|Alternative Title||Research on Malicous User Inspection Problem in Neighborhood Area Network in Smart Grid|
|Keyword||智能电网邻域网 窃电用户 查找 机器学习 实时测量|
|Place of Conferral||沈阳|
基于实时测量的窃电用户查找机制，通过在邻域网中安装检测器等冗余设备来对用户进行监测和对窃电用户进行查找，具有准确率高、误检率低等优点，是当前的研究热点。针对现有基于实时测量的窃电用户查找机制冗余设备安装成本高、窃电用户查找时间长等，本文按照窃电用户数目多少及其确定性，针对单窃电用户场景和多窃电用户场景、有窃电前科场景和无窃电前科场景，对基于实时测量的窃电用户查找算法开展了较为系统的研究，取得如下创新性成果：（1）单窃电用户场景下的编码分组查找算法。本文首先分析了窃电用户的出现过程为泊松过程的本质，提出通过调整智能电表数据汇报周期的长短可确保在整个查找过程中邻域网中最多只出现一个窃电用户。在此基础上，提出一种基于二进制编码分组查找（Binary-Coded Grouping-based Inspection, BCGI）算法定位窃电用户。当邻域网中用户总数目和检测器总数目满足一定关系时，BCGI算法能根据检测器的状态一步定位窃电用户。针对实际应用中用户数和检测器数目不满足上述关系的窃电用户查找问题，本文又进一步提出了基于多进制编码分组的查找（M-ary Coded Grouping-based Inspection，MCGI）算法和一般化的基于二进制编码分组的查找（Generalized Binary Coded Grouping-based Inspection，G-BCGI）算法。上述两个算法的最大查找步数与用户总数目和检测器总数目之比分别呈分数幂和对数关系，且G-BCGI算法比MCGI算法的查找速度要快。（2）多窃电用户场景下的自适应分裂二分查找算法。本文首先分析邻域网中窃电用户数目服从二项分布，并提出相应算法估算窃电用户数目上限值。在此基础上，本文提出一种自适应分裂二分查找（Adaptive Binary Splitting Inspection，ABSI）算法。该算法能够在查找过程中自适应地将其查找策略在逐个查找策略和二分查找策略之间进行调整。具体地说，若待查用户集合中平均每两个用户包含至少一个窃电用户，则在下一个查找步中应用逐个查找策略；否则，在下一个查找步中采用二分查找策略对一定数目的用户进行查找。本文也进一步分析了ABSI算法的性能，包括查找步数最大值、最小值和阈值参数对窃电用户查找过程的准确率、假正\负率的影响。仿真结果表明，相比于现有算法，ABSI算法准确率高、假正\负率低、查找步数少以及应用范围广。（3）有窃电前科场景下的基于嫌疑评估的查找算法。考虑到窃电行为本质上是一种特殊形式的经济犯罪，本文提出基于犯罪学知识评估各个用户的前科窃电嫌疑。同时，根据历史电量消耗预测用户正常的电量消耗，通过比较用户的电量消耗预测值与电量消耗上报值来评估用户的电量偏差窃电嫌疑。基于前科窃电嫌疑和电量偏差窃电嫌疑建立数学模型对用户的窃电嫌疑进行综合评估。在此基础上，本文提出一种基于嫌疑评估的查找算法（Suspicion Assessment based Inspection, SAI），在查找过程中优先查找窃电嫌疑大的用户。对嫌疑较大的用户采用逐个查找策略；而对嫌疑较小的用户根据嫌疑程度建立一棵以用户为叶子结点的哈夫曼二叉树自顶向下查找。仿真结果表明，无论查找过程中是否出现新的窃电用户，SAI算法相比于现有算法均能更快定位窃电用户。（4）无窃电前科场景下的基于分组测试的启发式查找算法。在没有任何先验信息的前提下，本文提出基于查找过程中所得窃电用户和诚实用户数目等信息自适应地估算邻域网中窃电用户比例，并在此基础上提出一种基于分组测试的启发式查找算法（Grouping Testing based Heuristic Inspection，GTHI）。该算法能在查找过程中根据实时估算的窃电用户比例自适应地将其查找策略在逐个查找策略和分组测试策略中进行调整。具体地说，在没有查找到窃电用户之前，采用跳跃策略对邻域网中的用户进行查找。在查找到至少一个窃电用户后，若估算的窃电用户比例大于事先给定的阈值，则在下一个查找步中采用逐个查找策略；否则，在下一个查找步中采用分组测试策略，且所查找的用户数目也由估算的窃电用户比例决定。本文对GTHI算法的性能进行了分析，包括查找步数的最大值、最小值以及阈值选择分析。仿真结果表明，无论查找过程中是否出现新的窃电用户，GTHI算法相比于现有算法具有查找速度快或应用范围广等优点。
Existing malicious user inspection techniques can be roughly classified into two categories: machine learning-based ones and real-time measurement-based ones. The machine learning based techniques leverage the state of the art machine learning methods to analyze users’ electricity consumption profiles, trying to detect abnormal activities related to electricity theft. However, these techniques usually have shortages of heavy computation burden as well as data imbalance and parameter optimization problem. Also, they are vulnerable to pollution attacks and non-malicious factors. This makes the machine learning-based techniques have low detection accuracy and high false positive rates. In contrast, the real-time measurement-based techniques whose basid idea is to install redundant devices in the smart grid to enhance monitoring of the users have obvious advantages in detection accuracy and false positive rates. However, existing real-time measurement-based techniques have shortages of extraordinarily high costs of deploying redundant devices or too long inspection time. Since 80% of power thefts around the globe occur in residential buildings, we in this paper aim to propose a series of real-time measurement-based malicious user inspection algorithms oriented to smart grid neighborhood area networks, which can identify malicious users with low deployment costs and short inspection time. The studies in this paper are conducted towards two large scenarios: (1) scenario I where the number of malicious users is determined; and (2) scenario II where the number of malicious users is unknown. Scenario I can be further divided into two sub-scenarios: the scenario where there is only one malicious user and the scenario where there are multiple malicious users but the upper bound of the number of malicious users are known. Scenario II can also be further divided into two sub-scenarios: the scenario where users’ prior records of stealing electricity can be obtained and the scenario where we do not know users’ prior records. Based on the above scenarios, the following innovative results are obtained. (1) Coded grouping-based inspection algorithms oriented towards the scenario where there is only one malicious user. Since the process of users turning into malicious users can be modeled as a Poisson process, by adjusting smart meters’ reporting periods we can ensure that there appears only one malicious user in the neighborhood area network during the whole inspection process. In this paper, we first propose a novel Binary-Coded Grouping-based Inspection (BCGI) algorithm. When there are enough inspectors, BCGI algorithm can locate the unique malicious user by one inspection step in line with inspectors’ states. In real applications, since budget of utility companies is limited and more and more people are moving into the neighborhood, the cases are possible that we do not have enough inspectors to run the BCGI algorithm. To address this issue, we further propose two more algorithms: M-ary Coded Grouping-based Inspection (MCGI) algorithm and Generalized BCGI (G-BCGI) algorithm. Both of the above two algorithms can locate the unique malicious user with a few inspection steps, and the G-BCGI algorithm can locate the unique malicious user more quickly than the MCGI algorithm. (2) An adaptive binary splitting inspection (ABSI) algorithm oriented towards the scenario where there are multiple malicious users but the upper bound of the number of malicious users is known. Since each user can be regarded as a Binomial trial, the number of malicious users in the neighborhood area network is a random variable which follows the Binomial distribution. Based upon some prior available information, the upper bound of malicious users can be easily estimated. The ABSI algorithm involves two inspection strategies: a scanning method in which users are inspected individually and a binary search method by which a specific number of users are examined as a whole. During the inspection process, the ABSI algorithm adaptively adjusts its inspection strategie between the scanning method and the binary search method. Specifically, among the users which need to be further inspected, if one user out of an average number of at least two users is malicious, the binary search method will be applied; otherwise, the scanning method will be applied. (3) A suspicion assessment-based inspection algorithm oriented towards the scenario where users’ prior records of stealing electricity can be obtained. Since electricity theft is essentially a particular form of economic crime, users’ suspicion based upon prior records is first assessed by analyzing users’ prior records in line with criminological knowledge. In addition, by comparing users’ reported electricity consumption with their normal electricity consumption which can be predicted with historical electricity consumption, users’ suspicion based upon consumption deviation can be obtained. We further calculate the suspicion that users steal electricity as the weighted value of suspicions based upon prior records and suspicion based upon consumption deviation. Afterwards, we propose a Suspicion Assessment-based Inspection (SAI) algorithm, in which the users with the highest suspicions are probed individually first. For the remaining users, we establish a Huffman binary inspection tree whose leaf nodes are users and on which the users with larger suspicion are closer to the root node. Using this Huffman binary inspection tree as a logic structure to facilitate the inspection process which proceeds in a top-down manner, we can finally identify all users in the neighborhood area network. (4) A group testing-based heuristic inspection algorithm oriented towards scenarios where users’ prior records of stealing electricity are unknown. When we do not have any prior information about users, we can estimate the ratio of malicious users by collecting the information that how many users have been identified as being malicious and as being honest, respectively. We further propose a group testing-based heuristic inspection (GTHI) algorithm, which adaptively adjusts the inspection strategy between a scanning method and a group testing method in line with the estimated ratio of malicious users. Specifically, before any malicious user is identified, a jumping strategy is used. After identifying at least one malicious user, if the estimated ratio is greater than a predetermined threshold, the scanning method is adopted; otherwise, the group testing method is adopted and the group size is also determined by the estimated ratio of malicious users.
|夏小芳. 面向智能电网邻域网的窃电用户查找算法研究[D]. 沈阳. 中国科学院沈阳自动化研究所,2018.|
|Files in This Item:|
|面向智能电网邻域网的窃电用户查找算法研究（3456KB）||学位论文||开放获取||CC BY-NC-SA||Application Full Text|
|Recommend this item|
|Export to Endnote|
|Similar articles in Google Scholar|
|Similar articles in Baidu academic|
|Similar articles in Bing Scholar|
Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.