CN115712894B - Load false data injection attack modeling method - Google Patents
Load false data injection attack modeling method Download PDFInfo
- Publication number
- CN115712894B CN115712894B CN202211292172.1A CN202211292172A CN115712894B CN 115712894 B CN115712894 B CN 115712894B CN 202211292172 A CN202211292172 A CN 202211292172A CN 115712894 B CN115712894 B CN 115712894B
- Authority
- CN
- China
- Prior art keywords
- attack
- load
- layer
- probability
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Supply And Distribution Of Alternating Current (AREA)
Abstract
The invention discloses a load false data injection attack modeling method, which relates to the technical field of power information physical systems and is used for solving the problems that a large-scale physical power flow is transferred and even a cascading failure reaction of a power system is caused to cause a blackout accident because a dispatcher is misled to perform wrong operation after the existing power system is attacked by the load false data injection; according to the invention, under the fusion background of the power information physical system, the attack behaviors of an intruder are considered from the angle of an information layer by combining with the actual network attack scene, the maximum damage attack path is predicted timely and accurately, and a beneficial hint is provided for power system management personnel on how to more effectively prevent and defend load false injection attack.
Description
Technical Field
The invention relates to the technical field of power information physical systems, in particular to a load false data injection attack modeling method.
Background
The power system is a significant infrastructure for each country and is the primary source of motive energy for each city. With the gradual formation of smart grids, the power system is gradually upgraded from a traditional system mainly comprising physical facilities to a highly-coupled power information physical system, and the trouble of network security is brought to the power system.
State estimation is a key element of reliable operation and control of the current power system, collects information from a large number of meter measurements, and is analyzed in a centralized manner in a control center, and finally the control center performs unified scheduling on the power system according to analysis of the measurement data. However, due to advances in the computer industry and communication technology, these measurement data have recently been found to be vulnerable to malicious spurious data injection. This is a special type of false data injection attack, which is a hazard to the operation of the power system at different time steps and under different attack resource constraints, for the concept of load redistribution attack.
After the attack vector is reasonably selected, the network attack is extremely high in concealment and difficult to find by the detection equipment, as the automation degree of the power system is higher and higher, the intelligent equipment is continuously connected, and the power system becomes more and more complex due to high coupling of the physical layer and the information layer, so that the traditional power system is also challenged unprecedented. The prior study proves that the power system is misled to the wrong operation of a dispatcher after being attacked by load false data injection, so that large-scale physical power flow transfer can be caused, even the cascading failure reaction of the power system can be finally initiated, and the blackout accident can be caused.
Disclosure of Invention
The invention aims to solve the problems that the prior power system is subjected to load false data injection attack, misleading a dispatcher to perform error operation, causing large-scale physical power flow transfer, and even possibly finally causing cascading failure reaction of the power system and causing blackout accidents.
The aim of the invention can be achieved by the following technical scheme: a load dummy data injection attack modeling method, the method comprising the steps of:
s1, calculating an average compromise time value of communication links between each transformer substation and a control center: firstly, determining a network attack path, namely determining a corresponding Bayesian network attack graph, and then calculating average compromise time values for successfully invading each communication link and modifying data;
s2, establishing a double-layer optimization model for load false data injection: adding the constraint condition to the upper layer of the double-layer model based on the average compromise time value of each transformer substation calculated in the step S1;
s3, converting the double-layer mixed optimization model into a single-layer mixed integer model by applying a strong dual-dipole theory according to the double-layer optimization model established in the S2, and solving in a solver;
and S4, obtaining an optimal attack scheme of the attacker according to the calculation result of the optimization model.
As a preferred embodiment of the present invention, the specific process of S1 is:
s11, establishing a Bayesian attack graph of a communication link between an intrusion substation and a control center, wherein the Bayesian attack graph consists of a three-layer structure; wherein the first layer is countermeasure group A j The second layer is sub-target B i The third layer is the overall target C m Sub-target B i Represented by circular nodes; by bypassing or defeating the corresponding countermeasure group A j Achieve sub-target B i The method comprises the steps of carrying out a first treatment on the surface of the Quantifying the probability of an intruder successfully performing an unauthorized operation on the target communication link by the constructed Bayesian model;
s12, calculating the successful invasion probability of the transformer substation: calculating the successful invasion probability of the transformer substation by using a Bayesian attack graph, wherein the successful invasion probability of the transformer substation changes along with the distribution of defensive resources and the identified loopholes, and the loopholes of each network component are randomly generated;
s13, calculating an average compromise time value: based on the Bayesian attack graph determined in the step S11 and the probability of successful intrusion into the transformer substation determined in the step S12, establishing a mathematical model of average compromise time, and calculating an MTTC value of the average compromise time; wherein the method comprises the steps ofT (v) i ) Is to use a single vulnerability v i The time required, p (c), represents the probability of successful achievement of the overall target condition, p (v) i Λc) is the probability of successful attack, p (v), of a vulnerability-exploitation, that leads to overall target conditions i Λ c) represents attack according to assumptionsThe hitter always selects the easiest attack path to represent the probability of success that resulted in the target condition;
where i represents the number of pre-vulnerability vulnerabilities leading to the target vulnerability, p (v i =t) represents the probability of successfully executing an attack under three preconditions, p (v) i =T|S i =T,N i =T,L i =t) is expressed as the probability that an attacker can alone successfully exploit a certain vulnerability.
As a preferred embodiment of the present invention, the specific process of S2 is:
s21, considering average compromise time constraint of each loaded transformer substation by upper-layer constraint:
wherein the method comprises the steps ofWhen the variable is 0-1 and is equal to 1, the variable indicates that network intrusion can be performed on the transformer substation, T indicates intrusion time set for an intruder by the intruder, and T d An MTTC value representing the intruder-calculated substation communication link;
s22, an upper model of the double-layer optimization model comprises an upper objective function and constraint conditions, wherein the upper objective function is as follows:
wherein the objective function represents maximizing the operating cost, including the power generation cost and the load shedding cost, c g For the generation cost ($/MWh) of generator g, cs d For the cost of load shedding ($/MWh),respectively representing the output of the generator g and the load reduction amount N at the load node d g For the number of generators, N d The number of load nodes, delta D is the load attack vector;
the lower constraint condition includes:
wherein ΔD d Representing the load attack quantity of the d node; τ is the set load attack amount range; d (D) d Is a true measure of the load node quantity;a variable of 0-1 is used to constraint, T represents the time set for the intruder, T d An MTTC value representing the intruder-calculated substation communication link; delta D,d R is the number of attack resources limited by 0-1 integer variable;
s23, a lower model of the double-layer optimization model comprises a lower objective function and a lower constraint condition, wherein the lower objective function is as follows:
wherein the lower objective function represents that a dispatcher of the power system reacts according to the upper constraint to minimize the system operation cost;
the lower constraint condition includes:
PL=SF·KP·P-SF·KD·(D+ΔD-S)(μ) (12)
wherein D is d Is the load amount at load node d; (12) PL is a line power flow vector, P is a generator output vector, KP is a node-generator correlation matrix, SF is a transfer factor matrix, and KD is a node-load correlation matrix; formulas (13) to (15) are upper and lower bounds of the line rated capacity, the generator output and the load reduction amount corresponding to the load nodes, lambda, mu,α l , β g ,/> d γ,/>respectively represent the corresponding lower constraint conditionsLagrangian constant.
As a preferred implementation mode of the invention, before an intruder carries out network attack, a load false data injection attack model is used for calculation, the calculation result comprises the number and the positions of substations to be invaded and the injection load quantity corresponding to each substation, the intruder is guided to carry out subsequent attack, and a reference defense scheme is provided for the power grid defender under the threat of information physical network attack according to an upper-layer optimization result and a lower-layer optimization result.
Compared with the prior art, the invention has the beneficial effects that:
1. in the invention, under the background of the physical interaction fusion of the power information, the average compromise time of an intruder successfully invading a communication link between a transformer substation and a control center is considered, so that the attack situation considered by the built double-layer optimization model for loading false data injection is more perfect;
2. the average compromise time considered by the invention provides a calculation model which is easy to operate in practice for the operators of the power system, because it does not need to define the whole power system too finely, and in addition, it can use the information collected automatically and calculate;
3. the method combines the physical layer and the information layer of the power system, fully considers the coupling relation between the physical layer and the information layer, and aims at a special network attack scene of the false data injection attack.
Drawings
The present invention is further described below with reference to the accompanying drawings for the convenience of understanding by those skilled in the art.
FIG. 1 is a flow chart of a method implementation provided by the present invention;
fig. 2 is a bayesian attack diagram of a communication link between an intrusion substation and a control center provided by the invention;
fig. 3 is a topology diagram of an IEEE 14 node transmission line in a specific application of the present embodiment.
Detailed Description
The technical solutions of the present invention will be clearly and completely described in connection with the embodiments, and it is obvious that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1-3, a load dummy data injection attack modeling method includes:
s1, calculating an average compromise time value of communication links between each transformer substation and a control center by an invader: firstly, according to the professional knowledge in the aspect of an information layer, an intruder determines a network attack path, namely a corresponding Bayesian network attack graph, calculates average compromise time values for successfully invading each communication link and modifying data; the method comprises the following steps:
s11, establishing a Bayesian attack graph of a communication link between an intrusion substation and a control center: the bayesian attack graph consists of a three-layer structure. The first layer is a countermeasure group, composed of A j And (3) representing. The second layer represents sub-object B i Represented by the circular nodes. By bypassing or defeating the corresponding countermeasures A j Can reach the sub-target B i . Overall goal C m Consists of a third layer, wherein the total targets of the intruder correspond to the sub targets B i Must all be satisfied. Through the constructed Bayesian model, the probability of an intruder successfully performing an unauthorized operation on the target communication link can be quantified.
S12, probability of successful invasion of the transformer substation: and calculating the successful invasion probability of the transformer substation by using a Bayesian attack graph, wherein the successful invasion probability of the transformer substation changes along with the distribution of defensive resources and the identified loopholes, and the loopholes of each network component are randomly generated.
S13, calculating an average compromise time value: and (3) establishing a mathematical model of the average compromise time based on the Bayesian attack graph determined in the step (S11) and the probability of successful intrusion of the transformer substation determined in the step (S12), and calculating the average compromise time. The MTTC value is calculated specifically according to the following formula:
t (v) i ) Is to use a single vulnerability v i The time required, p (c), represents the probability of successfully achieving the overall target condition. p (v) i Λ c) is the probability of successful attack that results in the overall target condition and exploits the vulnerability, p (v) since the attacker always selects the easiest attack path to represent the probability of success that results in the target condition based on the assumption i Λ c) can be expressed as:
where i represents the number of pre-vulnerable vulnerabilities that lead to the target vulnerability, more readily available vulnerabilities will have a higher probability of attack success. p (v) i =t) represents the probability of successfully executing an attack under three preconditions, the probability that an attacker can successfully exploit a vulnerability alone can be expressed as p (v i =T|S i =T,N i =T,L i =t) represents;
in fig. 2, the node usage corresponding to the node tag A1 is message encryption, the node usage corresponding to the node tag A2 is information type, the node usage corresponding to the node tag A3 is network address locking, the node usage corresponding to the node tag A4 is physical connection protection, the node usage corresponding to the node tag A5 is a unpublished protocol, the node usage corresponding to the node tag A6 is a detection message time stamp, the node usage corresponding to the node tag A7 is a password signature, the node usage corresponding to the node tag A8 is a message sequence number, the node usage corresponding to the node tag A9 is a remote password, the node usage corresponding to the node tag B1 is decryption information content, the node usage corresponding to the node tag B2 is information interception, the node usage corresponding to the node tag B3 is a connection network, the node usage corresponding to the node tag B4 is an interpretation information structure, the node usage corresponding to the node tag B5 is a validity of maintaining the modification information, the node usage corresponding to the node tag B6 is a validity maintaining the node tag, the node usage corresponding to the node tag B7 is a valid node tag C1 is a valid node tag, the node tag C2 is a node tag for the node tag for which is a node tag for the node 2 is a node tag for the node tag for which is a node 2;
the double-layer optimization model for load false data injection established in the embodiment considers the average compromise time constraint of each loaded transformer substation in the upper constraint:
wherein the method comprises the steps ofWhen the variable is 0-1 and is equal to 1, the variable indicates that network intrusion can be performed on the transformer substation, T indicates intrusion time set for an intruder by the intruder, and T d The MTTC value of the communication link of the transformer substation calculated by the invader is represented, and when the set time is longer than the calculation time, the transformer substation can be considered as a target to be attacked by the invader;
s2, establishing a double-layer optimization model for load false data injection: adding the constraint condition to the upper layer of the double-layer model based on the average compromise time value of each transformer substation calculated in the step S1; the upper layer constraint considers the average compromise time constraint of each loaded transformer substation, and the upper layer model comprises an upper layer objective function and constraint conditions, wherein the upper layer objective function is as follows:
wherein the objective function represents maximizing the operating cost, including the power generation cost and the load shedding cost, c g For the generation cost ($/MWh) of generator g, cs d For the cost of load shedding ($/MWh),respectively representing the output of the generator g and the load reduction amount N at the load node d g For the number of generators, N d The number of load nodes, Δd, is the load attack vector.
The lower constraint conditions include:
constraint conditions (5) and (6) ensure that the load false data is successfully injected and cannot be easily detected, and the total load of each point is required to be kept unchanged before and after attack, and the load change is within a certain range, wherein delta D d Representing the load attack quantity of the d node; τ is the set load attack amount range; d (D) d Is a true measure of the load node quantity. Constraint (7) considers the average compromise time constraint of each loaded substation, whereA variable of 0-1 is used to constraint, T represents the time set for the intruder, T d MTTC value representing calculated transformer station communication link of invader when setting timeAnd if the calculated time is longer than the calculated time, the transformer substation can be considered as an intrusion target to be selected. In addition, the number of tampered substation communication links should not exceed the maximum number of attacked resources, and the constraints (8) and (9) are attack resource constraint conditions, delta D,d R is the number of attack resources limited by 0-1 integer variable;
and the lower model is used for making a reaction according to the decision variable delta D determined by the upper model so as to minimize the running cost of the power system, and comprises a lower objective function and a lower constraint condition, wherein the lower objective function is as follows:
wherein the lower objective function represents that the dispatcher of the power system reacts according to the upper constraints to minimize the system operating costs.
The lower constraint condition includes:
PL=SF·KP·P-SF·KD·(D+ΔD-S)(μ) (12)
the lower constraint function includes the power balance constraint (11), D, of the system d Is the load amount at load node d; (12) For line flow constraint, PL is line flow vector, P is generator output vector, KP is node-generator correlation matrix, SF is transferShifting factor matrix, KD is node-load association matrix; (13) - (15) are upper and lower bounds for the line rated capacity, generator output, and load reduction amount corresponding to the load nodes, respectively. Lambda, mu,α l , β g ,/> γ d ,/>lagrangian constants respectively representing the corresponding lower constraint conditions;
s3, establishing a double-layer optimization model according to the S2, converting the double-layer mixed optimization model into a single-layer mixed integer model by applying a strong dual-dipole theory, and solving in a solver;
s4, according to the calculation result of the optimization model, an optimal attack scheme of an attacker is obtained, and load false data injection attack of each transformer substation facing the information physical system can be effectively predicted; before an invader carries out network attack, the load false data is injected into an attack model to carry out calculation in advance, wherein a calculation result comprises the number and the positions of substations to be attacked and the injection load quantity corresponding to each substation, and the invader is guided to carry out subsequent attack;
in order to verify the effectiveness of the invention, an IEEE 14 node power information physical system is taken as an example, and the method is adopted to analyze the load false data injection network attack. The coupling system specifically comprises 14 substation nodes, 20 power transmission lines, the original total load demand is 259MW, the original running cost of the power system is 6203.3$/h, t=250, τ=0.5 and the number of attack resources R=4 are set. Using python3.7 as a simulation tool to simulate, and obtaining an average compromise time value of a communication link which successfully invades each transformer substation as shown in a first table, and comparing a load false data injection attack result with an original system as shown in a second table;
table-MTTC estimates for each node
| Node numbering | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| MTTC(days) | 279.99 | 243.71 | 217.08 | 231.67 | 289.2 | 188.96 | 289.4 |
| Node numbering | 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| MTTC(days) | 320.51 | 256.38 | 231.3 | 258.15 | 500.12 | 409.8 | 270.75 |
Since automation and security levels of the respective substation communication structures are different from each other, there are network architectures of various substations. From table one, it can be seen that the present invention assumes that known and zero-day holes are randomly assigned to the countermeasure of 14 links, and thus the MTTC values required to calculate the same final objective in these 14 links may be different from one another. The shortest intrusion time required by node 6 would be considered the network communication structure of the substation to be easily broken up, while the longest intrusion time required by node 12 would be considered the most difficult intrusion of the substation.
Comparison of Table two-load false data injection attack and original system operation cost
The second table shows that the running cost of the whole power system is greatly improved after the intruder carries out the attack of loading false data injection by comparison, and the cost is improved by 7221-6205.6 = 1015.4. This is due to the effect of network attacks, operators being misled by false load data; to allow the power system to resume "normal running" so that they are operating to cut load and adjust the generator output, the system cuts load 14.3MW at node 3 in this example.
The preferred embodiments of the invention disclosed above are intended only to assist in the explanation of the invention. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best understand and utilize the invention. The invention is limited only by the claims and the full scope and equivalents thereof.
Claims (3)
1. The modeling method for the load false data injection attack is characterized by comprising the following steps:
s1, calculating an average compromise time value of communication links between each transformer substation and a control center: firstly, determining a network attack path, namely determining a corresponding Bayesian network attack graph, and then calculating average compromise time values for successfully invading each communication link and modifying data;
s2, establishing a double-layer optimization model for load false data injection: adding the constraint condition to the upper layer of the double-layer model based on the average compromise time value of each transformer substation calculated in the step S1; the specific process is as follows:
s21, considering average compromise time constraint of each loaded transformer substation by upper-layer constraint:
wherein the method comprises the steps ofA variable of 0-1, when it is equal to 1, it indicates that network intrusion can be performed on the substation, T indicates intrusion time set for an intruder, T d An MTTC value representing the intruder-calculated substation communication link;
s22, an upper layer model of the double-layer optimization model comprises an upper layer objective function and constraint conditions, wherein the upper layer objective function is as follows:
wherein the objective function represents maximizing the operating cost, including the power generation cost and the load shedding cost, c g For the power generation cost of the generator g, cs d In order to get rid of the cost of the load,respectively representing the output of the generator g and the load reduction amount N at the load node d g For the number of generators, N d The number of load nodes, delta D is the load attack vector;
the upper layer constraint condition includes:
wherein ΔD d Representing the load attack quantity of the d node; τ is the set load attack amount range; d (D) d Is the true load quantity at load node d;is 0 toThe-1 variable is used to tie up constraints, T represents the intrusion time set for the intruder, T d An MTTC value representing the intruder-calculated substation communication link; delta D,d R is the number of attack resources limited by 0-1 integer variable;
s23, a lower model of the double-layer optimization model comprises a lower objective function and a lower constraint condition, wherein the lower objective function is as follows:
wherein the lower objective function represents that a dispatcher of the power system reacts according to the upper constraint to minimize the system operation cost;
the lower constraint condition includes:
PL=SF·KP·P-SF·KD·(D+ΔD-S)(μ) (12)
wherein D is d Is the true load quantity at load node d; (12) PL is a line power flow vector, P is a generator output vector, KP is a node-generator correlation matrix, SF is a transfer factor matrix, and KD is a node-load correlation matrix; formulas (13) to (15) are respectively the rated capacity of the circuit, the output of the generator andthe upper and lower bounds, lambda, mu, lagrangian constants respectively representing the corresponding lower constraint conditions;
s3, converting the double-layer mixed optimization model into a single-layer mixed integer model by applying a strong dual-dipole theory according to the double-layer optimization model established in the S2, and solving in a solver;
and S4, obtaining an optimal attack scheme of the attacker according to the calculation result of the optimization model.
2. The modeling method for load false data injection attack according to claim 1, wherein the specific process of S1 is as follows:
s11, establishing a Bayesian attack graph of a communication link between an intrusion substation and a control center, wherein the Bayesian attack graph consists of a three-layer structure; wherein the first layer is countermeasure group A j The second layer is sub-target B i The third layer is the overall target C m Sub-target B i Represented by circular nodes; by bypassing or defeating the corresponding countermeasure group A j Achieve sub-target B i The method comprises the steps of carrying out a first treatment on the surface of the Quantifying the probability of an intruder successfully performing an unauthorized operation on the target communication link by the constructed Bayesian model;
s12, calculating the successful invasion probability of the transformer substation: calculating the successful invasion probability of the transformer substation by using a Bayesian attack graph, wherein the successful invasion probability of the transformer substation changes along with the distribution of defensive resources and the identified loopholes, and the loopholes of each network component are randomly generated;
s13, calculating an average compromise time value: based on the Bayesian attack graph determined in the step S11 and the probability of successful intrusion into the transformer substation determined in the step S12, establishing a mathematical model of average compromise time, and calculating an MTTC value of the average compromise time; wherein the method comprises the steps ofT (v) i ) Is to use a single vulnerability v i The time required, p (c), represents the probability of successful achievement of the overall target condition, p (v) i Λ c) is the probability of successful attack that results in the overall target condition and exploits the vulnerability, representing the probability of success that results in the target condition based on the assumption that the attacker always selects the easiest attack path;
where i represents the number of pre-vulnerability vulnerabilities leading to the target vulnerability, p (v i =t) represents the probability of successfully executing an attack under three preconditions, p (v) i =T|S i =T,N i =T,L i =t) is expressed as the probability that an attacker can alone successfully exploit a certain vulnerability.
3. The modeling method for load false data injection attack according to claim 1, wherein before an intruder carries out network attack, the calculation is carried out by using a load false data injection attack model, the calculation result comprises the number and the positions of substations to be invaded and the injection load quantity corresponding to each substation, the intruder is guided to carry out subsequent attack, and a reference defense scheme is provided for a power grid defender under the threat of information physical network attack according to an upper layer optimization result and a lower layer optimization result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211292172.1A CN115712894B (en) | 2022-10-21 | 2022-10-21 | Load false data injection attack modeling method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211292172.1A CN115712894B (en) | 2022-10-21 | 2022-10-21 | Load false data injection attack modeling method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115712894A CN115712894A (en) | 2023-02-24 |
| CN115712894B true CN115712894B (en) | 2023-09-15 |
Family
ID=85231379
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211292172.1A Active CN115712894B (en) | 2022-10-21 | 2022-10-21 | Load false data injection attack modeling method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115712894B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110188995A (en) * | 2019-04-29 | 2019-08-30 | 国网宁夏电力有限公司电力科学研究院 | Unit load cooperates with spare Optimal Configuration Method and system, equipment, storage medium |
| CN110571787A (en) * | 2019-09-26 | 2019-12-13 | 国网浙江省电力有限公司嘉兴供电公司 | false data injection attack design and defense method for direct-current micro-grid |
| CN112235283A (en) * | 2020-10-10 | 2021-01-15 | 南方电网科学研究院有限责任公司 | Vulnerability description attack graph-based network attack evaluation method for power engineering control system |
| CN114051220A (en) * | 2021-10-27 | 2022-02-15 | 上海智能网联汽车技术中心有限公司 | Ontology-based dynamic Bayesian attack graph generation method and system for Internet of vehicles |
| CN115049270A (en) * | 2022-06-20 | 2022-09-13 | 长沙理工大学 | Power system risk assessment method considering network attack success probability of transformer substation |
-
2022
- 2022-10-21 CN CN202211292172.1A patent/CN115712894B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110188995A (en) * | 2019-04-29 | 2019-08-30 | 国网宁夏电力有限公司电力科学研究院 | Unit load cooperates with spare Optimal Configuration Method and system, equipment, storage medium |
| CN110571787A (en) * | 2019-09-26 | 2019-12-13 | 国网浙江省电力有限公司嘉兴供电公司 | false data injection attack design and defense method for direct-current micro-grid |
| CN112235283A (en) * | 2020-10-10 | 2021-01-15 | 南方电网科学研究院有限责任公司 | Vulnerability description attack graph-based network attack evaluation method for power engineering control system |
| CN114051220A (en) * | 2021-10-27 | 2022-02-15 | 上海智能网联汽车技术中心有限公司 | Ontology-based dynamic Bayesian attack graph generation method and system for Internet of vehicles |
| CN115049270A (en) * | 2022-06-20 | 2022-09-13 | 长沙理工大学 | Power system risk assessment method considering network attack success probability of transformer substation |
Non-Patent Citations (2)
| Title |
|---|
| Modeling Load Redistribution Attacks in Power Systems;Yanling Yuan 等;IEEE;第382-390页 * |
| Power System Reliability Evaluation With SCADA Cybersecurity Considerations;Yichi Zhang 等;TRANSACTIONS ON SMART GRID;第1707-1721页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115712894A (en) | 2023-02-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Xiang et al. | Power system reliability evaluation considering load redistribution attacks | |
| Xiang et al. | An improved defender–attacker–defender model for transmission line defense considering offensive resource uncertainties | |
| Che et al. | Mitigating false data attacks induced overloads using a corrective dispatch scheme | |
| Pei et al. | PMU placement protection against coordinated false data injection attacks in smart grid | |
| Tian et al. | Multilevel programming-based coordinated cyber physical attacks and countermeasures in smart grid | |
| Anwar et al. | Anomaly detection in electric network database of smart grid: Graph matching approach | |
| CN110276200A (en) | A kind of determination method of power information system state transition probability | |
| Zhang et al. | Pattern analysis of topological attacks in cyber-physical power systems considering cascading outages | |
| Fan et al. | A method for identifying critical elements of a cyber-physical system under data attack | |
| Pan et al. | Combined data integrity and availability attacks on state estimation in cyber-physical power grids | |
| CN114326403A (en) | Multi-agent system security convergence control method based on node information privacy protection | |
| CN113111537A (en) | Power distribution network node risk assessment method and system based on information physical fusion | |
| Meyur | A Bayesian attack tree based approach to assess cyber-physical security of power system | |
| Wang et al. | A new model approach of electrical cyber physical systems considering cyber security | |
| Du et al. | Hybrid robust tri-level defense model against multiperiod uncertain attacks | |
| Tang et al. | Power system reliability analysis considering external and insider attacks on the SCADA system | |
| Liu et al. | Systematic planning of moving target defence for maximising detection effectiveness against false data injection attacks in smart grid | |
| Pan et al. | Data attacks on power system state estimation: Limited adversarial knowledge vs. limited attack resources | |
| Bompard et al. | Cyber vulnerability in power systems operation and control | |
| Hong et al. | Security monitoring and network management for the power control network | |
| kamal Kaur et al. | Security analysis of smart grids: Successes and challenges | |
| CN115712894B (en) | Load false data injection attack modeling method | |
| Behdadnia et al. | Leveraging Deep Learning to Increase the Success Rate of DoS Attacks in PMU-Based Automatic Generation Control Systems | |
| Liu et al. | Research on Cyber Security Defense Technology of Power Generation Acquisition Terminal in New Energy Plant | |
| Wang et al. | Feature selection for precise anomaly detection in substation automation systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |