CN114995158A - Self-adaptive sampling switching control method of complex circuit network system under DoS attack - Google Patents

Self-adaptive sampling switching control method of complex circuit network system under DoS attack Download PDF

Info

Publication number
CN114995158A
CN114995158A CN202210759316.3A CN202210759316A CN114995158A CN 114995158 A CN114995158 A CN 114995158A CN 202210759316 A CN202210759316 A CN 202210759316A CN 114995158 A CN114995158 A CN 114995158A
Authority
CN
China
Prior art keywords
dos attack
attack
controller
sampling
network system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210759316.3A
Other languages
Chinese (zh)
Other versions
CN114995158B (en
Inventor
张瑞梅
曾德强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan University
Original Assignee
Sichuan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan University filed Critical Sichuan University
Priority to CN202210759316.3A priority Critical patent/CN114995158B/en
Publication of CN114995158A publication Critical patent/CN114995158A/en
Application granted granted Critical
Publication of CN114995158B publication Critical patent/CN114995158B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B13/00Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion
    • G05B13/02Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric
    • G05B13/04Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric involving the use of models or simulators
    • G05B13/042Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric involving the use of models or simulators in which a parameter or coefficient is automatically adjusted to optimise the performance
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a self-adaptive sampling switching control method of a complex circuit network system under DoS attack, wherein a sensor samples the complex circuit network system in a period T, and a transmitter transmits a data packet consisting of an error sampling state and a sampling point sequence to a communication network; when a data packet arrives at the buffer, the buffer immediately generates a first control signal, the comparator captures DoS attack key information according to the data packet and a time point sequence, and the intelligent logic processor sends different signals to the controller according to the DoS attack key information; the controller controls the switching control gain parameter according to the signal sent by the intelligent logic processor, and the signal is fed back to the complex circuit network system through the zero-order retainer and the actuator, so that the complex circuit network system is driven. The invention combines the intelligent logic processor and the self-adaptive sampling switching control mechanism, adopts different controllers aiming at different DoS attack situations, and effectively enhances the robustness of the system against the DoS attack.

Description

Self-adaptive sampling switching control method of complex circuit network system under DoS attack
Technical Field
The invention relates to the technical field of circuit system safety control, in particular to a self-adaptive sampling switching control method of a complex circuit network system under DoS attack.
Background
With the rapid development of networking and informatization, the complex circuit network system brings wealth and convenience to people and also increasingly highlights the safety problem. The complex circuit network system is a complex system formed by a plurality of circuit systems connected through a network. The interior of each circuit system is an organic whole formed by a sensor, a controller, an actuator, a network and the like, and the circuit systems are in information interaction through the network. Due to the high openness and sharing of the network, the network is easy to attack. The frequency of global cyber attack events has led to an increasing awareness of the importance of network security in recent years. Since the network security control can effectively resist various network attacks, the security control of the complex circuit network system becomes a key point of research. For a complex circuit network system, most of the current control methods are mainly designed based on continuous feedback information. In continuous feedback control, information of the state variables needs to be continuously transmitted to the controller and fed back to the system. This continuous feedback control mode is somewhat wasteful of computational and network communication resources. Compared with a continuous feedback control method, sampling control only needs to transmit signals at sampling points to a controller, so that the information transmission quantity can be greatly reduced, and network communication resources are effectively saved. At present, the sampling control of a complex circuit network system becomes a research focus. DoS attacks, a common type of network attacks, can seriously affect the synchronization performance and security of complex circuit network systems. Therefore, it is far-reaching to explore the safety sampling control of the complex circuit network system under the DoS attack, but at present, the related research is lacked. In addition, in order to effectively resist the influence of DoS attacks on the performance of the network system, the document "flexible control design of a type of networked control system based on a sampling model under DoS attacks", IEEE control journal, 2020 and 8 months "proposes a flexible security sampling control method under a sampling mode. In the method, in order to capture DoS attack information, an author embeds a logic processor in a sampling controller design, and the method is successfully applied to solve the problem of consistency of a multi-agent system under DoS attack. However, the method has three disadvantages: (1) the designed logic processor can not fully capture the key information of DoS attack, such as the total number of attacked sampling points and attack initiation time; (2) neglecting the relationship among the DoS attack frequency, the DoS attack dwell, the sampling period and the maximum dwell time; (3) the same control gain is used at all times regardless of whether DoS attack occurs, which may result in poor control robustness to some extent.
Disclosure of Invention
The invention aims to provide a self-adaptive sampling switching control method of a complex circuit network system under DoS attack, which is used for solving the problems that the key information of the DoS attack cannot be fully captured, the relation between the DoS attack frequency, the DoS attack dwell, the sampling period and the maximum dwell time is ignored and the control robustness is poor when the elastic safety sampling control method in the prior art resists the influence of the DoS attack on the network system performance.
The invention solves the problems through the following technical scheme:
a self-adaptive sampling switching control method of a complex circuit network system under DoS attack comprises the following steps:
s100, sampling a complex circuit network system by a sensor in a period T to obtain an error sampling state and a sampling point sequence of the circuit system;
the sensor samples the complex circuit network system with a period T to obtain a sampling point s of the ith circuit system l Error sampling state eta of i (s l ) And the sequence of sampling points S ═ S { (S) } 0 ,s 1 ,…,s l ,…,s L In which s is 0 =0,s l =lT,s l For the sampling time, L is the sampling number, L is 0,1,2, … …, L; 1,2, 3, … …, m; m is the number of circuit systems;
step S200, a data packet formed by the error sampling state and the sampling point sequence is sent to a communication network by a sender; i.e. data packet(s) li (s l ) ) is sampled by error i (s l ) And the sequence of sampling points S ═ S { (S) } 0 ,s 1 ,…,s l ,…,s L };
Step S300, when the data packet arrives at a buffer of the intelligent logic processor, a first control signal is immediately generated when the data of the buffer is updated, and the first control signal is used for realizing the safety synchronous control of the system; when the intelligent logic processor sends data packet to the controllerPunctuation sequence
Figure BDA0003723681520000021
A comparator of the intelligent logic processor captures the DoS attack key information according to the data packet and the time point sequence, and the intelligent logic processor sends different signals to the controller according to the DoS attack key information;
and S400, controlling a switching control gain parameter according to a signal sent by the intelligent logic processor by the controller, generating a second control signal according to the signal sent by the intelligent logic processor and the control gain, converting the discretely sampled second control signal into a continuous signal by using a zero-order retainer, and feeding back the continuous signal to the complex circuit network system through the actuator so as to drive the complex circuit network system.
Capturing DoS attack key information specifically includes:
initializing sampling instants
