CN115580423A - CPPS optimal resource allocation method based on game aiming at FDI attack - Google Patents
CPPS optimal resource allocation method based on game aiming at FDI attack Download PDFInfo
- Publication number
- CN115580423A CN115580423A CN202210962376.5A CN202210962376A CN115580423A CN 115580423 A CN115580423 A CN 115580423A CN 202210962376 A CN202210962376 A CN 202210962376A CN 115580423 A CN115580423 A CN 115580423A
- Authority
- CN
- China
- Prior art keywords
- attack
- defender
- attacker
- state quantity
- game
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000013468 resource allocation Methods 0.000 title claims abstract description 21
- 230000007123 defense Effects 0.000 claims abstract description 34
- 230000009471 action Effects 0.000 claims description 38
- 238000005259 measurement Methods 0.000 claims description 25
- 230000008901 benefit Effects 0.000 claims description 16
- 238000004891 communication Methods 0.000 claims description 6
- 238000002347 injection Methods 0.000 claims description 4
- 239000007924 injection Substances 0.000 claims description 4
- 238000004088 simulation Methods 0.000 claims description 4
- 230000008859 change Effects 0.000 claims description 3
- 230000037361 pathway Effects 0.000 claims description 3
- 239000011159 matrix material Substances 0.000 description 6
- 238000001514 detection method Methods 0.000 description 4
- 238000011160 research Methods 0.000 description 4
- 230000003068 static effect Effects 0.000 description 4
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 230000016571 aggressive behavior Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000003094 perturbing effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B3/00—Line transmission systems
- H04B3/54—Systems for transmission via power distribution lines
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a CPPS optimal resource allocation method based on a game aiming at FDI attack, which comprises the steps of firstly obtaining a state estimation result of a system under a normal condition, then simulating the state estimation result after FDI attack, taking the offset between the state estimation result and the FDI attack as the income of a participant, inputting the corresponding income amount, resources required by attack launching of an attacker and resources required by defense provided by a defender into a game model, calculating Nash balance, obtaining a corresponding strategy and expected income, and finally carrying out resource allocation on multiple nodes under the condition of limited resources. The distribution method starts from the perspective of a defender, improves the defense efficiency on the basis of ensuring the safety of the system, and provides feasible suggestions and references for the defender to configure the strategy of defense measures. In addition, the method can adapt to various state estimation methods and different defense methods, and has higher flexibility and expansibility.
Description
Technical Field
The invention belongs to the field of smart grid security, and relates to a game-based optimal resource allocation method for a physical power system (CPPS) aiming at False Data Injection (FDI) attack.
Background
With the development of the power industry in China and the intellectualization of power systems, the basic power system gradually changes to a complex information physical power system, which brings more potential safety hazards while improving the system efficiency and the connection availability.
The FDI attack is the most widespread attack having the characteristics of the information physical layer, and poses a great threat to the information physical power system. FDI attack passes through step 1, an attack target and a strategy are formulated; 2. tampering with the measurement results of the control instrument, the communication network and the master station; 3. transmitting the forged measurements to an Energy Management System (EMS) and perturbing the state estimation results; 4. the control center is induced to take emergency measures to trip the critical lines resulting in power loss and over or under voltage. There are two main kinds of attack targets for attackers: 1. system state quantities (voltage, phase angle, etc.); device measurements (voltage, active power, etc.). The state estimation method is mainly classified into dynamic state estimation (kalman filter algorithm, etc.) and static state estimation (least square method, etc.).
