Research On Data-driven Attack Strategies And State Estimation In Cyber-physical Systems

In recent years,the application of the related technologies in Cyber-Physical Systems(CPSs)has sprung up in various fields,including intelligent transportation,smart grid,smart home and wise medical etc..However,to provide more intelligent management and services,CPSs are becoming increasingly open;moreover,the heterogeneous components from various subsystems and multiple suppliers bring information security risks to CPSs.In particular,as an important basis for control decision-making,the state estimation in CPSs has always been one of the main attack targets of adversaries.To correctly and comprehensively evaluate the vulnerability of the system and study the anti-attack state estimation strategy,it is necessary to study the attack ability and behavior of adversaries for the system defender.However,there are some shortcomings in the research of CPSs information security problem for state estimation: firstly,the attacking ability of adversaries are not well understood,the data analysis and information mining ability of adversaries are underestimated,and the dependence of attack construction on system configuration information is overestimated;secondly,the anti-attack/resilient state estimator relies too much on the precise system model,which is not easy to construct;thirdly,the influences of measurement noise on anti-attack or resilient state estimation strategies are always ignored when studying anti-attack state estimation strategies.In view of these shortcomings,we focus on the information security of CPSs from two aspects: cyber attack strategy for state estimation and anti-attack/resilient state estimation strategy.The specific contents are as follows:1.To correctly evaluate the vulnerability of CPSs,the data-driven false date injection attacks(FDIAs)for state estimation is studied.Assuming that adversaries can not obtain the system configuration information but the noisy measurement data transmitted in the communication network,and the two FDIAs can be constructed by data-driven methods.Considering the attack cost of adversaries,the construction problem of the first low-cost random FDIAs is transformed into the zero-space search problem of the key matrix;moreover,the shrinkage operator is introduced to construct the stealth attack with low cost and maximum attack effect.Considering that some nodes are protected by the defender,the construction problem of the second sparse FDIAs can be transformed into the basis pursuit and regression selection problem,and the solution of the problem can be obtained by alternating direction method of multipliers.The simulation results show that the two data-driven FDIAs can successfully pass the detection of bad data detectors(BDD)based on residuals and deteriorate the state estimation.2.The problem of the data-driven target attack for state estimation of CPSs is mainly studied.Different from previous research on specific attack types,it focuses on the optimal selection of attack targets.The proposed target attack based on the causality analysis(CA)can be combined with specific attack types to improve the precision strike capability of the attack.Firstly,the computational burden of CA is reduced by data preprocessing;secondly,the CA and three new indices based on transfer entropy are adopted and defined to evaluate the influence(or significance)of measurement data(or data sets);thirdly,the advantage of the proposed node attack rather than data attack is theoretically proved in power CPSs.Finally,theoretical analysis and simulation experiments show that the proposed node target attack is more destructive than data target attack and random attack(the attack targets are selected randomly).3.From the defender's perspective,a resilient state estimation strategy based on measurement data reconstruction is proposed.On the one hand,the design of the resilient state estimator relies extremely on the accurate system modeling;on the other hand,the root cause for the deterioration of the state estimation is that the measurement data is manipulated by adversaries.Therefore,this paper does not focus on the design of the state estimator,but on the reconstruction of the incomplete(or residual)measurement data,where the incomplete measurement data are generated by the discarding of bad data by attack detectors.Firstly,the method based on the observability analysis is applied to evaluate attack degree and determine triggering time of the data reconstruction.Secondly,an over-complete dictionary of measurement data is formed by K-SVD-based dictionary learning.Thirdly,a special sampling matrix is designed to improve the effect of data reconstruction.Finally,the simulation experiment of power CPSs shows that the proposed method can reconstruct the residual measurement data well with five common restoration algorithms.Combining the proposed data reconstruction method with the traditional state estimator can improve the resilience of the state estimation strategy against malicious cyber attacks without the design of the complex anti-attack state estimators.4.From the defender's perspective,a resilient state estimation strategy based on data separation is proposed.The data-driven method is proposed to solve the deterioration of state estimation under the two FDIAs constructed in this paper.Firstly,considering the difference of data characteristics between measurement data and false injection data,the method based on the low rank feature tracking and matrix decomposition is introduced to effectively separate different characteristic data;on the one hand,the self-recovery ability of the state estimation strategy is improved by purifying the measurement data,i.e.,the resilient state estimation strategy;on the other hand,the separated attack data reflects the intensity and distribution of the attack,meanwhile the attack detection and identification are completed.Secondly,considering the influence of the measurement noise,the restoration of measurement data with noise under FDIAs is studied.Thirdly,to improve the real-time performance of the proposed method,the off-line low rank matrix approximation method is improved.Finally,the simulation results of power CPSs show that although the data-driven FDIAs constructed in this paper can be stealthy in residualbased detectors,their negative effects on measurement data can be basically eliminated by the data recovery algorithm presented in this paper.Clearly,this state estimation strategy based on the data separation also can improve the resilience of state estimation strategy against malicious cyber attacks.