Figure BDA0003723681520000031
Number of occurrences of DoS attack N 0 0, total attack dwell time D after detection 0 0, maximum residence time h M T, first key parameter σ 1 1 and a second critical parameter σ 2 0, wherein,
Figure BDA00037236815200000315
first key parameter σ 1 And a second critical parameter σ 2 For the controller to adaptively adjust the control input;
let system error state eta (t) be [ eta ] 1 T (t),η 2 T (t),…,η i T (t),…] T Wherein η i T (t) is the error state of the ith circuitry;
for a given initial value and
Figure BDA0003723681520000032
the comparator first determines the packet
Figure BDA0003723681520000033
Whether it arrives in the buffer, if so, will
Figure BDA0003723681520000034
Assigning to a current time t of a sequence of time points l Sending a signal (σ) 12 ) ═ 1,0 and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure BDA0003723681520000035
If not, an alarm is triggered, i.e. a data packet
Figure BDA0003723681520000036
Has suffered a DoS attack at the moment
Figure BDA0003723681520000037
Initiating a moment for an attack; updating DoS attack occurrence number N 0 =N 0 +1, transmission signal (σ) 12 ) To the controller and waits for a sample packet (t) l ,η(t l ) Arrives in the buffer if the packet (t) l ,η(t l ) When the cache is reached, the attack is ended and the update is performed
Figure BDA0003723681520000038
Wherein
Figure BDA0003723681520000039
Indicating the duration of the attack after detection,
Figure BDA00037236815200000310
is the detected time point;
the comparator judges the maximum residence time h M And
Figure BDA00037236815200000311
if h is greater than M Is less than
Figure BDA00037236815200000312
Then update
Figure BDA00037236815200000313
Transmission signal (sigma) 12 ) ═ 1,0 and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure BDA00037236815200000314
Namely acquiring the key information of the DoS attack: attack launch time
Figure BDA0003723681520000041
Total number of attacks N 0 Total duration of attack stay D 0 The number of samples attacked and the maximum dwell time h M
The controller controls the switching control gain according to the signal sent by the intelligent logic processor, and generates a second control signal according to the signal sent by the intelligent logic processor and the control gain, specifically:
if the interval [ t l ,t l+1 ) If the DoS attack is not sustained, then there is t l+1 =t l + T; the controller is then:
u i (t)=-k 1i η i (t l ),t∈[t l ,t l +T),i=1,2,…m
wherein m is the number of circuit systems; u. of i (t) is the control input of the ith circuitry, k 1i Is a controller u i (t) a control gain; eta i (t l ) For the ith circuit system at time t l The error state of (2);
if the interval [ t l ,t l+1 ) When DoS attacks are encountered, there is t l +T<t l+1 ≤t l +h M (ii) a The controller is then:
u i (t)=-σ 1 (t)k 1i η i (t l )-σ 2 (t)k 2i η i (t l ),i=1,2,…m
wherein
Figure BDA0003723681520000042
σ 1 (t)、σ 2 The values of (t) are respectively the first key parameter sigma output by the intelligent logic processor 1 Second key parameter σ 2 Is determined by the value of (a) 1i 、k 2i Is the control gain.
Compared with the prior art, the invention has the following advantages and beneficial effects:
(1) the invention combines the intelligent logic processor and the sampling control mechanism, adopts the self-adaptive sampling switching control method, adopts different controllers aiming at different DoS attack situations, and can effectively enhance the robustness of the system against the DoS attack on the premise of ensuring the safety performance of a complex circuit network system.
(2) The invention designs an alarm in the intelligent logic processor, which can automatically detect the time when the system is attacked; the total number of the attacked sampling points is obtained through the intelligent logic processor, and the relationship among the DoS attack frequency, the DoS attack dwell, the sampling period and the maximum dwell time can be established.
(3) The invention adaptively selects and controls the gain aiming at different attack situations, thereby effectively enhancing the robustness of the system against the DoS attack.
Drawings
FIG. 1 is a schematic diagram of a Chua circuit system;
FIG. 2 is a schematic diagram of a Chua circuit system;
FIG. 3 is a diagram of a topology for communication between circuitry;
FIG. 4 is a control flow chart of a complex circuit network system under DoS attack;
FIG. 5 is a flow chart of the logical operation of the comparator of the present invention;
FIG. 6 is a flow chart of a prior art comparator;
FIG. 7 is a sequence diagram of a DoS attack;
FIG. 8 is a node trace diagram of a complex circuit network system;
FIG. 9 is a synchronization error map;
FIG. 10 is a diagram of an adaptive sampling switch controller.
Detailed Description
The present invention will be described in further detail with reference to examples, but the embodiments of the present invention are not limited thereto.
Example (b):
a self-adaptive sampling switching control method of a complex circuit network system under DoS attack comprises the following steps:
1. setting system parameters: taking the circuit system as a Chua circuit as an example, the Chua circuit is shown in figure 1, wherein R, R 1 Is a resistance, C 1 ,C 2 Is a capacitance, L is an inductance; v 1 ,V 2 Are respectively a capacitance C 1 ,C 2 Voltage across, i 1 ,i R Respectively, the current flowing through the inductor L and the resistor R; g is a nonlinear resistance;
2. according to kirchhoff's current law, the dynamic characteristics of the circuit system are as follows:
Figure BDA0003723681520000061
wherein g (V) 2 ) The current flowing through the nonlinear resistor g is defined as:
Figure BDA0003723681520000062
wherein G a ,G b And E is the diode parameter.
By substitution of variables
Figure BDA0003723681520000063
(1) Can be changed into the following forms
Figure BDA0003723681520000064
Wherein
Figure BDA0003723681520000065
m 1 =RG b ,m 2 =RG a
Figure BDA0003723681520000066
Here, take γ 1 =-1.3018,γ 2 =-0.0135,γ 3 =-0.0297,m 1 =-0.5700,m 2 0.1091. At an initial value of [0.9, -1.1,0.05] T Next, the state trace diagram of the circuit system is shown in fig. 2, and it can be seen from fig. 2 that the system exhibits chaotic behavior.
3. Describing a network communication connection topological structure of a multi-circuit system: taking the communication connection topology of 5 circuit systems as an example, as shown in fig. 3, each circuit system and the target system are all Chua circuit systems. Setting a communication connection factor b ij If information of the j (j) th circuit system can be transferred to the i (i) th circuit system (1, 2, …,5), b ij > 0, otherwise b ij 0. Let b 12 =0.57,b 21 =6.65,b 45 =5.5,b 54 If 0.6, the Laplacian matrix L, the weighted adjacency matrix B, and the degree matrix D of the topology are:
Figure BDA0003723681520000071
D=diag{0.57,6.65,0,5.5,0.6}。
4. let the state variables of the circuit system and the target system be theta i (t) (i ═ 1,2, … 5) and iota (t), the error state is η i (t)=θ i (t) -iota (t) (i ═ 1,2, … 5). Fig. 4 shows a control flow chart of a complex circuit network system under DoS attack. In FIG. 4,. eta. i (T) (i ═ 1,2, … 5) is first sampled by the sensor at period T, with the sequence of sampling points S ═ S 0 ,s 1 ,…,s l … } in which s 0 =0,s l lT. Then from the sampling point s l And a sampling state η i (s l ) (i-1, 2, …,5) packet(s) li (s l ) Is sent to the communication network by the transmitter and is fed back to the complex circuit network system through the controller, the zero-order keeper and the actuator. If from the sensor to the controllerThe channel is subjected to DoS attack, then the data packet(s) li (s l ) Does not reach the controller. In order to analyze the influence of DoS attack, the invention designs a new intelligent logic processor. The intelligent logic processor is composed of a buffer and a comparator. The buffer is used for storing the latest sampling packet. When the data in the buffer is updated, the updated data is immediately used for generating a control signal to realize the safety synchronous control performance of the system, and the time point sequence of the data packets received by the controller is set as
Figure BDA0003723681520000072
The comparator captures DoS attack information by performing some logical operations, as shown in fig. 5, setting initial parameters,
Figure BDA0003723681520000073
is the sampling time and
Figure BDA0003723681520000074
N 0 representing the number of occurrences of a DoS attack, D 0 Represents the total duration of attack residency after detection, h M Indicating the maximum dwell time. Sigma 12 Is a key parameter of the controller for adaptive adjustment of the control input. And assigning an initial value
Figure BDA0003723681520000075
N 0 =0,D 0 =0,h M =T,σ 1 =1,σ 2 =0。
Let eta (t) equal to [ eta 1 T (t),η 2 T (t),…,η 5 T (t)] T . For a given initial value and
Figure BDA0003723681520000076
the comparator will first determine the data packet
Figure BDA0003723681520000077
Whether or not to reach the buffer. If so, the device will
Figure BDA0003723681520000078
Is assigned to t l Sending a signal (σ) 12 ) (1,0) and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure BDA0003723681520000079
If not, an alarm is triggered indicating a data packet
Figure BDA00037236815200000710
Has suffered a DoS attack at the moment
Figure BDA00037236815200000711
The moment of attack launch. At this time, the number N of occurrences of DoS attack is updated 0 =N 0 +1, transmission signal (σ) 12 ) (0,1) to the controller and waits for a sample packet (t) l ,η(t l ) ) arrives at the buffer. If data packet (t) l ,η(t l ) When the cache is reached, the attack is ended and the update is performed
Figure BDA0003723681520000081
Wherein
Figure BDA0003723681520000082
Indicating the duration of the attack after detection,
Figure BDA0003723681520000083
is the detected time point. The comparator will then further determine the maximum dwell time h M And
Figure BDA0003723681520000084
if h is M Is less than
Figure BDA0003723681520000085
Then update
Figure BDA0003723681520000086
Transmission signal (sigma) 12 ) ═ 1,0 and packet (t) l ,η(t l ) To the controller and will t l Assign to
Figure BDA0003723681520000087
Through the comparator, the DoS attack key information including attack initiation time, total attack times, total attack residence time, the number of attacked samples and maximum residence time can be obtained.
Since the energy of an attacker is usually limited, in this case, the DoS attack frequency and DoS attack dwell satisfy certain constraints. To better understand DoS attacks, the links between the insides of the key information of DoS attacks are revealed, for a given time interval t 0 And t), defining D (t) as the total residence time of all the detected DoS attacks, and N (t) as the total times of the attacks, and according to the operation principle of the intelligent logic processor, establishing the following relations among the DoS attack frequency, the DoS attack residence domain, the sampling period and the maximum residence time:
Figure BDA0003723681520000088
Figure BDA0003723681520000089
wherein: t is an element of [ t ] l ,t l+1 ),
Figure BDA00037236815200000810
Figure BDA00037236815200000811
Then the
Figure BDA00037236815200000812
Is the total number of samples that are attacked,
Figure BDA00037236815200000813
meaning that the rounding is done down,
Figure BDA00037236815200000814
represents t j Left limit of (d), h l =t l+1 -t l ∈(T,h M ]。
And (3) proving that: for t e [ t ∈ l ,t l+1 ) L is 0,1,2
Figure BDA0003723681520000091
Figure BDA0003723681520000092
It is noted that if
Figure BDA0003723681520000093
Then
Figure BDA0003723681520000094
According to the conclusion there are
Figure BDA0003723681520000095
From the formula (4), a
Figure BDA0003723681520000096
The expressions (2) and (3) are satisfied by the expressions (4) and (5).
FIG. 6 is a flow chart of a comparator in the prior art, wherein d k 、h m 、h M 、n 0 、T m Δ and
Figure BDA0003723681520000097
respectively representing the time of successfully receiving the data packet by the logic processor, the minimum attack dwell time, the maximum attack dwell time,Total number of attacks, attack dwell (sum of attack dwell times), time interval between two adjacent successfully transmitted packets, and the time of successfully received packets by the logical processor within a specified time. If the time interval delta between two adjacent successfully transmitted data packets is not greater than the sampling period T 0 Then d will be k Assign to
Figure BDA0003723681520000098
If the time interval delta between two adjacent successfully transmitted data packets is greater than the sampling period T 0 Then T will be m +Δ-T 0 Is assigned to T m Update n 0 =n 0 + 1; and further judging whether the time interval delta between the current two adjacent successfully transmitted data packets is greater than h M . If so, assign Δ to h M If not, whether or not further Delta is less than or equal to h m If so, will Δ -T 0 Is assigned to h m If not, d k Is assigned to
Figure BDA0003723681520000099
Compared with the comparator in the prior art, the comparator designed by the invention has the following advantages: firstly, an alarm is installed in the operation process, and the alarm can automatically detect the time when the system is attacked by the DoS; 2, obtaining total number of attacked sampling points
Figure BDA0003723681520000101
Thirdly, the DoS attack frequency N (T), the DoS attack residence domain D (T), the sampling period T and the maximum residence time h can be established M The relationship between
Figure BDA0003723681520000102
And fourthly, feeding back different control parameters according to different attack situations.
5. Design of the adaptive sampling switching controller. The controller is closely cooperated with the intelligent logic processor, when the intelligent logic processor receives a sampling data packet, the controller immediately uses the sampling data packet to generate a control signal, and then the discrete sampling control signal is converted into a continuous signal by using the zero-order retainer and then fed back to the system through the actuator, thereby driving the complex circuit network system. The adaptive sampling switching control protocol in the controller is designed as follows:
case i: if the interval [ t l ,t l+1 ) If the DoS attack is not sustained, then there is t l+1 =t l +T;
Case ii: if the interval [ t l ,t l+1 ) When DoS attacks are encountered, there is t l +T<t l+1 ≤t l +h M
For case i, the following sampling controller is designed
u i (t)=-k 1i η i (t l ),t∈[t l ,t l +T),i=1,2,…5 (6)
Wherein u is i (t) is the control input of the ith circuitry, k 1i Is a controller u i (t) control gain.
For case ii, the following sampling controller is designed
u i (t)=-σ 1 (t)k 1i η i (t l )-σ 2 (t)k 2i η i (t l ),i=1,2,…5 (7)
Wherein
Figure BDA0003723681520000103
σ 1 (t)、σ 2 (t) is the value of σ output by the logic processor 1 、σ 2 Is determined by the value of (a) 1i 、k 2i (i ═ 1,2, …,5) is the control gain.
The prior art controller has a fixed and constant control gain regardless of whether a DoS attack has occurred. The invention designs the self-adaptive sampling switching control protocol according to different attack situations, namely formulas (6) and (7). In this protocol, for an arbitrary interval [ t ] l ,t l+1 ) According to different attack situations, on the premise of ensuring the safety synchronization performance of the complex circuit network system, different control gains k 1i 、k 2i (i ═ 1,2, …,5) will be selected. If in the interval [ t l ,t l+1 ) If DoS attack does not occur, the control gain k is adopted 1i . If in the interval [ t l ,t l+1 ) The DoS attack occurs, the data packet (t) l +T,η i (t l + T)) will not reach the register and the logical processor will immediately issue an alarm. In this case, at t ∈ [ t ] l ,t l + T), using control gain k 1i (ii) a At t ∈ [ t ] l +T,t l+1 ) While adopting a control gain k 2i 。k 1i And k 2i The adaptive switching selection is output by the logic processor 1 And σ 2 Is determined. Compared with the control method in the prior art, the self-adaptive sampling switching control method provided by the invention is more flexible, and can effectively enhance the robustness of the system against the DoS attack.
To verify the effectiveness of the present invention and the advantages of the method, the following simulation experiments were performed. Consider that the sensor-to-controller channel of the above complex circuit network system is subject to a DoS attack, the attack sequence of which is shown in fig. 7. According to the knowledge of graph theory, when nodes 1, 3 and 5 are contained, the graph 3 has a spanning tree. Under the DoS attack as shown in FIG. 7, the control gain is taken
k 11 =10.1742,k 12 =0,k 13 =7.9494,k 14 =0,k 15 =12.9165,
k 21 =4.9895,k 22 =0,k 23 =4.4786,k 24 =0,k 25 =5.0785。
Under the control of the adaptive sampling switching control protocol, equations (6) and (7), the node trajectory diagram, the synchronization error trajectory diagram and the adaptive sampling switching controller diagram of the complex circuit network system are respectively shown in fig. 8, fig. 9 and fig. 10. From fig. 8, it can be found that the state trajectories of all nodes reach synchronization, and from fig. 9, it can be found that the synchronization error tends to 0, thereby verifying that the adaptive sampling switching control method designed by the present invention can effectively resist DoS attack influence, and ensuring the safety synchronization performance of a complex circuit network system.
Under the same system parameters, the maximum attack can be obtained by the fixed control gain method in the prior artResidence time h M The maximum attack residence time h can be obtained by the self-adaptive sampling switching control method designed by the invention as 0.18 M 0.24. The larger the upper bound of attack residence time is, the stronger the robustness of the designed control method is. Therefore, the control method has stronger DoS attack resisting capability, thereby enhancing the robustness of the complex circuit network system against the DoS attack.
Although the present invention has been described herein with reference to the illustrated embodiments thereof, which are intended to be preferred embodiments of the present invention, it is to be understood that the invention is not limited thereto, and that numerous other modifications and embodiments can be devised by those skilled in the art that will fall within the spirit and scope of the principles of this disclosure.

Claims (3)

1. A self-adaptive sampling switching control method of a complex circuit network system under DoS attack is characterized by comprising the following steps:
s100, sampling a complex circuit network system by a sensor in a period T to obtain an error sampling state and a sampling point sequence of the circuit system;
step S200, a data packet formed by the error sampling state and the sampling point sequence is sent to a communication network by a sender;
step S300, when the data packet arrives at a buffer of the intelligent logic processor, a first control signal is immediately generated when the data of the buffer is updated, and the first control signal is used for realizing the safety synchronous control of the system; time point sequence for sending data packet to controller by intelligent logic processor
Figure FDA0003723681510000011
Sampling point sequences; a comparator of the intelligent logic processor captures the key information of the DoS attack according to the data packet and the time point sequence, and the intelligent logic processor sends different signals to the controller according to the key information of the DoS attack;
and S400, determining a key parameter of switching control gain by the controller according to a signal sent by the intelligent logic processor, generating a second control signal according to the signal sent by the intelligent logic processor and the control gain, converting the discretely sampled second control signal into a continuous signal by using a zero-order retainer, and feeding back the continuous signal to the complex circuit network system through the actuator so as to drive the complex circuit network system.
2. The method for controlling adaptive sampling switching of a complex circuit network system under DoS attack as claimed in claim 1, wherein capturing the DoS attack key information specifically includes:
initializing sampling instants
Figure FDA0003723681510000012
Number of occurrences of DoS attack N 0 0, total attack dwell time D after detection 0 0, maximum dwell time h M T, first key parameter σ 1 1 and a second critical parameter σ 2 0, wherein,
Figure FDA0003723681510000013
first key parameter σ 1 And a second critical parameter σ 2 For the controller to adaptively adjust the control input;
let system error state eta (t) be [ eta ] 1 T (t),η 2 T (t),…,η i T (t),…] T Wherein η i T (t) is the error state of the ith circuitry;
for a given initial value sum
Figure FDA0003723681510000021
The comparator first judges the data packet
Figure FDA0003723681510000022
Whether it arrives in the buffer, if so, will
Figure FDA0003723681510000023
Assigning values to sequences of time pointsCurrent point in time t l Sending a signal (σ) 12 ) (1,0) and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure FDA0003723681510000024
If not, an alarm is triggered, i.e. a data packet
Figure FDA0003723681510000025
Has suffered a DoS attack at the moment
Figure FDA0003723681510000026
Initiating a moment for an attack; updating DoS attack occurrence number N 0 =N 0 +1, transmission signal (σ) 12 ) (0,1) to the controller and waits for a sample packet (t) l ,η(t l ) If the packet (t) arrives in the buffer l ,η(t l ) When the cache is reached, the attack is ended and the update is performed
Figure FDA0003723681510000027
Wherein
Figure FDA0003723681510000028
Indicating the duration of the attack after detection,
Figure FDA0003723681510000029
is the detected time point;
the comparator judges the maximum residence time h M And
Figure FDA00037236815100000210
if h is M Is less than
Figure FDA00037236815100000211
Then update
Figure FDA00037236815100000212
Transmission signal (sigma) 12 ) ═ 1,0 and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure FDA00037236815100000213
Namely acquiring the key information of the DoS attack: attack launch time
Figure FDA00037236815100000214
Total number of attacks N 0 Total duration of attack stay D 0 The number of samples attacked and the maximum dwell time h M
3. The adaptive sampling switching control method for the complex circuit network system under DoS attack as recited in claim 2, wherein the controller controls the switching control gain parameter according to the signal sent by the intelligent logic processor, and the generating of the second control signal according to the signal sent by the intelligent logic processor and the control gain specifically comprises:
if the interval [ t l ,t l+1 ) If the DoS attack is not sustained, then there is t l+1 =t l + T; the controller is then:
u i (t)=-k 1i η i (t l ),t∈[t l ,t l +T),i=1,2,…m
wherein m is the number of circuit systems; u. of i (t) is the control input of the ith circuitry, k 1i Is a controller u i (t) a control gain; eta i (t l ) At time t for the ith circuitry l The error state of (2);
if the interval [ t l ,t l+1 ) When DoS attacks are encountered, there is t l +T<t l+1 ≤t l +h M (ii) a The controller is then:
u i (t)=-σ 1 (t)k 1i η i (t l )-σ 2 (t)k 2i η i (t l ),i=1,2,…m
wherein
Figure FDA0003723681510000031
σ 1 (t)、σ 2 The values of (t) are respectively the first key parameter sigma output by the intelligent logic processor 1 Second key parameter σ 2 Of a value of (c) determined 1i 、k 2i Is the control gain.
CN202210759316.3A 2022-06-30 2022-06-30 Self-adaptive sampling switching control method of complex circuit network system under DoS attack Active CN114995158B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210759316.3A CN114995158B (en) 2022-06-30 2022-06-30 Self-adaptive sampling switching control method of complex circuit network system under DoS attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210759316.3A CN114995158B (en) 2022-06-30 2022-06-30 Self-adaptive sampling switching control method of complex circuit network system under DoS attack

Publications (2)

Publication Number Publication Date
CN114995158A true CN114995158A (en) 2022-09-02
CN114995158B CN114995158B (en) 2023-01-24

Family

ID=83020019

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210759316.3A Active CN114995158B (en) 2022-06-30 2022-06-30 Self-adaptive sampling switching control method of complex circuit network system under DoS attack

Country Status (1)

Country Link
CN (1) CN114995158B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116073982A (en) * 2023-02-07 2023-05-05 中国人民解放军陆军工程大学 Secret communication method and system for resisting DoS attack in limited time

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108258681A (en) * 2018-01-11 2018-07-06 南京邮电大学 The security incident trigger control method of LOAD FREQUENCY control system under a kind of DoS attack
CN109672177A (en) * 2019-01-18 2019-04-23 南京邮电大学 LOAD FREQUENCY quantization control method based on event trigger mechanism under a kind of DoS attack
CN110213115A (en) * 2019-06-25 2019-09-06 南京财经大学 A kind of Multi net voting attacks the method for controlling security of lower event-driven network control system
CN112068441A (en) * 2020-09-18 2020-12-11 河南农业大学 Collaborative design method for security event driver and SDOFR controller
CN112099356A (en) * 2020-09-18 2020-12-18 河南农业大学 Design method of event-driven SDOFQH controller under DoS attack
CN112859607A (en) * 2021-01-13 2021-05-28 河南农业大学 Collaborative design method for distributed security event driver and SDOFD controller
US20210243224A1 (en) * 2020-02-05 2021-08-05 King Fahd University Of Petroleum And Minerals Control of cyber physical systems subject to cyber and physical attacks
CN113467332A (en) * 2021-07-28 2021-10-01 南京市初仁智能科技有限公司 Design method of event trigger controller of information physical system under denial of service attack
CN113625684A (en) * 2021-07-26 2021-11-09 云境商务智能研究院南京有限公司 Tracking controller and method based on event trigger mechanism under hybrid network attack
CN114326398A (en) * 2021-12-27 2022-04-12 华中科技大学 Control method and control system of linear switching system with unstable mode
CN114489025A (en) * 2022-02-14 2022-05-13 上海交通大学宁波人工智能研究院 Model-driven industrial control system safety protection method

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108258681A (en) * 2018-01-11 2018-07-06 南京邮电大学 The security incident trigger control method of LOAD FREQUENCY control system under a kind of DoS attack
CN109672177A (en) * 2019-01-18 2019-04-23 南京邮电大学 LOAD FREQUENCY quantization control method based on event trigger mechanism under a kind of DoS attack
CN110213115A (en) * 2019-06-25 2019-09-06 南京财经大学 A kind of Multi net voting attacks the method for controlling security of lower event-driven network control system
US20210243224A1 (en) * 2020-02-05 2021-08-05 King Fahd University Of Petroleum And Minerals Control of cyber physical systems subject to cyber and physical attacks
CN112068441A (en) * 2020-09-18 2020-12-11 河南农业大学 Collaborative design method for security event driver and SDOFR controller
CN112099356A (en) * 2020-09-18 2020-12-18 河南农业大学 Design method of event-driven SDOFQH controller under DoS attack
CN112859607A (en) * 2021-01-13 2021-05-28 河南农业大学 Collaborative design method for distributed security event driver and SDOFD controller
CN113625684A (en) * 2021-07-26 2021-11-09 云境商务智能研究院南京有限公司 Tracking controller and method based on event trigger mechanism under hybrid network attack
CN113467332A (en) * 2021-07-28 2021-10-01 南京市初仁智能科技有限公司 Design method of event trigger controller of information physical system under denial of service attack
CN114326398A (en) * 2021-12-27 2022-04-12 华中科技大学 Control method and control system of linear switching system with unstable mode
CN114489025A (en) * 2022-02-14 2022-05-13 上海交通大学宁波人工智能研究院 Model-driven industrial control system safety protection method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ZHANG RUIMEI,ET AL.: "Fuzzy Secure Control for Nonlinear N-D Parabolic PDE-ODE Coupled Systems Under Stochastic Deception Attacks", 《IEEE》 *
ZHANG XIANMING,ET AL.: "Resilient Control Design Based on a Sampled-Data Model for a Class of Networked Control Systems Under Denial-of-Service Attacks", 《IEEE TRANSACTIONS ON CYBERNETICS》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116073982A (en) * 2023-02-07 2023-05-05 中国人民解放军陆军工程大学 Secret communication method and system for resisting DoS attack in limited time
CN116073982B (en) * 2023-02-07 2024-01-19 中国人民解放军陆军工程大学 Secret communication method and system for resisting DoS attack in limited time

Also Published As

Publication number Publication date
CN114995158B (en) 2023-01-24

Similar Documents

Publication Publication Date Title
Li et al. Detection and defense of DDoS attack–based on deep learning in OpenFlow‐based SDN
Wen et al. Synchronization of switched neural networks with communication delays via the event-triggered control
CN109902709B (en) Method for generating malicious sample of industrial control system based on counterstudy
Hu et al. Event-based filtering for time-varying nonlinear systems subject to multiple missing measurements with uncertain missing probabilities
CN106657107B (en) Adaptive starting ddos defense method and system based on trust value in SDN
CN107483512B (en) SDN controller DDoS detection and defense method based on time characteristics
CN114995158B (en) Self-adaptive sampling switching control method of complex circuit network system under DoS attack
Tang et al. Modeling the vulnerability of feedback-control based internet services to low-rate DoS attacks
Li et al. A comparative simulation study of TCP/AQM systems for evaluating the potential of neuron-based AQM schemes
CN113452676A (en) Detector allocation method and Internet of things detection system
Sun et al. Event-triggered H∞ filtering for cyber–physical systems against DoS attacks
Xie et al. Hybrid event-triggered filtering for nonlinear Markov jump systems with stochastic cyber-attacks
CN113741198A (en) T-S fuzzy system self-adaptive event trigger state estimation method under random network attack
JP6767434B2 (en) Evaluation device and evaluation method
CN115022205A (en) Cross-network data transmission method applied to high-concurrency scene of massive terminals
Zhao et al. Resilient adaptive event‐triggered synchronization control of piecewise‐homogeneous Markov jump delayed neural networks under aperiodic DoS attacks
CN117792749A (en) Dynamic industrial control honey pot deployment method based on deep reinforcement learning
Khoshnevisan et al. Adaptive rate‐based congestion control with weighted fairness through multi‐loop gradient projection internal model controller
EP1578077A1 (en) Data transmission system and data transmission device
Arce et al. RED gateway congestion control using median queue size estimates
Shi et al. Flocking control for Cucker–Smale model under denial‐of‐service attacks
Xie et al. A dynamic anomaly detection model for web user behavior based on HsMM
Guo et al. Observer‐based event‐triggered consensus control of nonlinear cyber‐physical systems under backlash‐like hysteresis and denial‐of‐service attacks
CN110213262B (en) Full-automatic advanced escape technology detection method based on deep Q network
Zhang et al. Event-Triggered Random Delayed Impulsive Consensus of Multi-Agent Systems With Time-Varying Delay

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant