SIA OpenIR  > 工业控制网络与系统研究室
智能电网状态估计中错误数据注入攻击检测与防御方法
Alternative TitleDetection and Defense Methods against False Data Injection Attacks in Smart Grid State Estimation
裴超
Department工业控制网络与系统研究室
Thesis Advisor肖杨
Keyword智能电网 状态估计 错误数据注入攻击 攻击检测 攻击防御
Pages128页
Degree Discipline控制理论与控制工程
Degree Name博士
2021-05-20
Degree Grantor中国科学院沈阳自动化研究所
Place of Conferral沈阳
Abstract智能电网通过使用先进的信息、通信和网络技术采集、处理大量的信息,以提高电网内能源分配和管理的有效性、鲁棒性、经济性和可持续性,但是这些先进技术的引入也使智能电网遭受攻击的可能性大大提高。为了保证智能电网可靠稳定地运行,准确的状态估计至关重要。然而,面向状态估计的错误数据注入攻击FDIA(False Data Injection Attacks)可以逃避常规的不良数据检测机制,并可以在被估计的状态变量中引入任意的误差,从而严重影响电网后续的功能和操作。因此,对于智能电网中错误数据注入攻击检测和防御方法的研究,是保证智能电网在线安全分析、可靠运行的关键。FDIA的应对方式包括两个方面,一方面需要在攻击发生前预先对智能电网进行防御,另一方面需要在攻击发生后及时地对其进行检测和辨识。针对智能电网中FDIA的检测和防御方法研究,目前存在以下问题:(1)在智能电网安全防御中,采用加密手段保护电表测量值是一种常见的安全防御方式,如何平衡网络的通信效率和信息安全需求至关重要。(2)智能电网中FDIA的防御也可采用部署相量测量单元(Phasor Measurement Unit, PMU)的方式保证电网的全网可观性,继而保证安全性,但大量部署PMU会增加防御成本。因此,在保证智能电网安全性和可观性条件下,如何最优部署PMU也是一个重要问题。(3)在FDIA发生后,现有的静态状态估计检测方法失效,如何研究有效的FDIA攻击检测方法亟待解决。(4)基于数据驱动的FDIA攻击检测方法仍存在检测率低,误警率高等问题,如何进一步提升攻击检测性能也是一个相当重要的问题。本论文的具体研究内容如下:(1)智能电网轻量级分组密码安全性和通信效率性能分析。通过加密措施保护智能电网必要测量值集合可以有效防御错误数据注入攻击。针对智能电网安全防护中面临的信息安全性和通信效率之间的矛盾,分析了现有轻量级加密算法的安全性和通信性能;基于统一的嵌入式平台,通过与高级加密标准(Advanced Encryption Standard, AES)加密算法的对比,评估了分组大小、密钥长度和轮函数对加密函数的影响,以及加密算法的内存占用量、加密速度和综合指标等性能;并基于雪崩效应,进一步比较了密码在抵御攻击方面的能力。(2)基于PMU部署的错误数据注入攻击防御算法。部署先进的相量测量单元PMU可以直接监测电网状态变量,提出将安全性、可观测性和系统雅克比矩阵之间建立数学关系。本文提出一种新型混合攻击方案,该混合攻击可以在PMU部署过程中轻松攻击连接度较小的母线,攻击成本低,并且使得已有基于贪心策略的PMU部署算法无法防御。其次,为应对该新型混合攻击,本文提出一种基于PMU预部署的贪心算法PDPG。所提出的防御机制具有如下优点,首先覆盖并监测电网中的脆弱母线,迫使攻击者在PMU部署过程中增加其攻击成本,并可以在部署迭代过程中最大限度的保护状态变量。实验结果验证了所提攻击算法和防御算法的有效性。(3)基于估计偏差的错误数据注入攻击检测算法。针对传统加权最小二乘估计器对于FDIA存在检测失效的问题,通过融合并考虑智能电网内部状态变量的迁移和变化,提出一种基于鲁棒卡尔曼估计器和加权最小二乘估计器的FDIA检测算法。鉴于加权最小二乘估计器对于FDIA检测失效的本质是其为离散时间断面的静态状态估计,所以在保留原有加权最小二乘估计器的同时,引入了一个额外的鲁棒卡尔曼估计器,从而使得控制中心并行运行两个状态估计器。通过使用检测阈值检查两个估计器估计量的偏差,可以有效地检测FDIA。实验结果验证了所提算法对FDIA检测的有效性,同时分析并验证了不同攻击强度和噪声对检测性能的影响。(4)基于典型变量分析的错误数据注入攻击检测算法。针对已有检测算法仅考虑在每个独立采样时刻受基尔霍夫定律约束的测量值间的互相关性,忽略了连续时刻测量值间由于明显时间序列特性所存在的自相关性的不足,提出一种基于典型变量分析的FDIA实时检测算法,以从统计相关性分析的角度区分正常测量值和被攻击测量值。所提算法在直流场景下,相比基于实时主成分分析的检测方法提高了检测效率。其次,研究并扩展所提算法在非线性交流估计场景中的检测性能。在交流场景下,研究攻击构建和检测与直流场景的差异性,利用核密度估计方法来确定非正态分布下的检测阈值。所提算法在交流场景下对脆弱母线和非脆弱母线均有较好检测性能,响应速度快,并相比于Kullback-Leibler距离(Kullback-Leibler-Distance , KLD)的检测算法提高了检测性能。
Other AbstractSmart grid collects and processes a large amount of information by using advanced information, communication and network technology, so as to improve the effectiveness, robustness, economy and sustainability of energy distribution and management in power grid. However, the introduction of these advanced technologies also greatly increases the possibility of smart grid being attacked. In order to ensure the reliable and stable operation of smart grid, accurate state estimation is very important. However, coordinated false data injection attacks (FDIA), which target to the state estimation, can wisely circumvent the conventional bad data detection mechanisms and introduce arbitrary errors to the estimated state variables, which seriously affects the subsequent functions and operations of the power grid. Therefore, the research on the detection and defense methods against false data injection attacks in smart grid is the key to ensure the online security analysis and reliable operation of smart grid. There are two ways to defend against FDIA, one is to protect the smart grid from attackers in advance before FDIA occurs, the other is to detect and identify attacks in time after FDIA occurs. For the research of FDIA detection and defense methods in smart grid, there are the following problems: (1) for the advanced defense of smart grid, it is a common way to protect meter measurements by encryption, but how to balance the communication efficiency and information security requirements of the smart grid is a big problem. (2) For FDIA defense in smart grid, phasor measurement unit (PMU) can also be deployed to ensure the observability of the whole grid, and then ensure the security. However, a large number of PMUs will increase the defense cost. Therefore, under the condition of ensuring the security and observability of smart grid, how to deploy PMU optimally is also an important research problem. (3) After the occurrence of FDIA, the existing static state estimation detection methods fail. How to study effective FDIA attack detection methods is an important research problem. (4) Data-driven based FDIA attack detection methods still have the problems of low detection rate and high false alarm rate. How to further improve the attack detection performance is also an important research problem. The specific research contents are as follows: (1) Security and communication efficiency analysis of lightweight block ciphers in smart grid. Protecting necessary measurements set of the smart grid by encryption measures can effectively prevent false data injection attacks. Aiming at the contradiction between information security and communication efficiency in smart grid security protection, this paper analyzes the security and communication performance of existing lightweight encryption algorithms. This paper evaluates the influence of block size, key length and round function on encryption functions, as well as the performance of memory usage, encryption speed and comprehensive metric of these encryption algorithms. Based on the avalanche effect, this paper further compares the ability of lightweight block ciphers to resist attacks. (2) PMU placement protection algorithm against false data injection attacks. The advanced phasor measurement unit (PMU) can be deployed to directly monitor the state variables of power grid, and the mathematical relationship between security, observability and system Jacobian matrix is proposed. In this paper, a new hybrid attack scheme is proposed. The hybrid attack can easily attack the buses with low connectivity in the process of PMU deployment. The attack cost is low, and the existing PMU deployment algorithm based on greedy strategy can not be defended. Secondly, in order to deal with the new hybrid attack, a pre-deployment phase measurement unit greedy algorithm (PDPG) is proposed. The proposed defense mechanism has the following advantages: firstly, it covers and monitors the vulnerable buses in the smart grid, forces the attacker to increase the attack cost in the PMU deployment process, and can protect the state variables in the deployment iteration process to the maximum extent. Experimental results verify the effectiveness of the proposed attack algorithm and defense algorithm. (3) Estimation deviation-based detection algorithm against false data injection attacks. Aiming at the problem that the traditional weighted least squares estimator fails to detect FDIA, a FDIA detection algorithm based on robust Kalman estimator and weighted least squares estimator is proposed by fusing and considering the migration and change of state variables in smart grid. Since the essence of the weighted least squares estimator for FDIA detection failure is that it is a static state estimation of discrete time section, an additional robust Kalman estimator is introduced while retaining the original weighted least squares estimator, so that the control center can run two state estimators in parallel. By using the detection threshold to check the deviation of the two estimators, FDIA can be effectively detected. The experimental results verify the effectiveness of the proposed algorithm for FDIA detection. At the same time, the influence of different attack strength and noise on detection performance is analyzed and verified. (4) Detecting algorithm against false data injection attacks using canonical variate analysis. The existing detection algorithms only consider the cross-correlation between measurements constrained by Kirchhoff's law at each independent sampling time and ignore the lack of autocorrelation between the measurements at continuous time due to the obvious time series characteristics. A real-time FDIA detection algorithm based on canonical variate analysis is proposed to distinguish the normal measurements and the attacked measurements from the perspective of statistical correlation analysis. Compared with the detection method based on real-time principal component analysis, the proposed algorithm improves the detection efficiency in Direct Current (DC) scene. Secondly, the detection performance of the proposed algorithm in nonlinear Alternating Current (AC) estimation scenarios is studied and extended. In the AC scenario, the difference between attack construction and detection and DC scenario is studied, and the kernel density estimation method is used to determine the detection thresholds under non-normal distribution. The proposed algorithm has good detection performance for vulnerable buses and non-vulnerable buses in AC scene and has fast response speed. Compared with the Kullback-Leibler Distance (KLD) detection algorithm, the proposed algorithm improves the detection performance.
Language中文
Contribution Rank1
Document Type学位论文
Identifierhttp://ir.sia.cn/handle/173321/29017
Collection工业控制网络与系统研究室
Affiliation中国科学院沈阳自动化研究所
Recommended Citation
GB/T 7714
裴超. 智能电网状态估计中错误数据注入攻击检测与防御方法[D]. 沈阳. 中国科学院沈阳自动化研究所,2021.
Files in This Item:
File Name/Size DocType Version Access License
智能电网状态估计中错误数据注入攻击检测与(4566KB)学位论文 开放获取CC BY-NC-SAApplication Full Text
Related Services
Recommend this item
Bookmark
Usage statistics
Export to Endnote
Google Scholar
Similar articles in Google Scholar
[裴超]'s Articles
Baidu academic
Similar articles in Baidu academic
[裴超]'s Articles
Bing Scholar
Similar articles in Bing Scholar
[裴超]'s Articles
Terms of Use
No data!
Social Bookmark/Share
All comments (0)
No comment.
 

Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.