The game theory is a formal tool which is proved to be efficient, the interaction between attack and defense is quantized, and a reasonable theoretical framework is provided to guide defenders to carry out optimal allocation strategies under limited resources. The game theory can be mainly divided into cooperative game play and non-cooperative game play by the relationship of participants, and is divided into dynamic game or static game, complete information game or incomplete information game, and zero-sum game or non-zero-sum game by the action times, understanding degree and income condition of both the attacking party and the defending party, as shown in table 1. The profit value of the strategy is one of important bases for each participant to make rational decisions in the game theory, and the game theory can screen out a decision scheme with the highest profit for the participants through theoretical analysis and research. The correctness of the scheme is mainly shown in that all rational game participants can consciously follow the equilibrium strategy derived by game theory, and no participant can deviate from the equilibrium strategy alone. Under the equilibrium strategy, the strategy of each participant is always the optimal corresponding to the strategy of other participants. At present, the idea of applying the game theory method to the research of the network attack and defense strategy in the CPPS background is roughly as follows: modeling the attack and defense behaviors by using a game model, and quantitatively evaluating attack and defense resources, consequences and action strategies; and finding balance points and solving an optimal attack and defense strategy. Modeling from the perspective of the defender, the target minimizing attack damage; or modeling is carried out from the perspective of an attacker, so that the damage caused by the attacker is the largest, and finally, an optimized game strategy is given.
In most of the existing researches, for example, firewall, interface control, authority detection and the like are protected only on the basis of an information layer or a physical layer. Aiming at the information layer, a researcher proposes that an attacker can be induced to attack through an active defense means so as to protect the key nodes; the data accuracy is ensured by using a detection redundancy system; multiple keys are used to protect the security of the transmission, etc. And a method for adding detection equipment, providing more comprehensive protection equipment and the like is provided aiming at the research of a physical layer. However, these methods do not fully take into account the trade-off between the information physics and the resulting balance between reliability and economy.
Disclosure of Invention
The invention provides a CPPS optimal resource allocation game method aiming at FDI attack. Firstly, a state estimation result of a system under a normal condition is obtained, then the state estimation result after FDI attack is simulated, the offset between the two is used as the income of a participant, the corresponding income amount, the resources required by attack starting of the attacker and the resources required by defense provided by a defender are input into a game model, nash balance is calculated, a corresponding strategy and expected income are obtained, finally, resource allocation is carried out on multiple nodes under the condition of limited resources, the optimal allocation strategy under the condition of limited resources is realized, and the economy is considered on the basis of ensuring the safety.
The invention provides a CPPS optimal resource allocation method based on a game aiming at FDI attack, which comprises the following steps:
s1: acquiring power system configuration, wherein the power system configuration comprises a power system topological graph and parameters of each branch of the power system; the power system topological graph is a network structure graph formed by network node devices and communication media, wherein one network node in the power system topological graph represents one active electronic device connected to a network in a power system and can send, receive or forward information through a communication channel.
S2: calculating the electric power state quantity under the normal condition of the electric power system, wherein the electric power state quantity comprises a phase angle theta and a voltage V;
s3: aiming at the network node 1, \8230, n traverses all attacker actions and defender actions and calculates corresponding electric power state quantity;
s4, calculating the power state quantity deviation condition to obtain corresponding participant benefit;
s5: inputting the benefit of the participant and the resource consumption required by the participant to execute the action into a game model;
s6: calculating an optimal defense resource configuration scheme for a single network node;
s7: under the condition of limited resources, traversing all network nodes to calculate a multi-node defense resource configuration scheme which enables the total expected profit to be maximum.
As a preferred embodiment of the present invention, the S2 specifically is:
obtaining an estimated state variable x of the power system, namely a power state quantity, according to the measured value of the instrument based on a relational expression z = h (x) + e between the measured value of the instrument of the power system and the state variable, wherein the power state quantity comprises a phase angle theta and a voltage V;
wherein h (x) = [ h = 1 (x),...,h i (x),...,h m (x)] T For the measurement function, z is a value based on the meter measurement, i.e. the meter measurement value, e is the independent random measurement noise; and m is the number of measuring devices.
As a preferable aspect of the present invention, the method of calculating the respective power state amounts in step S3 is the same as the method of calculating the power state amounts in step S2.
