Detection And Defense Of False Data Injection Attack In Grid CPS

With the massive consumption of traditional fossil energy and its prominent impact on ecological environment,as well as the more demanding requirements of industrial production on the power system,the traditional power system urgently needs to transform to the smart grid using innovative information technology.The grid Cyber Physical System(CPS)was developed in this scenario,which is a typical multi-dimensional complex intelligent power system with deep coupling and cooperation between information system and physical system,and integrated computing,network and physical environment.However,information technology brings convenience as well as threats of network attacks,especially False Data Injection Attack(FDIA),which can bypass traditional detection methods and cause large-scale grid failures and affect the reliable operation of the grid.Therefore,it is of great significance to study the methods of detection and defense against FDIA.This paper addresses the problem of false data injection attacks in grid CPS,by analyzing the state estimation of power systems and exploring the principle of FDIA composition,an improved unscented Kalman filter algorithm is proposed from the perspective of state estimation to detect FDIA,and a double-layer defense architecture for false data injection attacks is proposed which based on RF and Grey Wolf Optimizer(GWO)to optimize Long and Short-Term Memory(LSTM)using historical data.The main research contents are demonstrated as follows:Firstly,the grid CPS architecture is designed and the mathematical expressions of two forms of power system state estimation,including nonlinear estimation and linear estimation are studied.On the basis of this false data injection attack mechanism is analyzed,and the attack model is constructed.Considering the construction of FDIA attack vectors in the case of known partial topology information,single-node attack and multi-node attack are implemented for the IEEE14,respectively.The experiments demonstrate that FDIA maliciously affects the power flow data without changing the system residuals.Meanwhile,the adverse effects of FDIA on the power system are further analyzed from both economic and safety aspects to provide a basis for subsequent research work.Secondly,the FDIA detection method based on the improved unscented Kalman filter is investigated.The detection algorithm,from the perspective of state estimation,uses the different properties of transitional convergence and rapid response of the improved unscented Kalman filter algorithm and the weighted least squares algorithm in the power state estimation stage,respectively,to perform state consistency tests as well as sudden load change disturbance test on the attacked power systems in turn.Experiments were conducted in IEEE30 as well as IEEE57 respectively which showed that the method can effectively detect the presence of FDIA.Finally,the two-layer defense architecture for grid CPS false data injection attacks is discussed.The upper layer of the two-layer defense architecture is a multi-label false data localization algorithm based on RF algorithm.Taking the advantage of machine learning methods for processing large amounts of data,the RF algorithm is selected to construct classifiers with corresponding numbers of grid cases using a large amount of historical quantitative data,and then the labels output from multiple classifiers are combined.The lower layer of the defense architecture is the state data prediction layer,which uses the GWO-LSTM model to predict the rejected state quantities,and the quantitative data derived from the state quantities will restore the system state estimation function to normal.The experimental results illustrate that the RF algorithm can precisely locate the node position of the FDIA,and the GWO-LSTM model has significant advantages in state prediction for state data correction.In conclusion,the detection algorithm and defense architecture in this paper can effectively achieve FDIA detection,accurate attack localization and data recovery of the power grid system,respectively.Therefore,it is significant for theoretical research and practical application for the secure operation of grid CPS and the provision of defensive measures.