一种虚假数据注入攻击检测与补偿方法

doi:10.3969/j.issn.1671-1122.2023.06.003

信息网络安全 ›› 2023, Vol. 23 ›› Issue (6): 22-33.doi: 10.3969/j.issn.1671-1122.2023.06.003

一种虚假数据注入攻击检测与补偿方法

谢盈¹^,², 曾竹², 胡巍³(), 丁旭阳¹

1.电子科技大学计算机科学与工程学院，成都 611731
2.西南民族大学计算机科学与工程学院，成都 610041
3.网络安全等级保护与安全保卫技术国家工程研究中心，北京 100142

收稿日期:2022-12-30 出版日期:2023-06-10 发布日期:2023-06-20
通讯作者: 胡巍 huwei@cspec.org.cn
作者简介:谢盈（1984—），女，四川，副教授，博士，主要研究方向为网络空间安全、工业控制系统安全|曾竹（1999—），女，四川，硕士研究生，主要研究方向为工业控制系统安全|胡巍（1973—），男，河北，助理研究员，主要研究方向为网络空间安全、网络安全等级保护|丁旭阳（1981—），男，贵州，教授，博士，主要研究方向为网络空间安全
基金资助:
国家自然科学基金(61902326);网络安全等级保护与安全保卫技术国家工程研究中心开放课题(C21640);中央高校基本科研业务费专项资金(ZYN2023016)

A False Data Injection Attack Detecting and Compensating Method

XIE Ying¹^,², ZENG Zhu², HU Wei³(), DING Xuyang¹

1. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu 611731, China
2. School of Computer Science and Engineering, Southwest Minzu University, Chengdu 610041, China
3. National Engineering Research Center of Classified Protection and Safeguard Technology for Cybersecurity, Beijing 100142, China

Received:2022-12-30 Online:2023-06-10 Published:2023-06-20

摘要/Abstract

摘要：

为了准确检测工业控制网络中的虚假数据注入攻击，并快速补偿攻击对系统造成的影响，文章提出一种基于状态估计的攻击检测与补偿方法。该方法首先基于工业控制系统数学模型构造时序卡尔曼滤波器，对状态向量进行最优估计；然后设计双重判定机制，排除噪声和干扰引起的不稳定状态；最后提出多步估计攻击补偿策略，利用系统最后一次处于安全状态时的测量数据为系统提供补偿控制信号。双区域互联电力系统的负荷频率控制系统上的实验结果表明，该方法可以有效检测并补偿虚假数据注入攻击，且在频率偏差控制、控制信号补偿等方面均优于对比算法。

关键词: 工业控制系统, 虚假数据注入攻击, 时序卡尔曼滤波器, 最优状态估计, 多步估计

Abstract:

To accurately detect false data injection attacks in industrial control networks and quickly compensate for their impact on the system, this paper proposed an attack detecting and compensating method based on state estimation. The method constructed a sequence Kalman filter to optimally estimate the state vector based on the mathematical model of the industrial control system. Additionally, a double-judgment mechanism was designed to eliminate unstable states caused by noise and perturbation. Furthermore, the paper proposed a multi-step estimating attack compensation strategy that utilized the previously measured data in the safe state to provide a compensation control signal for the system. The experimental results conducted on the load frequency control system of the dual-area interconnected power system demonstrate the effectiveness of the proposed method in detecting and compensating for false data injection attacks. Moreover, the method outperforms the comparison algorithms in terms of frequency deviation control and control signal compensation.

Key words: industrial control system, false data injection attack, sequence Kalman filter, optimal state estimation, multi-step estimation

中图分类号:

TP309

谢盈, 曾竹, 胡巍, 丁旭阳. 一种虚假数据注入攻击检测与补偿方法[J]. 信息网络安全, 2023, 23(6): 22-33.

XIE Ying, ZENG Zhu, HU Wei, DING Xuyang. A False Data Injection Attack Detecting and Compensating Method[J]. Netinfo Security, 2023, 23(6): 22-33.

图/表 13

图1

图2

图3

图4

图5

表1

图6

图7

图8

图9

图10

图11

表2

参考文献 21

[1]	DING Derui, HAN Qinglong, XIANG Yang, et al. A Survey on Security Control and Attack Detection for Industrial Cyber-Physical Systems[J]. Neurocomputing, 2018, 275: 1674-1683. doi: 10.1016/j.neucom.2017.10.009 URL
[2]	MUSLEH A S, GUO Chen, ZHAO Yangdong, et al. Attack Detection in Automatic Generation Control Systems Using LSTM-Based Stacked Autoencoders[J]. IEEE Transactions on Industrial Informatics, 2022, 19(1): 153-165. doi: 10.1109/TII.2022.3178418 URL
[3]	KRAVCHIK M, SHABTAI A. Detecting Cyber Attacks in Industrial Control Systems Using Convolutional Neural Networks[C]// ACM. The 2018 Workshop on Cyber-Physical Systems Security and Privacy. New York: ACM, 2018: 72-83.
[4]	YAN Jun, TANG Bo, HE Haibo. Detection of False Data Attacks in Smart Grid with Supervised Learning[C]// IEEE. 2016 International Joint Conference on Neural Networks(IJCNN). New York:IEEE, 2016: 1395-1402.
[5]	ASHRAFUZZAMAN M, DAS S, CHAKHCHOUKH Y, et al. Detecting Stealthy False Data Injection Attacks in the Smart Grid Using Ensemble-Based Machine Learning[EB/OL]. (2020-7-29)[2022-12-17]. https://doi.org/10.1016/j.cose.2020.101994. doi: https://doi.org/10.1016/j.cose.2020.101994
[6]	WAGHMARE S, KAZI F, SINGH N. Data Driven Approach to Attack Detection in a Cyber-Physical Smart Grid System[C]// IEEE. 2017 Indian Control Conference(ICC). New York:IEEE, 2017: 271-276.
[7]	WANG Yufeng, ZHANG Zhihao, MA Jianhua, et al. KFRNN: An Effective False Data Injection Attack Detection in Smart Grid Based on Kalman Filter and Recurrent Neural Network[J]. IEEE Internet of Things Journal, 2021, 9(9): 6893-6904. doi: 10.1109/JIOT.2021.3113900 URL
[8]	WANG Jiexin, LAI Yingxu, LIU Jing. Stealthy Attack Detection Method Based on Multi-Feature Long Short-Term Memory Prediction Model[J]. Future Generation Computer Systems, 2022, 137: 248-259. doi: 10.1016/j.future.2022.07.014 URL
[9]	MANANDHAR K, CAO Xiaojun, HU Fei, et al. Detection of Faults and Attacks Including False Data Injection Attack in Smart Grid Using Kalman Filter[J]. IEEE Transactions on Control of Network Systems, 2014, 1(4): 370-379. doi: 10.1109/TCNS.2014.2357531 URL
[10]	AMELI A, HOOSHYAR A, YAZDAVAR A H, et al. Attack Detection for Load Frequency Control Systems Using Stochastic Unknown Input Estimators[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(10): 2575-2590. doi: 10.1109/TIFS.2018.2824253 URL
[11]	KHALAF M, YOUSSEF A, EL-SAADANY E. A Particle Filter-Based Approach for the Detection of False Data Injection Attacks on Automatic Generation Control Systems[C]// IEEE. 2018 IEEE Electrical Power and Energy Conference(EPEC). New York:IEEE, 2018: 1-6.
[12]	AMELI A, HOOSHYAR A, EL-SAADANY E F, et al. Attack Detection and Identification for Automatic Generation Control Systems[J]. IEEE Transactions on Power Systems, 2018, 33(5): 4760-4774. doi: 10.1109/TPWRS.59 URL
[13]	YANG Qingyu, YANG Jie, YU Wei, et al. On False Data-Injection Attacks Against Power System State Estimation: Modeling and Countermeasures[J]. IEEE Transactions on Parallel and Distributed Systems, 2013, 25(3): 717-729. doi: 10.1109/TPDS.2013.92 URL
[14]	SHI Hanzhang, XIE Linbo, WU Zhihai, et al. Detection of False Data Injection Attacks in Power Grid Based on Coding Schemes[J]. Information and Control, 2021, 50(4): 419-426. doi: 10.13976/j.cnki.xk.2021.0398
	史晗璋, 谢林柏, 吴治海, 等. 基于编码策略的电网假数据注入攻击检测[J]. 信息与控制, 2021, 50(4): 419-426. doi: 10.13976/j.cnki.xk.2021.0398
[15]	LI Yuancheng, HUANG Rong, MA Longqiang. False Data Injection Attack and Defense Method on Load Frequency Control[J]. IEEE Internet of Things Journal, 2020, 8(4): 2910-2919. doi: 10.1109/JIoT.6488907 URL
[16]	ABBASPOUR A, SARGOLZAEI A, FOROUZANNEZHAD P, et al. Resilient Control Design for Load Frequency Control System Under False Data Injection Attacks[J]. IEEE Transactions on Industrial Electronics, 2019, 67(9): 7951-7962. doi: 10.1109/TIE.41 URL
[17]	BI Wenjun, ZHANG Kaifeng, YUAN Kun, et al. Observer-Based Attack Detection and Mitigation for Load Frequency Control System[C]// IEEE. 2019 IEEE Power & Energy Society General Meeting(PESGM). New York:IEEE, 2019: 1-5.
[18]	GU Yapei, YU Xiang, GUO Kexin, et al. Detection, Estimation, and Compensation of False Data Injection Attack for UAVs[J]. Information Sciences, 2021, 546: 723-741. doi: 10.1016/j.ins.2020.08.055 URL
[19]	HAN Jinglin, ZHAO Hui, HU Ping, et al. False Data Detection Strategy for Unified Control of Hybrid Microgrid[EB/OL]. (2022-12-14)[2022-12-17]. https://doi.org/10.19635/j.cnki.csu-epsa.001165. doi: https://doi.org/10.19635/j.cnki.csu-epsa.001165
	韩璟琳, 赵辉, 胡平, 等. 交直流微电网互联统一控制虚假数据检测策略[EB/OL]. (2022-12-14)[2022-12-17]. https://doi.org/10.19635/j.cnki.csu-epsa.001165. doi: https://doi.org/10.19635/j.cnki.csu-epsa.001165
[20]	MOUSAVIAN S, VALENZUELA J, WANG Jianhui. Real-Time Data Reassurance in Electrical Power Systems Based on Artificial Neural Networks[J]. Electric Power Systems Research, 2013, 96: 285-295. doi: 10.1016/j.epsr.2012.11.015 URL
[21]	YANG Fan, CHEN Houjin, LI Jupeng, et al. Single Shot Multibox Detector with Kalman Filter for Online Pedestrian Detection in Video[J]. IEEE Access, 2019: 15478-15488.

参数	说明
?f_i	区域i的频率偏差
?P_tie_,_i	区域i的联络线交换功率偏差
?P_gi	区域i的调速器阀门位置增量
?P_mi	区域i的涡轮机功率增量
?P_Li	区域i的负载增量
?P_ci	区域i的控制输入信号增量
β_i	区域i的频率偏置系数
R_i	区域i的下垂系数
T_gi	区域i的调速器时间常数
T_ti	区域i的涡轮机时间常数
H_i	区域i的系统惯性常数
D_i	区域i的负荷阻尼系数

	ADC-SE方法	GFDC	传统卡尔曼滤波方法
针对区域1频率的FDI攻击	0.036	0.104	0.152
针对区域1联络线交换功率的FDI攻击	0.037	0.268	0.271

一种虚假数据注入攻击检测与补偿方法

A False Data Injection Attack Detecting and Compensating Method

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 13

参考文献 21

相关文章 15

编辑推荐

Metrics

本文评价

[1]	冯光升, 张盈希, 任奕菲, 高素林. 无线传感器网络中虚假数据途中过滤技术研究[J]. 信息网络安全, 2023, 23(5): 22-31.
[2]	顾兆军, 刘婷婷, 高冰, 隋翯. 基于GAN-Cross的工控系统类不平衡数据异常检测[J]. 信息网络安全, 2022, 22(8): 81-89.
[3]	周婧怡, 李红娇. 针对PMU测量的虚假数据注入攻击检测方法[J]. 信息网络安全, 2022, 22(5): 75-83.
[4]	徐茹枝, 吕畅冉, 龙燕, 刘远彬. 工业控制系统高隐蔽性数据攻击防御方法研究[J]. 信息网络安全, 2022, 22(12): 34-46.
[5]	顾兆军, 姚峰, 丁磊, 隋翯. 基于半实物的机场供油自控系统网络安全测试[J]. 信息网络安全, 2021, 21(9): 16-24.
[6]	石乐义, 徐兴华, 刘祎豪, 刘佳. 一种改进概率神经网络的工业控制系统安全态势评估方法[J]. 信息网络安全, 2021, 21(3): 15-25.
[7]	杜晔, 王子萌, 黎妹红. 基于优化核极限学习机的工控入侵检测方法[J]. 信息网络安全, 2021, 21(2): 1-9.
[8]	李世斌, 李婧, 唐刚, 李艺. 基于HMM的工业控制系统网络安全状态预测与风险评估方法[J]. 信息网络安全, 2020, 20(9): 57-61.
[9]	张晓宇, 王华忠. 基于改进Border-SMOTE的不平衡数据工业控制系统入侵检测[J]. 信息网络安全, 2020, 20(7): 70-76.
[10]	尚文利, 尹隆, 刘贤达, 赵剑明. 工业控制系统安全可信环境构建技术及应用[J]. 信息网络安全, 2019, 19(6): 1-10.
[11]	尚文利, 张修乐, 刘贤达, 尹隆. 工控网络局域可信计算环境构建方法与验证[J]. 信息网络安全, 2019, 19(4): 1-10.
[12]	陈瑞滢, 陈泽茂, 王浩. 工业控制系统安全监控协议的设计与优化研究[J]. 信息网络安全, 2019, 19(2): 60-69.
[13]	吕宗平, 丁磊, 隋翯, 顾兆军. 基于时间自动机的工业控制系统网络安全风险分析[J]. 信息网络安全, 2019, 19(11): 71-81.
[14]	耿欣. 烟草企业工业控制系统安全保障体系研究[J]. 信息网络安全, 2017, 17(9): 34-37.
[15]	程冬梅, 严彪, 文辉, 孙利民. 基于规则匹配的分布式工控入侵检测系统设计与实现[J]. 信息网络安全, 2017, 17(7): 45-51.