针对偏差攻击的安全状态估计与检测

doi:10.16180/j.cnki.issn1007-7820.2021.12.013

摘要/Abstract

摘要：

信息物理系统是集计算、通信和控制于一体的智能系统,可以实现网络和物理的深度协作。偏差攻击通过攻击信息物理系统中的运行数据,注入恒定虚假偏差数据,造成系统状态估计错误,影响系统正常运行。针对这一问题,文中利用基于最小迹原则的卡尔曼滤波状态估计器和t检测器相结合的攻击检测模型,对同一攻击场景下基于最优状态估计的系统量测残差进行偏差攻击的检测。对于虚假偏差数据的检测基于量测残差的观测值,根据目标观测函数的偏离来判断系统受到攻击,文中进一步提出目标观测函数的攻击检测阈值及基于假设检验的t检验方案。MATLAB仿真实例表明,该检验方案可以在短时间内发现偏差攻击的发生,检测率较传统检测方法提高2%以上,具有更强的鲁棒性。

关键词: 信息物理系统, 虚假数据注入, 偏差攻击, 卡尔曼滤波, 状态估计, t检验, 假设检验, 残差

Abstract:

Cyber-physical system is an intelligent system integrating computing, communication and control, which can realize the deep cooperation between network and physics. Biasing attack infuses constant false bias data by attacking operational data in information physical system, which leads to system state estimation error and affects the normal operation of the system. To solve this problem, the study adopts the attack detection model combining Kalman filter state estimator and t detector based on the least trace principle to detect the biasing attack of the measurement residual error of the system based on the optimal state estimation in the same attack scene. The detection of false biasing data is based on the measurement of the observed value of the residual, and the system is attacked according to the bias of the target observation function. Furthermore, the present study proposes the attack detection threshold of the target observation function and the t-test scheme based on hypothesis testing. MATLAB simulation shows that the scheme can detect the occurrence of biasing attack in a short time, and the detection rate is increased by more than 2% compared with traditional detection methods, and has stronger robustness.

Key words: cyber physical systems, false data injection, biasing attack, Kalman filtering, state estimation, t-test, hypothesis test, residual

中图分类号:

TP393

孙杨燕,周秀莹,任祝. 针对偏差攻击的安全状态估计与检测[J]. 电子科技, 2021, 34(12): 75-80.

SUN Yangyan,ZHOU Xiuying,REN Zhu. Security State Estimation and Detection for Biasing Attack[J]. Electronic Science and Technology, 2021, 34(12): 75-80.

图/表 7

图1

图2

图3

图4

表1

表2

表3

参考文献 21

[1]	丁达, 曹杰. 信息物理融合系统网络安全综述[J]. 信息与控制, 2019, 48(5):513-521. doi: 10.13976/j.cnki.xk.2019.9160
	Ding Da, Cao Jie. Overview of network security of cyber-physical systems[J]. Information and Control, 2019, 48(5):513-521. doi: 10.13976/j.cnki.xk.2019.9160
[2]	Liang G, Zhao J, Luo F, et al. A review of false data injection attacks against modern power systems[J]. IEEE Transactions on Smart Grid, 2017, 8(4):1630-1638. doi: 10.1109/TSG.2015.2495133
[3]	张恒. 信息物理系统安全理论研究[D]. 杭州:浙江大学, 2015.
	Zhang Heng. Research on security theory for cyber-physical systems[D]. Hangzhou:Zhejiang University, 2015.
[4]	Ashok A, Govindarasu M, Ajjarapu V. Online detection of stealthy false data injection attacks in power system state estimation[J]. IEEE Transactions on Smart Grid, 2018, 9(3):1636-1646.
[5]	刘烃, 田决, 王稼舟, 等. 信息物理融合系统综合安全威胁与防御研究[J]. 自动化学报, 2019, 45(1):5-24.
	Liu Ting, Tian Jue, Wang Jiazhou, et al. Integrated security threats and defense of cyber-physical systems[J]. Acta Automatica Sinica, 2019, 45(1):5-24.
[6]	刘希懋, 曾阳阳. 拒绝服务攻击下的弹性事件触发负荷频率控制[J]. 电子科技, 2020, 33(4):12-17.
	Liu Ximao, Zeng Yangyang. Resilient event-triggered control of load frequency control for multi-area power systems against DoS jamming attacks[J]. Electronic Science and Technology, 2020, 33(4):12-17.
[7]	Kurt M N, Yilmaz Y, Wang Xiaodong. Secure distributed dynamic state estimation in wide-area smart grids[J]. IEEE Transactions on Information Forensics and Security, 2020, 15(3):800-815. doi: 10.1109/TIFS.10206
[8]	蔡文波, 张亚. 带虚假数据注入攻击识别和通信触发机制的传感器网络分布式估计[J]. 东南大学学报(自然科学版), 2019, 49(5):890-896.
	Cai Wenbo, Zhang Ya. Distributed estimation of sensor networks with false data injection attack recognition and communication triggering mechanism[J]. Journal of Southeast University(Natural Science Edition), 2019, 49(5):890-896.
[9]	Xu R Z, Wang R, Guan Z T, et al. Achieving efficient detection against false data injection attacks in smart grid[J]. IEEE Access, 2017(5):13787-13798.
[10]	Qi Y F, Cheng P, Shi L, et al. Event-based attack against remote state estimation [C].Osaka:The Fifty-fourth IEEE Conference on Decision and Control, 2016.
[11]	Yang W, Zhang Y, Chen G R, et al. Distributed filtering under false data injection attacks[J]. Automatica, 2019(102):34-44.
[12]	杨儒航. 网络化控制系统虚假数据注入攻击的检测方法研究[D]. 北京:北方工业大学, 2017.
	Yang Ruhang. Design and detection of false data injection attacks against networked control systems[D]. Beijing:North China University of Technology, 2017.
[13]	Kontouras E, Tzes A, Dritsas L. Set-theoretic detection of bias injection cyber-attacks on networked power systems [C].Milwaukee:Annual American Control Conference, 2018.
[14]	Ugrinovskii V. Resilient distributed H_∞ estimation via dynamic rejection of biasing attacks [C].Milwaukee: Annual American Control Conference, 2018.
[15]	Deghat M, Ugrinovskii V, Langbort C, et al. Detection and mitigation of biasing attacks on distributed estimation networks[J]. Automatica, 2019(99):369-381.
[16]	孔令霖. CPS控制层欺骗攻击模型与检测算法的研究[D]. 上海:华东理工大学, 2015.
	Kong Linglin. Analysis of deception models and detection algorithms on CPS control layer[D]. Shanghai:East China University of Science and Technology, 2015.
[17]	杨康, 王瑞, 关永, 等. 具有多传感器的CPS系统的攻击检测[J]. 软件学报, 2019, 30(7):2018-2032.
	Yang Kang, Wang Rui, Guan Yong, et al. Attack detection of CPS system with multi-sensors[J]. Journal of Software, 2019, 30(7):2018-2032.
[18]	李唯, 王志文. 信息物理系统状态估计的攻击策略研究[J]. 自动化与仪表, 2019, 34(5):1-4.
	Li Wei, Wang Zhiwen. Research on attack strategy for state estimation of cyber physical systems[J]. Automation & Instrumentation, 2019, 34(5):1-4.
[19]	庄康熙, 孙子文. 针对工业信息物理系统中的拒绝服务攻击建立检测模型[J]. 控制理论与应用, 2020, 37(3):629-638.
	Zhuang Kangxi, Sun Ziwen. Establishing a detection model for denial of service attacks in industrial cyber physical systems[J]. Control Theory & Applications, 2020, 37(3):629-638.
[20]	Guo Z Y, Shi D W, Quevedo D E, et al. Secure state estimation against integrity attacks: a Gaussian mixture model approach[J]. IEEE Transactions on Signal Processing, 2019, 67(1):194-207. doi: 10.1109/TSP.2018.2879037
[21]	张欢. 基于Web的AIS/北斗导航系统研究[J]. 电子设计工程, 2013, 21(22):8-10.
	Zhang Huan. Research on AIS/Beidou navigation system based on Web[J]. Electronic Design Engineering, 2013, 21(22):8-10.

	J=10	J=20	J=30	J=40	J=50
卡方检测	75.00	78.37	80.12	85.86	88.40
Z检测	98.62	98.45	98.76	99.29	99.17
t检测	98.96	99.07	99.53	99.21	99.15

	d=0.10	d=0.12	d=0.50	d=0.80	d=1.10
卡方检测	77.50	83.00	84.54	86.86	90.05
Z检测	95.34	96.45	97.76	97.89	98.12
t检测	99.54	99.58	99.73	99.82	99.86

	J=10	J=20	J=30	J=40
卡方检测	3.20	2.90	2.83	2.80
Z检测	1.54	1.45	1.13	1.04
t检测	0.20	0.23	0.34	0.32