CN115186690A - KL divergence-based fault and attack detection method, system, medium, and program - Google Patents

KL divergence-based fault and attack detection method, system, medium, and program Download PDF

Info

Publication number
CN115186690A
CN115186690A CN202110369945.0A CN202110369945A CN115186690A CN 115186690 A CN115186690 A CN 115186690A CN 202110369945 A CN202110369945 A CN 202110369945A CN 115186690 A CN115186690 A CN 115186690A
Authority
CN
China
Prior art keywords
divergence
local system
kalman
attack detection
detection method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110369945.0A
Other languages
Chinese (zh)
Inventor
张晓光
任秀秀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BMW Brilliance Automotive Ltd
Original Assignee
BMW Brilliance Automotive Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BMW Brilliance Automotive Ltd filed Critical BMW Brilliance Automotive Ltd
Priority to CN202110369945.0A priority Critical patent/CN115186690A/en
Publication of CN115186690A publication Critical patent/CN115186690A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Environmental & Geological Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention discloses a fault and attack detection method, system, medium and program based on KL divergence. The method comprises the following steps: establishing a space state model for a local system: x is the number of k+1 =Ax k +Bu k +w k ,y k =Cx k +v k (ii) a Receiving output data of a local system; estimating the state of the local system by using the received data and a Kalman estimator, wherein the Kalman estimator model is as follows:
Figure DDA0003008869000000011
wherein
Figure DDA0003008869000000012
Is the kalman innovation; in the local system debugging operation phase,identifying w with assurance that local systems are fault and attack free k And v k And calculating the Kalman innovation z at that time k The covariance of (e); real-time identification w after the local system is put into operation k And v k Of (2) is calculated
Figure DDA0003008869000000013
And
Figure DDA0003008869000000014
and calculating the Kalman innovation at that time
Figure DDA0003008869000000015
Of (2) is calculated
Figure DDA0003008869000000016
And by formula
Figure DDA0003008869000000017
Figure DDA0003008869000000018
Or
Figure DDA0003008869000000019
And calculating the KL divergence, and determining that the local system is in fault or under attack when the KL divergence value is larger than a threshold value.