As a preferable aspect of the present invention, the participant benefit described in step S4 is a power state quantity offset amount, which is a difference between the power state quantity calculated in step S3 and the power state quantity in the normal case in step S2.
As a preferred aspect of the present invention, in the game model described in step S5,
the attacker can select a certain attack action A or not attack, and the resource consumed by the attacker is consumed
In relation to its chosen attack action; the defender can choose to not defend or the corresponding defense action D, and the defender needs to pay corresponding resources
To accomplish these actions;
success rate Pr (A) when attacker starts attack i ,D j ) Relating to actions of attackers and defenders; at the same time, the success rate Pr (A) i ,D j ) Vulnerability V to devices on network nodes Pr Also related is; vulnerability V Pr The method is defined by general vulnerability assessment system indexes: v Pr =2×S AV ×S AC ×S AU In which S is AV Is an attack pathway, S AC Is the degree of complexity of attack, S AU Is the degree of authentication;
for node n, define
And
respectively, is a collection of action probabilities that an attacker and defender can take on the node,
when the temperature is higher than the set temperature
An attacker policy is considered a pure policy; in other cases, the attacker policy is a hybrid policy.
As a preferred embodiment of the present invention, the step S6 specifically includes:
for node n, given an attacker defender policy pair
The expected revenue is expressed as:
wherein
And
is the action pair of the attacker and defender
The income is obtained; the income is obtained by carrying out false data injection simulation attack on physical layer equipment of the target power system and obtaining the offset of state quantity comparison in normal operation;
in the game model, both the attacker and defender wish to maximize their profit, when they choose a strategy that neither party changes, it is called nash equilibrium; assume policy for any defender
All exist
Make attackers expect benefits
Maximum, simultaneous policy for any attacker
All exist
Make defenders expect the benefits
At maximum, then nash equalization is achieved;
and solving to obtain a defender strategy when Nash equilibrium is reached aiming at the node n, and using the strategy as an optimal defense resource configuration scheme aiming at the single network node n.
Compared with the prior art, the method utilizes the state estimation method to simulate the deviation condition of the system state quantity after the attack to be used as the basic income of the participant, and calculates the expected income under Nash balance and equilibrium based on the game theory framework by considering the action cost. The distribution method starts from the perspective of a defender, improves the defense efficiency on the basis of ensuring the safety of the system, and provides feasible suggestions and references for the defender to configure the strategy of defense measures. In addition, the method can adapt to various state estimation methods and different defense methods, and has higher flexibility and expansibility.
Drawings
FIG. 1 is a schematic overview of a system design to which the method of the present invention is directed;
FIG. 2 is a schematic flow diagram of the process of the present invention;
FIG. 3 is a comparison of the strategy proposed by the present invention and the expected revenue results of resource allocation based only on the vulnerability index.
Detailed Description
As shown in fig. 1 and 2, the invention constructs a static game model based on incomplete information, and constructs a game-based CPPS optimal resource allocation method for FDI attack. The method utilizes a state estimation method to simulate and obtain the system state offset to quantify an attack result as a profit index, adds the profit and corresponding cost required by action into a game matrix and carries out calculation of Nash balance, and finally obtains a mixed optimal strategy to complete reasonable distribution under limited resources.
Fig. 1 shows an overview of a system design, where a physical layer in fig. 1 is a physical layer of a power system, and a physical layer device of the power system includes a control device, an execution device, a measurement device, and the like. In the normal case (i.e. in the case of no attack), only steps (3), (4) and (5) of fig. 1 exist, the physical layer monitors the system components on the basis of the meters and reports their readings to the control center, and the control center, after estimating the state of the power system from the meter measurements, sends corresponding command instructions to the physical layer devices.
The relationship between the power system meter measurements and the state variables z = h (x) + e, where x is the estimated state variable, z is the value based on the meter measurements, and e is the independent random measurement noise. Measurement function h (x) = [ h = 1 (x),...,h i (x),...,h m (x)] T The subscript m is the number of measurement devices, depending on the particular measurement type and network topology and parameters of the power system.
The usual way to estimate the state is weighted least squares, with the goal of finding a set of system states that minimizes the sum of squared errors F (x):
min F(x)=[z-h(x)] T W[z-h(x)]
where W is a weighting matrix, which can be designed as a variance
Inverse diagonal matrix of
Higher σ represents lower confidence in the device, generally provided by the manufacturer, and higher confidence measures are weighted more heavily.
The derivation is done on this equation to zero:
wherein
Is a least-squares sum estimate of x,
is the jacobian matrix. Combining Newton-Laverson iteration relation to obtain a formula:
[G(x k )]Δx k =H T (x k )W[z-h(x k )]
G(x k )=H T (x k )WH(x k )
x k+1 =x k +Δx k
wherein G (x) k ) Is a gain matrix, x k+1 =x k +Δx k For updating the Jacobian matrix, repeating the iteration until Deltax is less than the predetermined convergence condition, x k Is the estimation of the system state.
When an FDI attack is encountered, as shown in steps (1) and (2) of fig. 1, an attacker tampers with the measurement results by the control instrument, the communication network and the master station to disturb the estimation results and induce the control center to take emergency measures, as shown in step (6), to trip the critical line, resulting in power loss and overvoltage or undervoltage.
Referring to fig. 1 and 2, the steps of the game-based CPPS optimal resource allocation method for FDI attack proposed by the present invention are as follows:
s1: acquiring power system configuration from matpower, wherein the power system configuration comprises a power system topology graph and parameters of each branch of a power system; the power system topological graph is a network structure graph formed by network node equipment and a communication medium, and one network node in the power system topological graph represents one equipment in the power system.
S2: calculating the electric power state quantity under the normal condition of the electric power system, wherein the electric power state quantity comprises a phase angle theta and a voltage V;
obtaining an estimated state variable x of the power system, namely a power state quantity, according to the measured value of the instrument based on a relational expression z = h (x) + e between the measured value of the instrument of the power system and the state variable, wherein the power state quantity comprises a phase angle theta and a voltage V;
wherein h (x) = [ h = 1 (x),...,h i (x),...,h m (x)] T For the measurement function, z is a value based on the meter measurement, i.e. the meter measurement value, e is the independent random measurement noise; and m is the number of measuring devices.
S3: aiming at network nodes 1, \8230, n traverses all attacker actions and defender actions and calculates corresponding power state quantities, wherein the power state quantities comprise a phase angle theta and a voltage V; the method of calculating the corresponding electric power state quantity in step S3 is the same as the method of calculating the electric power state quantity in step S2.
S4, calculating the deviation condition of the power state quantity to obtain corresponding participant benefit; the participant benefit is a power state quantity offset, which is a difference between the power state quantity calculated in step S3 and the power state quantity in the normal case in step S2.
S5: inputting the benefit of the participant and the resource consumption required by the participant to execute the action into a game model;
the game model mainly comprises: participants, actions, policy pairs, earnings, rewards, and the like.
The participants are the attackers and defenders. The attacker action a includes attack and non-attack, in which case he can choose the strength of the attack (i.e. the range of injected data), the target of the attack (for the measured value or the state value), and the location of the attack (single-point attack or multi-point cooperative attack), and obviously the resource consumption that the attacker needs to pay is consumed
In relation to the attack action it chooses. On the other hand, the defender can also choose not to defend or corresponding defense actions D, including increasing defense strength (e.g., increasing monitor scanning frequency, etc.), changing defense schemes (e.g., modifying detection algorithm accuracy), expanding defense nodes (e.g., setting up monitoring devices for more nodes), etc.Similarly, the defender needs to pay corresponding resources
To accomplish these actions.
Success rate Pr (A) when attacker starts attack i ,D j ) Related to the actions of attackers and defenders. At the same time, the success rate Pr (A) i ,D j ) Vulnerability V to devices on a node Pr Also relevant. Vulnerability V Pr Defined by the general vulnerability scoring system (CVSS) index: v Pr =2×S AV ×S AC ×S AU In which S is AV Is an attack pathway, S AC Is the attack complexity, S AU Is the authentication level.
For node n, the policies of the attacker and of the defender can be expressed as follows:
wherein
And
respectively, is a collection of action probabilities that an attacker and defender can take on the node. It is clear that the probability interval should be at 0,1]And the sum of the probabilities is 1. When the temperature is higher than the set temperature
An attacker policy may be considered a pure policy, otherwise the policy is a hybrid policy. The same is true for defenders.
S6: calculating an optimal defense resource configuration scheme for a single network node;
for node n, given an attacker defender policy pair
In order for an attacker to expect the benefit,
expected revenue for defenders; and
can be expressed as:
wherein
And
is the action pair of the attacker and defender
The following benefits. This benefit is obtained by applying a dummy data injection simulation attack (step 126) to the physical layer device of the target system against the offset of the state quantity when operating normally (step 345).
In the game problem, both attackers and defenders wish to maximize their profit, when they choose a strategy that neither party will change, it is called nash equilibrium. Suppose a policy for any defender
All exist
Make attackers expect benefits
Maximum, simultaneous policy for any attacker
All exist
Make defenders expect the benefits
At maximum, then nash equalization is achieved. And solving for the node n to obtain a defender strategy when Nash equilibrium is reached, and using the strategy as an optimal defense resource configuration scheme for the single network node n.
S7: due to attacker resources
Resource of defender
And not limitless. Under the constraint of the limited resource condition, traversing all the network nodes to calculate the multi-node defense resource configuration scheme which enables the total defender to expect the maximum benefit. Namely, for limited resources, the resource allocation is carried out on n nodes, the allocation scheme of the resources is an optimization problem for solving the expectation benefit of the maximum defender, and the solution is carried out by utilizing an iteration method, so that the multi-node defense resource allocation scheme for maximizing the expected benefit of the total defender can be obtained.
The effectiveness and feasibility of the invention are demonstrated by simulation experiments. The IEEE 33 bus system is adopted to simulate an attack and defense game. Configuration information of the IEEE 33 bus system is acquired from the MATPOWER packet, and power flow calculation is performed thereon using MATLAB software. Attack actions are classified from three aspects: 1 attack strength: 5%,10%,20%,2. Attack location, selection of attack node and whether to perform multipoint attack, 3 attack target: type of measurement (voltage, current, aggression, etc.). The corresponding defensive actions are here divided into: 1. prevention strength: the higher the intensity, the more stringent the accuracy requirements are reflected in the accuracy requirements. 2. Defense nodes: selection of defending nodes and whether to conduct cooperative defense.
The static defense is selected because the defender cannot dynamically change the resource configuration of the defender, and only the game can be played according to the prior situation, which can be understood that once the defender finishes configuring the equipment, much time is needed for changing the equipment. When the resource investment exceeds a certain degree, the absolute benefit brought by successful attack is not enough to make up for the resource required to be consumed. Therefore, considering the defender's perspective under the attacker's resources, when the resources required by the attacker to successfully attack are greater than a certain degree, the (rational) attacker will not choose to launch the attack, so the defender can choose not to defend.
As shown in FIG. 3, the expected revenue outcome for a defender for resource allocation based on the policy proposed by the present invention (i.e., the outcome of the revenue expected from the defender
) Expected revenue outcome (i.e., expected outcome) over resource allocation based solely on vulnerability index
) There is a significant increase.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the appended claims.
Claims (6)
1. A CPPS optimal resource allocation method based on a game aiming at FDI attack is characterized by comprising the following steps:
s1: acquiring power system configuration, wherein the power system configuration comprises a power system topological graph and parameters of each branch circuit of a power system; the power system topological graph is a network structure graph formed by network node equipment and a communication medium;
s2: calculating the electric power state quantity under the normal condition of the electric power system, wherein the electric power state quantity comprises a phase angle theta and a voltage V;
s3: aiming at network nodes 1, \8230, n traverses all attacker actions and defender actions and calculates corresponding power state quantity;
s4, calculating the deviation condition of the power state quantity to obtain corresponding participant benefit;
s5: inputting the benefit of the participant and the resource consumption required by the participant to execute the action into a game model;
s6: calculating an optimal defense resource configuration scheme for a single network node;
s7: under the condition of limited resources, traversing all network nodes to calculate to obtain a multi-node defense resource configuration scheme which enables the total expected profit to be maximum.
2. The CPPS optimal resource allocation method aiming at FDI attack based on game, as claimed in claim 1, wherein the S2 is specifically:
obtaining an estimated state variable x of the power system, namely a power state quantity, according to the measured value of the instrument based on a relation z = h (x) + e between the measured value of the instrument of the power system and the state variable, wherein the power state quantity comprises a phase angle theta and a voltage V;
wherein h (x) = [ h 1 (x),...,h i (x),...,h m (x)] T For the measurement function, z is a value based on the meter measurement, i.e. the meter measurement value, e is the independent random measurement noise; and m is the number of measuring devices.
3. A game based CPPS optimal resource allocation method for FDI attack according to claim 1, wherein the method of calculating the corresponding power state quantity in step S3 is the same as the method of calculating the power state quantity in step S2.
4. A game-based CPPS optimal resource allocation method for FDI attack according to claim 1, wherein the participant benefit in step S4 is a power state quantity offset which is a difference between the power state quantity calculated in step S3 and the power state quantity in the normal case of step S2.
5. A game based CPPS optimal resource allocation method for FDI attack according to claim 1, characterized in that, in the game model described in step S5,
the attacker can select a certain attack action A or not attack the action A, and the resource consumption required by the attacker is consumed
In relation to its chosen attack action; the defender can choose to not defend or the corresponding defense action D, and the defender needs to pay the corresponding resource
To accomplish these actions;
success rate Pr (A) when attacker starts attack i ,D j ) Related to the actions of attackers and defenders; at the same time, the success rate Pr (A) i ,D j ) Vulnerability V to devices on network nodes Pr Also related is; vulnerability V Pr Defined by the general vulnerability scoring system index: v Pr =2×S AV ×S AC ×S AU In which S is AV Is an attack pathway, S AC Is the complexity of the attack, S AU Is the degree of authentication;
for node n, define
And
respectively the collection of action probabilities that an attacker and defender can take on the node,
when the temperature is higher than the set temperature
An attacker policy is considered a pure policy; in other cases, the attacker policy is a hybrid policy.
6. The CPPS optimal resource allocation method based on the game aiming at the FDI attack as claimed in claim 5, wherein the step S6 specifically comprises:
for node n, given an attacker defender policy pair
The expected revenue is expressed as:
wherein
And
is the action pair of the attacker and defender
The income is obtained; the income is obtained by carrying out false data injection simulation attack on physical layer equipment of the target power system and obtaining the offset of state quantity comparison in normal operation;
in the game model, attackers and defenders both want to maximize their revenues, when they choose a strategy that both parties will not change, it is called nash equilibrium; suppose a policy for any defender
All exist
Make attackers expect benefits
Maximum, simultaneous policy for any attacker
All exist
Make defenders expect the benefits
At maximum, then nash equalization is achieved;
and aiming at the node n, solving to obtain a defender strategy when Nash equilibrium is achieved, and taking the strategy as an optimal defense resource configuration scheme aiming at the single network node n.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210962376.5A CN115580423A (en) | 2022-08-11 | 2022-08-11 | CPPS optimal resource allocation method based on game aiming at FDI attack |
| GB2218851.0A GB2621417A (en) | 2022-08-11 | 2022-12-14 | Game-based optimal resource allocation method for cyber-physical power system (CPPS) to defend against false data injection (FDI) attack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210962376.5A CN115580423A (en) | 2022-08-11 | 2022-08-11 | CPPS optimal resource allocation method based on game aiming at FDI attack |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115580423A true CN115580423A (en) | 2023-01-06 |
Family
ID=84580011
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210962376.5A Pending CN115580423A (en) | 2022-08-11 | 2022-08-11 | CPPS optimal resource allocation method based on game aiming at FDI attack |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN115580423A (en) |
| GB (1) | GB2621417A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117439794A (en) * | 2023-11-09 | 2024-01-23 | 浙江大学 | CPPS optimal defense strategy game method for uncertainty attack |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116579626B (en) * | 2023-05-15 | 2024-06-04 | 长江水利委员会水文局 | Cascade reservoir group water storage strategy calculation method based on game theory |
-
2022
- 2022-08-11 CN CN202210962376.5A patent/CN115580423A/en active Pending
- 2022-12-14 GB GB2218851.0A patent/GB2621417A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117439794A (en) * | 2023-11-09 | 2024-01-23 | 浙江大学 | CPPS optimal defense strategy game method for uncertainty attack |
| CN117439794B (en) * | 2023-11-09 | 2024-05-14 | 浙江大学 | CPPS optimal defense strategy game method for uncertainty attack |
Also Published As
| Publication number | Publication date |
|---|---|
| GB2621417A (en) | 2024-02-14 |
| GB202218851D0 (en) | 2023-01-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115580423A (en) | CPPS optimal resource allocation method based on game aiming at FDI attack | |
| Li et al. | Distributed host-based collaborative detection for false data injection attacks in smart grid cyber-physical system | |
| Yi et al. | A multi-stage game model for the false data injection attack from attacker’s perspective | |
| Xiang et al. | A game-theoretic study of load redistribution attack and defense in power systems | |
| CN112688315B (en) | Attack and defense system and method based on electric vehicle power distribution network information physical system | |
| Ji et al. | Attack-defense trees based cyber security analysis for CPSs | |
| Rahman et al. | A formal model for verifying the impact of stealthy attacks on optimal power flow in power grids | |
| CN115348073A (en) | CPPS defense strategy decision method under DDoS attack based on game theory | |
| Alanwar et al. | Distributed secure state estimation using diffusion Kalman filters and reachability analysis | |
| CN104638762A (en) | Method and system for detecting illegal data implantation internal attack in smart power grid | |
| Rahman et al. | Novel attacks against contingency analysis in power grids | |
| Zhang et al. | Net load redistribution attacks on nodal voltage magnitude estimation in ac distribution networks | |
| Kumar et al. | Efficient detection of false data injection attacks on AC state estimation in smart grids | |
| CN113098908B (en) | False data injection attack defense method and device based on multi-stage game | |
| CN112016085B (en) | Power transmission and transmission system planning method for coping with information-physical cooperative attack | |
| Ge et al. | A game theory based optimal allocation strategy for defense resources of smart grid under cyber-attack | |
| Ding et al. | Cyber risks of PMU networks with observation errors: Assessment and mitigation | |
| Cheng et al. | Resilient collaborative distributed ac optimal power flow against false data injection attacks: A theoretical framework | |
| Acarali et al. | Modelling DoS attacks & interoperability in the smart grid | |
| CN114666107B (en) | Advanced persistent threat defense method in mobile fog calculation | |
| CN108596361B (en) | Selection method for practical measurement protection scheme of power system | |
| Khazaei | Detection of cyber-physical attacks aiming at multi transmission line congestions using dynamic state-estimation | |
| Li et al. | A security defense model for ubiquitous electric internet of things based on game theory | |
| CN109639491B (en) | Intelligent substation relay protection vulnerability assessment model generation method | |
| Deng et al. | Optimal Defense Strategy Based on the Load Nodes’ Importance against Dummy Data Attacks in Smart Grids |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |