CN115936503A - Power system security evaluation hidden attack method, system and storage medium - Google Patents
Power system security evaluation hidden attack method, system and storage medium Download PDFInfo
- Publication number
- CN115936503A CN115936503A CN202211541947.4A CN202211541947A CN115936503A CN 115936503 A CN115936503 A CN 115936503A CN 202211541947 A CN202211541947 A CN 202211541947A CN 115936503 A CN115936503 A CN 115936503A
- Authority
- CN
- China
- Prior art keywords
- model
- attack
- feature
- optimization problem
- power system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a security evaluation type covert attack method, system and storage medium for a data drive power system. Firstly, reducing feature dimensions through correlation analysis and clustering, and generating a plurality of feature subsets based on a random subspace; training a substitution model set based on the feature subset and possible machine learning model types, and constructing an optimization problem generated by a confrontation sample; relaxing an original optimization problem, processing nonlinear equality constraint, unifying a discrete model and a continuous model by a model smoothing method, solving the optimization problem by a gradient method, and analyzing the vulnerability of a safety evaluation model and an operation point by using a confrontation sample. The invention provides a method for realizing high mobility and hidden attack, which analyzes the vulnerability of a running point according to the disturbance distance between a confrontation sample and an original sample.
Description
Technical Field
The invention belongs to the field of power system security evaluation, and particularly relates to a hidden attack method, a hidden attack system and a storage medium for data-driven power system security evaluation.
Background
Safety assessment and control of the power system are important parts for guaranteeing stable operation of the system, wherein the safety assessment can be divided into static safety assessment and dynamic safety assessment, the dynamic safety assessment focuses on a dynamic process of the system after the system is disturbed, and the dynamic safety assessment can be further divided into dynamic stability such as transient state and small interference. With the development and construction of a novel low-carbon power system, the access of high-proportion new energy and power electronic devices increases the uncertainty of the system, reduces the inertia and increases the complexity. More accurate and efficient security assessment models are needed to cope with the increasing security risks, promoting low-carbon, economic and safe operation. For this reason, data-driven security evaluation methods such as machine learning have been widely studied.
However, in recent years, network risks and serious consequences of major infrastructures such as power systems are indicated by events such as blackouts caused by network attacks. In addition, related researches also show the vulnerability of machine learning under the threat of resisting attacks and the like, such as an attack resisting algorithm based on Mixed Integer Linear Programming (MILP), a Fast Gradient Symbolic Method (FGSM), a projection gradient descent method (PGD) and other attack resisting algorithms based on gradient information. The attack algorithms do not consider physical constraints of an actual system, so that protection mechanisms such as bad data detection of the power system cannot be bypassed, and the threat degree is low. Once an attacker constructs a hidden attack by combining the characteristics of a physical system, the system is greatly damaged. In order to guarantee the normal decision of the data-driven security evaluation model, the risk of the hidden cyber attack needs to be researched to evaluate the vulnerability of the hidden cyber attack.
Disclosure of Invention
The invention aims to provide a hidden attack method, a hidden attack system and a hidden attack storage medium for the security evaluation of a data-driven power system aiming at the network security attack risk faced by a dynamic security evaluation model of the data-driven power system, and the vulnerability of the security evaluation model and a system operating point is analyzed by the disturbance distance of a countercheck sample and an original sample so as to support the subsequent scheduling control.
In order to realize the technical problem, the invention is realized by the following technical scheme: the hidden attack method for the safety evaluation of the data-driven power system comprises the following steps:
a hidden attack method for power system security evaluation comprises the following steps:
step 1: the method comprises the steps of constructing a data set by utilizing historical operating data and simulation data of the power system, reducing feature dimensions through a correlation analysis and clustering method, and generating a plurality of feature subsets based on a random subspace;
step 2: training a substitution model set based on the feature subset and the machine learning model type, considering the physical characteristics of an attack target and a power system, and defining an optimized objective function and a constraint condition generated by a confrontation sample;
and 3, step 3: through the transformation of a discrete model and the processing of nonlinear equality constraint, an original optimization problem which is difficult to directly solve is converted into the optimization only containing box type constraint, and the relaxed optimization problem is solved in a gradient mode to obtain a confrontation sample.
Further, the step 1 comprises:
step 1.1: constructing a data set based on historical operating data and time domain simulation data; the historical operating data and time domain simulation data comprise active and reactive power transmitted by a power system, active and reactive power injected by nodes, voltage phase angle of the nodes and the like, and input x = [ P ] L ,Q L ,P,Q,V,θ](ii) a Judging whether the output label is stable or not;
step 1.2: calculating the correlation between the input features of the data set and the correlation between the input features and the labels;
calculating the correlation using the mutual information, for discrete random variables (X, Y), whose mutual information is calculated by:
wherein P is X,Y (x, y) is the joint probability distribution, P X And P Y Is a marginal probability distribution; for continuous random variables, calculating mutual information MI through entropy estimation of k nearest neighbor distance;
step 1.3: clustering the input features based on the correlation analysis result;
step 1.4: and selecting an unknown black box scene according to the characteristics, sampling from the clustered multiple characteristic classes, and constructing multiple characteristic subsets.
Further, the step 2 comprises:
step 2.1: based on feature subsets S ′ Considering a machine learning algorithm and a structure which may be adopted by a victim model, constructing a substitution model set F; the substitution model set F comprises a plurality of discrete models represented by decision trees and continuous models represented by neural networks so as to deal with the black box scene with unknown model types; in a white-box scenario, the set of surrogate models degenerates into a single concrete model;
step 2.2: on the set of surrogate models F, the optimization objective function and constraints that oppose the sample generation are defined.
Further, the step 3 comprises:
step 3.1: relaxing a plurality of nonlinear constraints contained in an original optimization problem;
step 3.2: converting discrete models contained in the substitution model set into continuous models to carry out unified solution;
step 3.3: solving the relaxed optimization problem by adopting a gradient method to obtain a confrontation sample; the original optimization problem is converted into an optimization problem only containing box type constraints after being relaxed, and the objective function of the optimization problem is as follows:
wherein L (x, x) ′ ) And evaluating the attack effect of the attack sample on the substitution model set, wherein kappa and gamma are weights.
Further, in step 1.3, features are clustered using a neighbor propagation Algorithm (AP), first constructing a similarity s based on MI between features AP (i, j); then updated until convergence using:
wherein r is AP (i, k) is defined as the attraction degree, reflecting the effect of point k as the cluster center of point i compared to other cluster centers, a AP (i, k) is defined as attribution degree, reflects the effect of selecting the point k as the clustering center of the point i compared with other potential clustering centers, and is initialized to be zero; clustering assignment of each featureThe n-dimensional features can be obtained by dividing the n-dimensional features into M classes as follows:
further, in step 1.4, sorting the M classes by average MI between the labels and the features in the feature classes, and constructing a plurality of feature subsets by using random subspaces or feature bagging to cover a possible feature selection space; in feature bagging, each training set is constructed by a guided replication of the original data set; given a data set S with N samples, by optimization from the input features xRandomly selecting k feature classes from the feature classes to construct a new data set, whereinUpon multiple selections, a subset of features>Is constructed to select possible combinations of input features on behalf of a data-driven security assessment model, where N f Is the number of feature subsets.
Further, in step 2.2, in a black box scenario, the challenge sample is expected to mislead all surrogate models and minimize the attack cost d (x, x) ′ ) I.e. the distance between the original measurement value and the malicious tampering value, while satisfying the upper and lower limits of the variableSum power flow equation g (x) ′ ) Physical constraints of = 0; the corresponding optimization problem can be expressed in the form:
s.t.g(x ′ )=0
F i (x ′ )≠y,i=1,2,…,2N f
further, in step 3.1, the nonlinear equation constraints in the optimization problem include physical constraints such as a power flow equation and the like and constraints for misclassifying the model by countersamples; for the former, when an attack is initiated, it is only required to ensure that the measurement residual J (x) of an input variable is lower than a certain threshold; thus g (x) =0 relaxes to J (x) ≦ η, which is then converted to a loss term that is minimized in the objective function:
r(x)=(J(x)-η) +
likewise, F i (x ′ ) Not equal to y also translates into a loss term for evaluating the attack effect and minimizes in the objective function;
in step 3.2, the discrete model is processed by using a model smoothing method, firstly, the input and output mapping of the discrete model is expressed by using a logic algebraic expression, and then, the inequality and the logic ' AND ' NOT ' are approximated by using a sigmoid function and an algebraic expression:
wherein B is a relaxation factor; and after smoothing, the discrete model and the neural network continuous model are processed in a unified way.
A covert attack system for security assessment of a power system, comprising:
the data set construction and multiple feature subset generation module is used for constructing a data set by utilizing historical operating data and simulation data of the power system, reducing feature dimensions through a correlation analysis and clustering method and based on a random subspace;
the countermeasure sample optimization problem construction module trains a substitution model set based on the feature subset and possible machine learning model types to construct an optimization problem generated by the countermeasure sample;
a confrontation sample generation module which relaxes the original optimization problem, including nonlinear equation constraint and discrete model conversion,
solving in a gradient mode to obtain a confrontation sample.
A readable computer storage medium storing a computer program for implementing the method according to any one of claims 1-8 when the program is executed by a processor.
Compared with the prior art, the invention has the beneficial effects that:
in the invention, a plurality of feature subsets are generated by a random subspace method in step 1 to deal with the unknown black box scene of feature selection, and the feature dimension is reduced by adopting a correlation analysis and clustering method to improve the efficiency of the random subspace; in the step 2, considering the black box scene with unknown machine learning model types, the practical constraints such as power flow of the power system, upper and lower limits of physical variables and the like, and constructing an optimization problem of the generation of the countermeasure sample to ensure the mobility and the concealment of the generated countermeasure sample, avoid conservative estimation of robustness caused by an over-strong attack assumption of a common countermeasure attack method, and contribute to ensuring that the system has higher economy while stably running in subsequent scheduling control; in step 3, through relaxation of the original optimization problem, optimization iteration convergence is promoted, and calculation efficiency is improved.
Drawings
FIG. 1 is a general framework diagram of a hidden attack method for a dynamic security assessment model of a data-driven power system according to an embodiment of the present invention;
fig. 2 is a schematic diagram of prediction accuracy of a data-driven dynamic security assessment model provided in an embodiment of the present invention under different attack-resisting samples;
FIG. 3 is a schematic diagram of the measured residuals of different challenge samples (and their comparison with a reference threshold) provided by an embodiment of the present invention; fig. 4 is a system configuration diagram of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
A hidden attack method for power system security evaluation comprises the following steps:
step 1: the method comprises the steps of constructing a data set by utilizing historical operating data and simulation data of the power system, reducing feature dimensions through a correlation analysis and clustering method, and generating a plurality of feature subsets based on a random subspace;
step 2: training a substitution model set based on the feature subset and the machine learning model type, considering the physical characteristics of an attack target and a power system, and defining an optimized objective function and a constraint condition generated by a confrontation sample;
and step 3: through the transformation of a discrete model and the processing of nonlinear equality constraint, an original optimization problem which is difficult to directly solve is converted into the optimization only containing box type constraint, and the relaxed optimization problem is solved in a gradient mode to obtain a confrontation sample.
Further, the step 1 comprises:
step 1.1: constructing a data set based on historical operating data and time domain simulation data; the historical operating data and the time domain simulation data comprise the transmission active power and the reactive power of the power systemPower, node injection active and reactive power, node voltage phase angle and the like, and input x = [ P = L ,Q L ,P,Q,V,θ](ii) a Judging whether the output label is stable or not;
step 1.2: calculating the correlation between the input features of the data set and the features and between the input features and the labels;
calculating correlation using mutual information, for discrete random variables (X, Y), whose mutual information is calculated by:
wherein P is X,Y (x, y) is the joint probability distribution, P X And P Y Is the marginal probability distribution; for continuous random variables, calculating mutual information MI through entropy estimation of k nearest neighbor distance;
step 1.3: clustering the input features based on the correlation analysis result;
step 1.4: and selecting an unknown black box scene according to the characteristics, sampling from the clustered multiple characteristic classes, and constructing multiple characteristic subsets.
Further, the step 2 comprises:
step 2.1: based on feature subsets S ′ Considering a machine learning algorithm and a structure which may be adopted by a victim model, constructing a substitution model set F; the substitution model set F comprises a plurality of discrete models represented by decision trees and continuous models represented by neural networks so as to deal with the black box scene with unknown model types; in a white-box scenario, the set of surrogate models degenerates into a single concrete model;
step 2.2: on the set of surrogate models F, the optimization objective function and constraints that oppose the sample generation are defined.
Further, the step 3 comprises:
step 3.1: relaxing a plurality of nonlinear constraints contained in an original optimization problem;
step 3.2: converting discrete models contained in the substitution model set into continuous models to carry out unified solution;
step 3.3: solving the relaxed optimization problem by adopting a gradient method to obtain a confrontation sample; the original optimization problem is converted into an optimization problem only containing box type constraints after being relaxed, and the objective function of the optimization problem is as follows:
wherein L (x, x) ′ ) And evaluating the attack effect of the attack sample on the substitution model set, wherein kappa and gamma are weights.
Further, in step 1.3, features are clustered using a neighbor propagation Algorithm (AP), first constructing a similarity s based on MI between features AP (i, j); then updated until convergence using:
wherein r is AP (i, k) is defined as the attraction degree, reflecting the effect of point k as the cluster center of point i compared to other cluster centers, a AP (i, k) is defined as attribution degree, reflects the effect of the point i in selecting the point k as the clustering center of the point i, compared with other potential clustering centers, and is initialized to be zero; clustering assignment of each featureThe n-dimensional features can be obtained by dividing the n-dimensional features into M classes as follows:
further, in step 1.4, the M classes are ranked by the average MI between the label and the feature in the feature classConstructing a plurality of feature subsets by utilizing random subspaces or feature bagging to cover a possible feature selection space; in feature bagging, each training set is constructed by a guided replication of the original data set; given a data set S of N samples, by optimization from the input features xRandomly selecting k feature classes from the feature classes to construct a new data set, whereinUpon multiple selections, the subset of features>Is constructed to select possible combinations of input features on behalf of a data-driven security assessment model, where N f Is the number of feature subsets.
Further, in step 2.2, in a black box scenario, the challenge sample is expected to mislead all surrogate models and minimize the attack cost d (x, x) ′ ) I.e. the distance between the original measurement value and the malicious tampering value, while satisfying the upper and lower bounds of the variableSum power flow equation g (x) ′ ) Physical constraints of = 0; the corresponding optimization problem can be expressed in the form:
s.t.g(x ′ )=0
F i (x ′ )≠y,i=1,2,…,2N f
further, in step 3.1, the nonlinear equation constraints in the optimization problem include physical constraints such as a power flow equation and the like and constraints for misclassifying the model by countersamples; for the former, when attack is initiated, it is only necessary to ensure that the measurement residual J (x) of the input variable is lower than a certain threshold; thus g (x) =0 relaxes to J (x) ≦ η, which is then converted to a loss term that is minimized in the objective function:
r(x)=(J(x)-η) +
likewise, F i (x ′ ) Not equal to y also converts into a loss item for evaluating the attack effect and minimizes in a target function;
in step 3.2, the discrete model is processed by using a model smoothing method, firstly, the input and output mapping of the discrete model is expressed by using a logic algebraic expression, and then, the inequality and the logic ' AND ' NOT ' are approximated by using a sigmoid function and an algebraic expression:
wherein B is a relaxation factor; and after smoothing, the discrete model and the neural network continuous model are processed in a unified way.
The invention takes an experiment based on an IEEE 39 node standard example as an example to explain how to realize the hidden attack method of the dynamic security evaluation model of the data-driven power system.
As shown in FIG. 1, the present invention is a hidden attack method for a dynamic security assessment model of a data-driven power system, which includes the following steps:
(1) Constructing a data set based on time domain simulation data of an IEEE 39 node standard system, wherein input characteristics comprise transmission active and reactive power of a power system, injection of active and reactive power of nodes, voltage phase angle of the nodes and the like, and x = [ P ] L ,Q L ,P,Q,V,θ]For a system containing 39 buses and 46 transmission lines, there are 248 dimensional features. The output label is a determination of whether the system is stable or not, y =0 represents unstable, and y =1 represents stable.
(2) And preprocessing the data. The correlation between features and labels is calculated by mutual information, and for continuous random variables, the mutual information MI is calculated by entropy estimation of the k nearest neighbor distance. Clustering features by using a neighbor propagation Algorithm (AP), and firstly constructing similarity s based on MI (mean average index) between the features AP (i, j). Then updated until convergence using:
wherein r is AP (i, k) is defined as the attraction degree, reflecting the effect of point k as the cluster center of point i compared to other cluster centers, a AP (i, k) is defined as the degree of attribution, reflecting the effect of point i selecting point k as its clustering center, compared to other potential clustering centers, and is initialized to zero. Clustering assignment of each featureThe n-dimensional features can be obtained by dividing the n-dimensional features into M classes as follows:
(3) Sorting the M classes obtained in step (2) by average MI between the labels and features in the feature classes, constructing a plurality of feature subsets to cover a space of possible feature choices using random subspaces or feature bags. In feature bagging, each training set is constructed by a guided replication of the original data set. Given a data set S with N samples, by optimization from the input features xRandomly selecting k feature classes from the feature classes to construct a new data set, wherein Upon multiple selections, the subset of features>Is configured to select possible combinations of input features, where N is a number of possible combinations, on behalf of the data-driven security assessment model f Is the number of feature subsets.
(4) Repeating the step (3) to generate the feature subsetIs configured to select possible combinations of input features, where N is a number of possible combinations, on behalf of the data-driven security assessment model f Is the number of feature subsets. Based on the feature subset S ′ A set of surrogate models F is constructed taking into account the machine learning algorithms and structures that the victim model may employ. In the black box scene, a plurality of discrete models represented by decision trees and a plurality of nerves are containedThe network is a continuous model of representation. In the white-box scenario, the set of surrogate models degenerates to a single concrete model.
(6) In the black-box scenario, the countersample is expected to mislead all surrogate models and minimize the attack cost d (x, x) ′ ) (i.e. the distance between the original measurement value and the malicious tamper value) and simultaneously satisfies physical constraints such as upper and lower variable limits, a power flow equation and the like. The corresponding optimization problem can be expressed as:
s.t.g(x ′ )=0
F i (x ′ )≠y,i=1,2,…,2N f
(7) The original optimization problem generated by resisting samples comprises a plurality of nonlinear constraints and discrete and continuous model mapping, is difficult to directly solve and consider to relax. Nonlinear equality constraints in the optimization problem include physical constraints such as power flow equations and constraints that misclassify the model against samples. For the former, at the time of attack initiation, it is sufficient to ensure that the measured residual of the input variable is below a certain threshold, so g (x) =0 relaxes to J (x) ≦ η, where η comes from the significance check of the chi-square distribution and takes into account the error of the measured value to 0.1% of its span. It is then converted into a loss term that is minimized in the objective function:
r(x)=(J(x)-η) +
likewise, F i (x ′ ) Not equal to y also translates into a loss term to evaluate the effect of the attack and minimizes in the objective function.
(8) In order to uniformly solve discrete models and continuous models contained in a substitute model set, a model smoothing method is used for processing the discrete models, firstly, the input and output mapping of the discrete models is expressed through a logic algebraic expression, and then, a sigmoid function and the algebraic expression are used for approximating inequalities and logic ' AND ' NOT ':
wherein B is a relaxation factor. After being smoothed, the discrete model can be processed with continuous models such as a neural network in a unified way.
(9) After a series of relaxation operations, the original optimization problem is converted into an optimization problem only containing box type constraints, and the objective function of the optimization problem is as follows:
wherein L (x, x) ′ ) And evaluating the attack effect of the attack sample on the substitute model set. Solving the post-relaxation optimization problem by adopting the ideas of Adam optimization and Projection Gradient Descent (PGD), calculating the update quantity delta x of each original input x through Adam optimization, and estimating by utilizing first moment and second momentTo facilitate convergence of the iteration. Then, x + δ x is projected into the valid range of the variable to satisfy the box constraint. And continuously performing the iteration process until convergence, and further generating a confrontation sample meeting physical constraints in a black box scene, wherein the confrontation sample has high concealment and mobility. In order to verify the effectiveness of the present invention, three types of anti-attack methods were tested:
OEI-MILP: countermeasure samples for the decision tree are generated by mixed integer linear programming.
PGD: and generating a countermeasure sample of the neural network by a projection gradient descent method.
TOA: the method of attack countermeasure proposed in the present invention, wherein TOA-DT and TOA-NN are defined as special cases when the surrogate model set degenerates into a single decision tree or a single neural network, and TOA-E is defined as TOA without considering physical constraints.
For three types of attack methods, the attack performance under white box and black box scenes is shown in the following table:
TABLE 1
From table 1, it can be analyzed that, in the white-box scenario, although the prediction accuracy of all the confrontation samples generated by the OEI-MILP, the PGD and the TOA on the original model is 0%, neither the OEI-MILP nor the PGD can bypass the bad data detection of the power system, and therefore will be filtered without any impact on the real-world system. In the black-box scenario, challenge samples are generated on surrogate models and tested for migratability on other models. Specifically, the test model includes 40 different decision trees and 40 neural networks, and the prediction accuracy in the black box scenario is obtained by calculating the average value on the test model. As shown in Table 1, the proposed TOA attack, which tested the data-driven security assessment model under various failures, reduced the average prediction accuracy of the model to about 1.52%, and the success rates of the TOA attack were about 94.02% and 77.38% higher than those of OEI-MILP and PGD, respectively. Furthermore, the migratability of different attack algorithms (including three special cases of TOAs) on decision trees and neural networks is shown in fig. 2. Obviously, the TOA attack method (i.e. considering a plurality of different surrogate models) generates a confrontational sample with extremely high mobility, and the average prediction precision is about 0.27%.
To demonstrate the concealment of the proposed method, the measurement residuals of the challenge samples from different attacks are shown in fig. 3, where the horizontal lines represent the reference thresholds of the BDD (the thresholds can be lower if needed). In this experiment, the calculation of the residual takes into account that the measurement error of each power measurement unit is less than 0.1% of its maximum range (specifically, we set the error to 0.01 pu). The number of measurements is 170 (active and reactive power flows including 46 branches, active and reactive power injection of 39 buses), the number of states is 77, so the BDD threshold can be set to 127.63 from a chi-square distribution with 93 degrees of freedom. The results shown in fig. 3 show that only antagonistic samples taking into account physical constraints (including TOA, TOA-DT and TOA-NN) achieve measurement residuals for all antagonistic samples below the detection threshold, indicating the concealment of the proposed method, whereas antagonistic samples generated by OEI-MILP and PGD will be detected.
A hidden attack system of a dynamic security assessment model of a power system, as shown in fig. 4, includes:
the data set construction and multiple feature subset generation module is used for constructing a data set by utilizing historical operating data and simulation data of the power system, reducing feature dimensions through a correlation analysis and clustering method and based on a random subspace;
the countermeasure sample optimization problem construction module trains a substitution model set based on the feature subset and possible machine learning model types to construct an optimization problem generated by the countermeasure sample;
a confrontation sample generation module, which relaxes the original optimization problem, including nonlinear equation constraint and discrete model conversion,
solving in a gradient mode to obtain a confrontation sample.
A readable computer storage medium storing a computer program for implementing a method as claimed in any one of the preceding claims when the program is executed by a processor.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product.
Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The scheme in the embodiment of the application can be implemented by adopting various computer languages, such as object-oriented programming language Java and transliterated scripting language JavaScript.
Reference is made to flowcharts and-
Or depicted in block diagram form. It will be understood that each flow path and/or block diagram in the flowchart illustrations and/or block diagrams can be implemented by computer program instructions
Or a combination of blocks, and flows and/or blocks in flowcharts and/or block diagrams. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. A hidden attack method for power system security assessment is characterized by comprising the following steps:
step 1: the method comprises the steps of constructing a data set by utilizing historical operating data and simulation data of the power system, reducing feature dimensions by a correlation analysis and clustering method, and generating a plurality of feature subsets based on a random subspace;
step 2: training a substitution model set based on the feature subset and the machine learning model type, considering the physical characteristics of an attack target and a power system, and defining an optimized objective function and a constraint condition generated by a countermeasure sample;
and step 3: through the transformation of a discrete model and the processing of nonlinear equality constraint, an original optimization problem which is difficult to directly solve is converted into the optimization only containing box type constraint, and the relaxed optimization problem is solved in a gradient mode to obtain a confrontation sample.
2. The method for concealed attack of power system security evaluation according to claim 1, wherein the step 1 comprises:
step 1.1: constructing a data set based on historical operating data and time domain simulation data; the historical operating data and time domain simulation data comprise active and reactive power transmitted by a power system, active and reactive power injected by nodes, voltage phase angle of the nodes and the like, and input x = [ P ] L ,Q L ,P,Q,V,θ](ii) a Judging whether the output label is stable or not;
step 1.2: calculating the correlation between the input features of the data set and the features and between the input features and the labels;
calculating the correlation using the mutual information, for discrete random variables (X, Y), whose mutual information is calculated by:
wherein P is X,Y (x, y) is the joint probability distribution, P X And P Y Is the marginal probability distribution; for continuous random variables, calculating mutual information MI through entropy estimation of k nearest neighbor distances;
step 1.3: clustering the input features based on the correlation analysis result;
step 1.4: and selecting an unknown black box scene according to the characteristics, sampling from the clustered multiple characteristic classes, and constructing multiple characteristic subsets.
3. The method for concealed attack of power system security evaluation according to claim 1, wherein the step 2 comprises:
step 2.1: based on feature subsets S ′ Considering a machine learning algorithm and a structure which may be adopted by a victim model, constructing a substitution model set F; the substitution model set F comprises a plurality of discrete models represented by decision trees and continuous models represented by neural networks so as to deal with the black box scene with unknown model types; in a white-box scenario, the set of surrogate models degenerates into a single concrete model;
step 2.2: on the set of surrogate models F, the optimization objective function and constraints that oppose the sample generation are defined.
4. The method for concealed attack of power system security evaluation according to claim 1, wherein the step 3 comprises:
step 3.1: relaxing a plurality of nonlinear constraints contained in an original optimization problem;
step 3.2: converting discrete models contained in the substitution model set into continuous models to carry out unified solution;
step 3.3: solving the relaxed optimization problem by adopting a gradient method to obtain a confrontation sample; the original optimization problem is converted into an optimization problem only containing box type constraints after being relaxed, and the objective function of the optimization problem is as follows:
wherein L (x, x) ′ ) And evaluating the attack effect of the attack sample on the substitution model set, wherein kappa and gamma are weights.
5. The hidden attack method for the dynamic security assessment model of power system as claimed in claim 2, wherein in step 1.3, the features are clustered by using a neighbor propagation Algorithm (AP), and the similarity s is constructed based on MI between the features AP (i, j); then updated until convergence using:
wherein r is AP (i, k) is defined as the attraction degree, reflecting the effect of point k as the cluster center of point i compared to other cluster centers, a AP (i, k) is defined as attribution degree, reflects the effect of the point i in selecting the point k as the clustering center of the point i, compared with other potential clustering centers, and is initialized to be zero; clustering assignment of each featureThe n-dimensional features can be obtained by dividing the n-dimensional features into M classes as follows:
6. the method for concealed attack of power system security assessment according to claim 2, characterized in that in step 1.4, the M classes are sorted according to the average MI between the label and the features in the feature classes, and a plurality of feature subsets are constructed by using random subspace or feature bag to cover the possible feature selection space; in feature bagging, each training set is constructed by a guided replication of the original data set; given a data set S of N samples, by optimization from the input features xThe k characteristic classes are selected at random from the characteristic classes to form a new data set, wherein->Upon multiple selections, a subset of features>Is constructed to select possible combinations of input features on behalf of a data-driven security assessment model, where N f Is the number of feature subsets.
7. The hidden attack method for dynamic security assessment model of power system as claimed in claim 3, wherein in step 2.2, in black box scenario, the countersample hopes to mislead all the surrogate models and minimize the attack cost d (x, x) ′ ) I.e. the distance between the original measurement value and the malicious tampering value, while satisfying the upper and lower bounds of the variableSum power flow equation g (x) ′ ) Physical constraints of = 0; the corresponding optimization problem can be expressed in the form:
s.t.g(x ′ )=0
F i (x ′ )≠y,i=1,2,…,2N f
8. the method of concealed attack on security evaluation of power system as claimed in claim 4, wherein in step 3.1, the nonlinear equation constraints in the optimization problem include physical constraints such as power flow equations and constraints against sample misclassification of models; for the former, when an attack is initiated, it is only required to ensure that the measurement residual J (x) of an input variable is lower than a certain threshold; thus g (x) =0 relaxes to J (x) ≦ η, which is then converted to a loss term that is minimized in the objective function:
r(x)=(J(x)-η) +
likewise, F i (x ′ ) Not equal to y also translates into a loss term for evaluating the attack effect and minimizes in the objective function;
in step 3.2, the discrete model is processed by using a model smoothing method, firstly, the input and output mapping of the discrete model is expressed by using a logic algebraic expression, and then, the inequality and the logic ' AND ' NOT ' are approximated by using a sigmoid function and an algebraic expression:
wherein B is a relaxation factor; and after smoothing, the discrete model and the neural network continuous model are processed in a unified way.
9. A covert attack system for security assessment of a power system, comprising:
the data set construction and multiple feature subset generation module is used for constructing a data set by utilizing historical operating data and simulation data of the power system, reducing feature dimensions through a correlation analysis and clustering method and based on a random subspace;
the countermeasure sample optimization problem construction module trains a substitution model set based on the feature subset and possible machine learning model types to construct an optimization problem generated by the countermeasure sample;
and the countermeasure sample generation module relaxes the original optimization problem, including nonlinear equation constraint and discrete model conversion, and solves the problem in a gradient mode to obtain the countermeasure sample.
10. A readable computer storage medium storing a computer program for implementing the method according to any one of claims 1-8 when the program is executed by a processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211541947.4A CN115936503A (en) | 2022-12-02 | 2022-12-02 | Power system security evaluation hidden attack method, system and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211541947.4A CN115936503A (en) | 2022-12-02 | 2022-12-02 | Power system security evaluation hidden attack method, system and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115936503A true CN115936503A (en) | 2023-04-07 |
Family
ID=86550034
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211541947.4A Pending CN115936503A (en) | 2022-12-02 | 2022-12-02 | Power system security evaluation hidden attack method, system and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115936503A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117614038A (en) * | 2024-01-23 | 2024-02-27 | 国网冀北电力有限公司 | Micro-grid control method for resisting DOS attack based on transfer learning |
-
2022
- 2022-12-02 CN CN202211541947.4A patent/CN115936503A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117614038A (en) * | 2024-01-23 | 2024-02-27 | 国网冀北电力有限公司 | Micro-grid control method for resisting DOS attack based on transfer learning |
CN117614038B (en) * | 2024-01-23 | 2024-04-05 | 国网冀北电力有限公司 | Micro-grid control method for resisting DOS attack based on transfer learning |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Doynikova et al. | CVSS-based probabilistic risk assessment for cyber situational awareness and countermeasure selection | |
Chen et al. | PAR-GAN: improving the generalization of generative adversarial networks against membership inference attacks | |
Du et al. | NIDS-CNNLSTM: Network intrusion detection classification model based on deep learning | |
Clare et al. | Combining distribution‐based neural networks to predict weather forecast probabilities | |
Yang et al. | Network security situation assessment with network attack behavior classification | |
Shi et al. | Detection of false data injection attacks in smart grid based on a new dimensionality-reduction method | |
Zhao et al. | Outlier detection for streaming task assignment in crowdsourcing | |
CN115936503A (en) | Power system security evaluation hidden attack method, system and storage medium | |
Deng et al. | Detecting intelligent load redistribution attack based on power load pattern learning in cyber-physical power systems | |
Kesici et al. | Deep learning-based framework for real-time transient stability prediction under stealthy data integrity attacks | |
Zhao et al. | Robust power system stability assessment against adversarial machine learning-based cyberattacks via online purification | |
Lakhno et al. | Applying the functional effectiveness information index in cybersecurity adaptive expert system of information and communication transport systems | |
Kai et al. | A CVSS-based vulnerability assessment method for reducing scoring error | |
Khoei et al. | ACapsule Q-learning based reinforcement model for intrusion detection system on smart grid | |
Dong et al. | Security situation prediction method for industrial control network based on adaptive Grey Verhulst model and GRU network | |
Liang et al. | Repairing deep neural networks based on behavior imitation | |
Shahrasbi et al. | On detecting data pollution attacks on recommender systems using sequential gans | |
Khusainov et al. | Substantial formulation of the task of improving the information model of decision-making in the prompt (crisis) response to cyber incidents | |
Ables et al. | Eclectic Rule Extraction for Explainability of Deep Neural Network based Intrusion Detection Systems | |
Mhmood et al. | Detection of cyber-attacks on smart grids using improved VGG19 deep neural network architecture and Aquila optimizer algorithm | |
CN117171428B (en) | Method for improving accuracy of search and recommendation results | |
Naaz et al. | A PNN based Malign Attack Detection and Classification Model | |
Yao et al. | A Unified Security Monitoring Architecture and Management Method for Power Distribution IoT | |
Sulayman et al. | Real-Time Data Generation and Anomaly Detection for Security User Profiles | |
Yamaguchi et al. | Attack Tree Analysis for Adversarial Evasion Attacks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |