030667624900000219
Output data of the individual systems;
Figure FDA00030667624900000220
indicating the time before the current time t to be predicted
Figure FDA00030667624900000221
Input data for the next L-1 systems;
Figure FDA00030667624900000222
indicating before the current time t to be predicted
Figure FDA00030667624900000223
Output data of the next L-1 systems;
h i (t) represents the values of i h (t) to be predicted at the previous time t;
Figure FDA00030667624900000224
is that
Figure FDA00030667624900000225
A zero vector of the same dimension as the control input;
Figure FDA00030667624900000226
is that
Figure FDA00030667624900000227
Zero vectors of the same dimension as the control output;
Figure FDA00030667624900000233
is a given convex set;
by solving the optimization problem, a prediction input for future L steps is generated
Figure FDA00030667624900000228
And predicted output
Figure FDA00030667624900000229
Packing the 0 th to the b-1 th prediction inputs in the prediction inputs into a data packet, and transmitting the data packet to a system side through an input channel, wherein b is the size of a cache space of the system side;
s6, if the sensor channel of the current system suffers from denial of service attack, the controller side cannot receive the data sent by the sensor side
Figure FDA0003066762490000031
The controller packs and sends the control input which is obtained by solving the optimization problem for the last time and corresponds to the current moment and b-1 control inputs which follow the control input to the system side;
s7, if the transmission channel from the current controller to the system is attacked by denial of service, namely the system side cannot receive the input data packet sent by the controller side, the system side sequentially uses the control input corresponding to the current moment in the data packet sent last time to control;
and S8, if the transmission channel from the current controller to the system does not receive the denial of service attack, the system side can receive the input data packet sent by the controller side, and the system side adopts the state of the current received input data packet at the moment to control.
2. The data-driven control method for responding to denial of service attack as claimed in claim 1, wherein the attack is satisfied when the system is attacked
Figure FDA0003066762490000032
While the system is capable of remaining calm, where v d And v f Is a constant number of times, and is,
Figure FDA0003066762490000033
3. the data-driven control method of coping with denial of service attack as claimed in claim 1, wherein each set of control inputs u s,q Is randomly selected from [ -1,1 [)]The intervals are randomly selected.
4. A data driven control method for responding to denial of service attacks as claimed in claim 1 wherein the total amount of data N of q sets of traces is required to satisfy
Figure FDA0003066762490000034
5. The data-driven control method for responding to denial of service attack as set forth in claim 1, wherein in S2, a matrix is calculated
Figure FDA0003066762490000035
If the matrix is row full, the matrix is retained, otherwise the above S1 is repeated until the mosaic matrix is a row full matrix.
6. The data-driven control method for responding to the denial of service attack as set forth in claim 1, wherein in S6, if the control input corresponding to the current time and its subsequent b-1 control inputs are not enough b data to be transmitted, the remaining data positions are filled with data "0".
7. The data-driven control method for responding to a denial of service attack as set forth in claim 1, wherein in S7, if there is not enough control input currently, the control is performed with data "0".
CN202110528039.0A 2021-05-14 2021-05-14 Data driving control method for coping with denial of service attack Active CN113325755B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110528039.0A CN113325755B (en) 2021-05-14 2021-05-14 Data driving control method for coping with denial of service attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110528039.0A CN113325755B (en) 2021-05-14 2021-05-14 Data driving control method for coping with denial of service attack

Publications (2)

Publication Number Publication Date
CN113325755A CN113325755A (en) 2021-08-31
CN113325755B true CN113325755B (en) 2022-10-21

Family

ID=77415608

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110528039.0A Active CN113325755B (en) 2021-05-14 2021-05-14 Data driving control method for coping with denial of service attack

Country Status (1)

Country Link
CN (1) CN113325755B (en)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107395596B (en) * 2017-07-24 2018-05-18 南京邮电大学 A kind of refusal service attack defending method based on redundant manipulator switching
CN107872449B (en) * 2017-09-21 2020-04-21 南京邮电大学 Denial of service attack defense method based on predictive control
CN112099356B (en) * 2020-09-18 2021-07-27 河南农业大学 Design method of event-driven SDOFQH controller under DoS attack

Also Published As

Publication number Publication date
CN113325755A (en) 2021-08-31

Similar Documents

Publication Publication Date Title
CN110213115B (en) Security control method of event-driven network control system under multi-network attack
CN109375514B (en) Design method of optimal tracking controller in presence of false data injection attack
US20140222740A1 (en) Consolidating multiple neurosynaptic cores into one memory
CN113009825B (en) Deception-attacked nonlinear networked system state estimation method
CN112995154A (en) Complex network synchronization control method under aperiodic DoS attack
Wang et al. Novel attack‐defense framework for nonlinear complex networks: An important‐data‐based method
CN112286051A (en) Neural network quantitative control method based on adaptive event trigger mechanism under complex network attack
Al-Mahbashi et al. Projective lag synchronization in drive-response dynamical networks
Tan et al. Distributed hybrid-triggered H∞ filter design for sensor networked systems with output saturations
CN113325755B (en) Data driving control method for coping with denial of service attack
CN108037659A (en) Based on event driven time-varying coupling complex dynamic network synchronous method
CN114615143A (en) Elastic distributed safety monitoring method under multi-sensor-observation network
CN114967460A (en) Distributed cooperative control method of time-lag nonlinear multi-agent system
Ma et al. Security control for two-time-scale cyber physical systems with multiple transmission channels under DoS attacks: The input-to-state stability
Wen et al. Adaptive event‐triggered dissipative filter design for semi‐Markov jump systems under hybrid network attacks
Basiri et al. Security‐aware optimal actuator placement in vehicle platooning
Chen et al. Event-triggered generalized dissipative filtering for delayed neural networks under aperiodic DoS jamming attacks
CN112327632A (en) Multi-agent system tracking control method for false data injection attack
Shi et al. Flocking control for Cucker–Smale model under denial‐of‐service attacks
Li et al. Observer‐based security control for distributed cyber‐physical systems under replay attacks
CN114895710A (en) Control method and system for autonomous behavior of unmanned aerial vehicle cluster
Mao et al. Security sliding mode control for networked control system under multi‐channel Markovian hybrid cyber‐attacks
Liu et al. Observability Analysis of Networked Control Systems Under DoS Attacks
CN108964969B (en) High-speed railway signal system flow prediction method based on hybrid neural network and AR model
Cui et al. Exponential stability of delayed nonlinear systems with state-dependent delayed impulses and its application in delayed neural networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant