您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

山东大学学报(理学版) ›› 2014, Vol. 49 ›› Issue (09): 35-40.doi: 10.6040/j.issn.1671-9352.2.2014.388

• 论文 • 上一篇    下一篇

基于报警数据融合的智能电网攻击检测方法

刘烃, 赵宇辰, 刘杨, 孙亚楠   

  1. 西安交通大学电子与信息工程学院, 陕西 西安 710049
  • 收稿日期:2014-06-24 修回日期:2014-08-27 出版日期:2014-09-20 发布日期:2014-09-30
  • 作者简介:刘烃(1981-),男,讲师,博士,主要从事智能电网和可信计算方面的研究.E-mail:tingliu@mail.xjtu.edu.cn
  • 基金资助:
    国家自然科学基金资助项目(91118005,91218301,61221063,61203174,U1301254);国家科技支撑计划项目(2012BAH16F02);国家863计划项目(2012AA011003);教育部博士点基金资助项目(20110201120010);中央高校基本科研业务费专项资金资助项目

An alert fusion-based smart grid attack detection method

LIU Ting, ZHAO Yu-chen, LIU Yang, SUN Ya-nan   

  1. School of Electronic and Information Engineering, Xi'an Jiaotong University, Xi'an 710049, Shaanxi, China
  • Received:2014-06-24 Revised:2014-08-27 Online:2014-09-20 Published:2014-09-30

摘要: 智能电网中信息技术的广泛使用为攻击者提供了更多的途径入侵和攻击电力系统,这已成为智能电网安全的最大隐患之一。提出了一种基于异常数据融合的智能电网攻击检测方法,通过入侵检测系统发现信息网络中的异常流量,利用标准化残差方法检测电力系统中的异常量测数据,通过关联信息网络和物理系统的异常报警数据来检测智能电网攻击事件。仿真实验表明该方法可以消除入侵检测与标准化残差检测产生的大量错误报警,显著提高智能电网攻击的检测精度。

关键词: 智能电网, 报警数据融合, 攻击检测

Abstract: The integration of communication technologies introduces exploitable vulnerabilities for attackers to intrude and attack power system, which is considered as one of most serious threats in Smart Grid security. A cyber-physical alert fusion method is proposed to detect Smart Grids attacks. Intrusion Detection System (IDS) was applied to detect the abnormal traffic in information network, and largest Normalized Residual Test (RN Test) was employed to identify abnormal measurements in power system. The abnormal alerts from network and power system were used to detect the attacks in Smart Grids. The simulation shows that our method could eliminate the false alerts of IDS and RN Test and dramatically improve the detection accuracy.

Key words: alert fusion, smart grid, attack detection

中图分类号: 

  • TP309
[1] WANG Wenye, LU Zhuo. Cyber security in the Smart Grid:survey and challenges[J]. Computer Networks, 2013, 57(5):1344-1371.
[2] FALLIERE N, MURCHU L O, CHIEN E. W32stuxnet dossier[R]. Symantec Corp, Security Response, 2011.
[3] CHEN T M. Stuxnet, the real start of cyber warfare? [J]. IEEE Network, 2010, 24(6):2-3.
[4] LU Zhuo, LU Xiang, WANG Wenye, et al. Review and evaluation of security threats on the communication networks in the smart grid[C]//Proceedings of Military Communications Conference(MILCOM 2010). [S.l.]:[s.n.], 2010:1830-1835.
[5] GRID N S. Introduction to NISTIR 7628 guidelines for smart grid cyber security[R].USA:NIST, 2010.
[6] SYSTEMS C. Security for the smart grid[R]. San Jose:Cisco,2009.
[7] SCHWEPPE F C, HANDSCHIN E J. Static state estimation in electric power systems [J]. Proceedings of the IEEE, 1974, 62(7):972-982.
[8] YI Huang, ESMALIFALAK M, NGUYEN H, et al. Bad data injection in smart grid:attack and defense mechanisms [J]. IEEE Communications Magazine, 2013, 51(1):27-33.
[9] LIU Ting, YUN Gu, DAI Wang, et al. A novel method to detect bad data injection attack in smart grid[C]//Proceedings of the 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). Washington:IEEE Computer Society, 2013:49-54.
[10] WANG Dai, GUAN Xiaohong, LIU Ting, et al. Extended distributed state estimation:a detection method against tolerable false data injection attacks in smart grids [J]. Energies, 2014, 7(3):1517-1538.
[11] KOSUT O, JIA Liyan, THOMAS R J, et al. Malicious data attacks on the smart grid [J]. IEEE Transactions on Smart Grid, 2011, 2(4):645-658.
[12] LIU Yao, NING Peng, REITER M K. False data injection attacks against state estimation in electric power grids[J]. ACM Transactions on Information and System Security, 2011, 14(1):13.1-13.33.
[13] LEE A, BREWER T. Smart grid cyber security strategy and requirements[R]. USA:NISTIR, 2009.
[14] ZONOUZ S, ROGERS K M, BERTHIER R, et al. SCPSE:security-oriented cyber-Physical state estimation for power grid critical infrastructures [J]. IEEE Transactions on Smart Grid, 2012, 3(4):1790-1799.
[15] SUN Yanan, GUAN Xiaohong, LIU Ting, et al. A cyber-physical monitoring system for attack detection in smart grid[C]//IEEE INFOCOM 2013. Washington:IEEE Computer Society, 2013.
[1] 岳猛,吴志军,姜军. 云计算中基于可用带宽欧氏距离的LDoS攻击检测方法[J]. 山东大学学报(理学版), 2016, 51(9): 92-100.
[2] 周先存, 黎明曦, 李瑞霞, 徐明鹃, 凌海波. 多点协作复制攻击检测研究[J]. 山东大学学报(理学版), 2015, 50(07): 54-65.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!