Description

KL divergence-based fault and attack detection method, system, medium, and program
Technical Field
The present disclosure relates to the field of communications, and in particular, to KL divergence-based fault and attack detection methods, systems, media, and programs.
Background
In a system such as a permanent magnet synchronous motor test, system faults may be caused by wear of mechanical parts of the system, failure of system parts, or malfunction of the system, which may be reflected in measurement data of the system.
Meanwhile, the risk of data interception and tampering is also faced in the data transmission process. The event that data is intercepted and tampered during transmission is generally called system attack.
The decision process of the server is influenced by the system failure and the attack.
Therefore, a method and a system for detecting whether the system is failed or attacked in time so that the server can take countermeasures in time are needed.
Disclosure of Invention
In view of the above technical problems, the present invention proposes a fault and attack detection method, system, medium, and program based on KL divergence.
According to the disclosureIn one aspect, a fault and attack detection method based on KL divergence is provided, including: establishing a space state model for a local system: x is the number of k+1 =Ax k +Bu k +w k ,y k =Cx k +v k Wherein x is k ∈R m Is the local system state, y k ∈R n For local system output, u k ∈R p For control input, w k ∈R m Is process noise, v k ∈R n To measure the output noise, A ∈ R m ×m For the local system matrix, B ∈ R m×p For the input matrix, C ∈ R n×m Is an output matrix; receiving output data of a local system; estimating the state of the local system by using the received data and a Kalman estimator, wherein the Kalman estimator model is as follows:
Figure BDA0003008868980000011
Figure BDA0003008868980000012
wherein
Figure BDA0003008868980000013
Is a one-step predictor of the state of the local system,
Figure BDA0003008868980000021
updating a value, K, for a measurement of a state of a local system k Is a Kalman gain, an
Figure BDA0003008868980000022
Is the kalman innovation; in the local system debugging operation stage, identifying w under the condition of ensuring that the local system is free from faults and attacks k And v k And calculating the Kalman innovation z at that time k The covariance of (E); real-time identification w after the local system is put into operation k And v k Covariance of
Figure BDA0003008868980000023
And
Figure BDA0003008868980000024
and calculating the Kalman innovation at that time
Figure BDA0003008868980000025
Of (2) is calculated
Figure BDA0003008868980000026
And by formula
Figure BDA0003008868980000027
Or
Figure BDA0003008868980000028
Figure BDA0003008868980000029
And calculating the KL divergence, and determining that the local system is in fault or under attack when the KL divergence value is larger than a threshold value.
According to another aspect of the present disclosure, there is provided a KL divergence-based fault and attack detection system, comprising: one or more processors; and a memory coupled to the one or more processors, the memory storing computer-readable program instructions that, when executed by the one or more processors, perform a KL divergence-based fault and attack detection method according to the present invention.
According to yet another aspect of the present disclosure, a non-transitory computer-readable medium having instructions stored thereon for execution by a processor to perform a KL divergence-based fault and attack detection method according to the present invention is provided.
According to yet another aspect of the present disclosure, a computer program product is provided, comprising a computer program which, when executed by a processor, performs the steps of KL divergence based fault and attack detection according to the present invention.
Other features of the present invention and advantages thereof will become more apparent from the following detailed description of exemplary embodiments thereof, which proceeds with reference to the accompanying drawings.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description, serve to explain the principles of the disclosure.
The present disclosure may be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings, in which:
FIG. 1 illustrates a block diagram of an exemplary computer system/server 12 suitable for use in implementing embodiments of the present invention.
FIG. 2 illustrates a KL divergence based fault and attack detection method according to an exemplary embodiment of the present invention.
Fig. 3 shows a schematic diagram of a local system according to an exemplary embodiment of the present invention.
Detailed Description
The following description is presented to enable any person skilled in the art to make and use the described embodiments, and is provided in the context of a particular system and its requirements. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments and systems without departing from the spirit or scope of the described embodiments. Thus, the described embodiments are not limited to the embodiments shown, but are to be accorded the widest scope consistent with the principles and features disclosed herein.
FIG. 1 illustrates a block diagram of an exemplary computer system/server 12 suitable for use in implementing embodiments of the present invention. The computer system/server 12 shown in FIG. 1 is only an example and should not be taken to limit the scope of use or the functionality of embodiments of the present invention in any way.
As shown in FIG. 1, computer system/server 12 is in the form of a general purpose computing device. The components of computer system/server 12 may include, but are not limited to: one or more processors or processing units 16, a system memory 28, and a bus 18 that couples various system components including the system memory 28 and the processing unit 16.
The system memory 28 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM) 30 and/or cache memory 32. The computer system/server 12 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 34 may be used to read from and write to non-removable, nonvolatile magnetic media. Although not shown in FIG. 1, a magnetic disk drive as well as an optical disk drive may also be provided. In these cases, each drive may be connected to bus 18 by one or more data media interfaces. Memory 28 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
A program/utility 40 having a set (at least one) of program modules 42 may be stored, for example, in memory 28, such program modules 42 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. Program modules 42 generally carry out the functions and/or methodologies of the described embodiments of the invention.
The computer system/server 12 may also communicate with one or more external devices 14 (e.g., keyboard, pointing device, etc.) and a display 24, and may also communicate with one or more devices that enable a user to interact with the computer system/server 12, and/or with any devices (e.g., network card, modem, etc.) that enable the computer system/server 12 to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface 22. Also, the computer system/server 12 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN) and/or a public network, such as the Internet) via the network adapter 20. As shown, network adapter 20 communicates with the other modules of computer system/server 12 via bus 18. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the computer system/server 12, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
To distinguish from KL divergence based fault and attack detection systems as claimed by the present invention, the system that needs fault or attack detection is referred to herein as the local system.
The KL divergence-based fault and attack detection method provided by the invention needs to perform state space modeling on the local system to obtain each parameter of the local system, and uses a Kalman estimator to predict the state of the local system to obtain Kalman information and covariance thereof. The fault and attack detection method based on KL divergence is described in detail below with reference to FIG. 2.
FIG. 2 illustrates a KL divergence-based fault and attack detection method 200 according to an exemplary embodiment of the present invention. The method 200 may be performed, for example, by the computer system/server 12 described in FIG. 1.
As shown in fig. 2, a state space model is built for the local system at step 201.
According to an embodiment of the invention, the state space model is:
x k+1 =Ax k +Bu k +w k ,
y k =Cx k +v k
wherein x k ∈R m Is the local system state, y k ∈R n For local system output, u k ∈R p For control input, w k ∈R m Is process noise, v k ∈R n To measure the output noise, A ∈ R m×m For the local system matrix, B ∈ R m×p For the input matrix, C ∈ R n×m Is an output matrix.
According to an embodiment of the present invention, { w } k And { v } k Modeled as mutually independent zero-mean gaussian processes, with covariances Q and R, respectively, and (a, C) is observable,
Figure BDA0003008868980000051
is stable, (A, B) isAnd (4) controlling.
In step 202, output data of the local system is received. For example, the output data includes A, B, C and y k
In step 203, the state of the local system is predicted using the received output data of the local system and the kalman estimator.
The Kalman estimator model is:
Figure BDA0003008868980000052
Figure BDA0003008868980000053
Figure BDA0003008868980000054
Figure BDA0003008868980000055
Figure BDA0003008868980000056
wherein
Figure BDA0003008868980000057
Is a one-step predictor of the state of the local system,
Figure BDA0003008868980000058
updating a value, K, for a measurement of a state of a local system k In order to be the basis of the kalman gain,
Figure BDA0003008868980000059
in order to predict the error covariance in one step,
Figure BDA00030088689800000510
for measuringThe new error covariance.
By solving algebraic Riccati equation
Figure BDA00030088689800000511
Figure BDA00030088689800000512
One-step prediction error covariance steady-state value can be obtained
Figure BDA00030088689800000513
Figure BDA00030088689800000514
Is the steady state kalman gain.
Figure BDA00030088689800000515
For Kalman innovation, it follows a Gaussian distribution
Figure BDA00030088689800000516
And has a covariance of
Figure BDA00030088689800000517
At step 204, during the local system debug run phase, w is identified with assurance that the local system is free of failures and attacks k And v k And calculating the Kalman innovation z at that time k Sigma.
Here, for w k And v k The covariance Q and R identification algorithm is described in detail in Anewautoctovorariance least-squares method for identifying noise covariances, published by Brian J.Odelson et al, 42, pp.303-308, 2006, which is not repeated herein, and is incorporated herein by reference in its entiretywww.sciencedirect.comAnd (4) obtaining.
In step 205, after the local system is put into operation, w is identified in real time k And v k Of (2)Variance (variance)
Figure BDA0003008868980000061
And
Figure BDA0003008868980000062
and calculating the Kalman innovation at that time
Figure BDA0003008868980000063
Covariance of
Figure BDA0003008868980000064
Here, the first and second liquid crystal display panels are,
Figure BDA0003008868980000065
refer to real-time discerned w respectively k And v k The covariance of (a), the corresponding Kalman information and the covariance thereof are used for the expressive distinction from the corresponding parameters of the system debugging and running stage under the condition that the system has no fault and attack.
It should be understood that,
Figure BDA0003008868980000066
and z k As such, that is,
Figure BDA0003008868980000067
also obey Gaussian distribution
Figure BDA0003008868980000068
In step 206, the KL divergence is calculated, and it is determined that the local system is malfunctioning or under attack when the KL divergence value is greater than a threshold value.
According to an embodiment of the invention, by formula
Figure BDA0003008868980000069
Figure BDA00030088689800000610
Or
Figure BDA00030088689800000611
To calculate the KL divergence.
According to the embodiment of the invention, when the system is determined to be in fault or under attack, alarm information is triggered to remind that the fault or the attack is processed in time. The alarm information can be given in a visual mode, such as jumping out prompt or setting an alarm lamp to give an alarm in a flashing mode, or can be given in an audible mode, or visual and audible alarms and the like are adopted at the same time.
According to the embodiment of the invention, the threshold value can be set and modified as required. For example, in
Figure BDA00030088689800000612
The corresponding threshold is set to epsilon and
Figure BDA00030088689800000613
when the corresponding threshold is set to delta, at
Figure BDA00030088689800000614
Or
Figure BDA00030088689800000615
It is determined that the local system is malfunctioning or under attack.
The above pair
Figure BDA00030088689800000616
The reasoning formula of (1) is as follows:
Figure BDA00030088689800000617
according to the KL divergence-based fault and attack detection method, faults or attacks occurring in a real-time dynamic system can be detected in time, so that repair measures can be taken in time, the operation efficiency of the system is improved, and the influence on the decision process of a server is reduced.
The present invention may be implemented as a system, method and/or computer program product. The computer program product may include a computer-readable storage medium having computer-readable program instructions embodied therewith for causing a processor to implement various aspects of the present invention.
According to one embodiment of the present invention, a KL divergence-based fault and attack detection system is provided that includes one or more processors and a memory coupled to the one or more processors. The memory stores computer-readable program instructions that, when executed by the one or more processors, perform a KL divergence based fault and attack detection method in accordance with the present invention.
The KL divergence-based fault and attack detection system can be realized in a software mode, and also can be realized in a hardware mode or a hardware and software mode.
The KL divergence-based fault and attack detection system can be applied to various real-time dynamic systems. For example, it can be applied to a permanent magnet synchronous motor test system as shown in fig. 3.
According to another embodiment of the present invention, a non-transitory computer readable medium having instructions stored thereon for execution by a processor to perform a KL divergence based fault and attack detection method according to the present invention is provided.
According to another embodiment of the invention, a computer program product is provided, comprising a computer program which, when being executed by a processor, performs the steps of the KL divergence based fault and attack detection method according to the invention.
The computer readable storage medium may be a tangible device that can hold and store the instructions for use by the instruction execution device. The computer readable storage medium may be, for example, but not limited to, an electronic memory device, a magnetic memory device, an optical memory device, an electromagnetic memory device, a semiconductor memory device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), a Static Random Access Memory (SRAM), a portable compact disc read-only memory (CD-ROM), a Digital Versatile Disc (DVD), a memory stick, a floppy disk, a mechanical coding device, such as punch cards or in-groove projection structures having instructions stored thereon, and any suitable combination of the foregoing. Computer-readable storage media as used herein is not to be construed as transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission medium (e.g., optical pulses through a fiber optic cable), or electrical signals transmitted through electrical wires.
The computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to a respective computing/processing device, or to an external computer or external storage device via a network, such as the internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. The network adapter card or network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage in a computer-readable storage medium in the respective computing/processing device.
Computer program instructions for carrying out operations of the present invention may be assembler instructions, instruction Set Architecture (ISA) instructions, machine-related instructions, microcode, firmware instructions, state setting data, or source or object code in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider). In some embodiments, aspects of the present invention are implemented by personalizing an electronic circuit, such as a programmable logic circuit, a Field Programmable Gate Array (FPGA), or a Programmable Logic Array (PLA), with state information of computer-readable program instructions, which can execute the computer-readable program instructions.
Aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer-readable program instructions.
These computer-readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer-readable program instructions may also be stored in a computer-readable storage medium that can direct a computer, programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer-readable medium storing the instructions comprises an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer, other programmable apparatus or other devices implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Having described embodiments of the present invention, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terms used herein were chosen in order to best explain the principles of the embodiments, the practical application, or technical improvements to the techniques in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.

Claims (10)

1. A fault and attack detection method based on KL divergence comprises the following steps:
establishing a state space model for a local system: x is the number of k+1 =Ax k +Bu k +w k ,y k =Cx k +v k Wherein x is k ∈R m Is the local system state, y k ∈R n For local system output, u k ∈R p For control input, w k ∈R m Is process noise, v k ∈R n To measure the output noise, A ∈ R m×W For the local system matrix, B ∈ R m×p For the input matrix, 6 ∈ R n×W Is an output matrix;
receiving output data of a local system;
predicting the state of the local system using the received data and a Kalman estimator, wherein the Kalman estimator model is:
Figure FDA0003008868970000011
wherein
Figure FDA0003008868970000012
Is a one-step predictor of the state of the local system,
Figure FDA0003008868970000013
updating a value, K, for a measurement of a state of a local system k Is a Kalman gain, an
Figure FDA0003008868970000014
Is a kalman innovation;
in the local system debugging operation stage, identifying w under the condition of ensuring that the local system is free from faults and attacks k And v k And calculating the Kalman innovation z at that time k The covariance of (E);
real-time identification w after the local system is put into operation k And v k Covariance of
Figure FDA0003008868970000015
And
Figure FDA0003008868970000016
and calculates the Kalman innovation at that time
Figure FDA0003008868970000017
Covariance of
Figure FDA0003008868970000018
And
by the formula
Figure FDA0003008868970000019
Or
Figure FDA00030088689700000110
Figure FDA00030088689700000111
And calculating the KL divergence, and determining that the local system is in fault or under attack when the KL divergence value is larger than a threshold value.
2. The KL divergence-based fault and attack detection method according to claim 1, wherein { w } k And { v } and k are modeled as mutually independent zero-mean gaussian processes, respectively.
3. The KL divergence-based fault and attack detection method according to claim 1, wherein the Kalman estimator model further comprises:
Figure FDA00030088689700000112
wherein
Figure FDA00030088689700000113
Predicting error covariance for one step
Figure FDA00030088689700000114
Figure FDA00030088689700000115
And
Figure FDA00030088689700000116
wherein P is k Updating error protocols for measurementsVariance (variance)
Figure FDA00030088689700000117
Figure FDA0003008868970000021
4. The KL divergence-based fault and attack detection method according to claim 3, wherein Kalman gain
Figure FDA0003008868970000022
5. The KL divergence-based fault and attack detection method of claim 3, further comprising solving an algebraic Riccati equation
Figure FDA0003008868970000023
Figure FDA0003008868970000024
Obtaining a one-step prediction error covariance steady-state value
Figure FDA0003008868970000025
6. The KL divergence-based fault and attack detection method according to claim 5, wherein the Kalman innovation z k Is a zero mean Gaussian distribution and has a covariance of
Figure FDA0003008868970000026
7. The KL divergence-based fault and attack detection method according to claim 1, further comprising triggering alarm information when it is determined that the system is faulty or under attack.
8. A KL divergence-based fault and attack detection system, comprising:
one or more processors; and
a memory coupled with the one or more processors, the memory storing computer-readable program instructions that, when executed by the one or more processors, perform the method of any of claims 1-7.
9. A non-transitory computer readable medium having instructions stored thereon for execution by a processor to perform the method of any of claims 1-7.
10. A computer program product comprising a computer program which, when executed by a processor, performs the steps of the method according to any one of claims 1-7.
CN202110369945.0A 2021-04-07 2021-04-07 KL divergence-based fault and attack detection method, system, medium, and program Pending CN115186690A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110369945.0A CN115186690A (en) 2021-04-07 2021-04-07 KL divergence-based fault and attack detection method, system, medium, and program

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110369945.0A CN115186690A (en) 2021-04-07 2021-04-07 KL divergence-based fault and attack detection method, system, medium, and program

Publications (1)

Publication Number Publication Date
CN115186690A true CN115186690A (en) 2022-10-14

Family

ID=83512300

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110369945.0A Pending CN115186690A (en) 2021-04-07 2021-04-07 KL divergence-based fault and attack detection method, system, medium, and program

Country Status (1)

Country Link
CN (1) CN115186690A (en)

Similar Documents

Publication Publication Date Title
US10452983B2 (en) Determining an anomalous state of a system at a future point in time
US9794153B2 (en) Determining a risk level for server health check processing
Soualhia et al. Infrastructure fault detection and prediction in edge cloud environments
US20220075704A1 (en) Perform preemptive identification and reduction of risk of failure in computational systems by training a machine learning module
US10212058B2 (en) System and method for detecting system's performance regression
US10935970B2 (en) Electrical device degradation determination
US11256562B2 (en) Augmented exception prognosis and management in real time safety critical embedded applications
US10642342B2 (en) Predicting voltage guardband and operating at a safe limit
CN110825561B (en) Control system and control device
CN109992477B (en) Information processing method and system for electronic equipment and electronic equipment
US20230236923A1 (en) Machine learning assisted remediation of networked computing failure patterns
WO2020040764A1 (en) System and method for validation and correction of real-time sensor data for a plant using existing data-based models of the same plant
US10418808B2 (en) Detecting electrostatic discharge events in a computer system
CN115186690A (en) KL divergence-based fault and attack detection method, system, medium, and program
US20180097712A1 (en) Network resiliency through memory health monitoring and proactive management
US11436069B2 (en) Method and apparatus for predicting hard drive failure
WO2020109252A1 (en) Test system and method for data analytics
CN117519052B (en) Fault analysis method and system based on electronic gas production and manufacturing system
CN113969870B (en) Monitoring method and device for wind generating set estimator
US20240291859A1 (en) Detection of erroneous data generated in an electric vehicle charging station
US20230409421A1 (en) Anomaly detection in computer systems
KR102319386B1 (en) Apparatus and method of calculating failure intensity
US20230222024A1 (en) Method, electronic device, and computer program product for memory fault prediction
CN114721847A (en) Method and device for determining equipment failure
CN117311671A (en) Embedded software model architecture, battery management system controller and vehicle

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination