基于多元检测模型的信息物理系统网络攻击防御机制

doi:10.3969/j.issn.2097-0706.2025.11.005

摘要/Abstract

摘要：

在新型信息物理系统的发展过程中，虚假数据注入攻击构成了严重威胁，它可以通过篡改电网数据信息形成虚假的电网状态，诱导运行人员做出错误的运行决策，进而干扰电力系统的稳定运行。现有的防御手段无法解决复杂数据类型的攻击，也无法精确定位异常的状态，因此，提出多情形交流虚假数据注入攻击策略，构建更符合实际电网环境且具有强隐蔽性的攻击模型。在此基础上，设计基于多元检测模型的防御机制，有效结合极限学习机、极端梯度提升树、轻量级梯度提升器3种检测器的优点，以多情形的攻击情况为训练数据，形成高效、精准定位异常状态的攻击检测模型。攻击和防御模型都在IEEE 14和IEEE 57节点系统中仿真。试验结果验证了攻击的有效性、隐蔽性、多样性以及检测机制的实时性和准确性。

关键词: 信息物理系统, 电力信息安全, 虚假数据注入攻击, 多元检测模型, 极限学习机, 极端梯度提升树, 轻量级梯度提升器

Abstract:

False data injection attacks pose a severe threat that cannot be overlooked during the development of new cyber-physical power systems. These attacks can tamper with power grid data to create false grid states， mislead operators into making incorrect operational decisions， and consequently disrupt the stable operation of the power system. Moreover， existing defense methods are incapable of addressing attacks involving complex data types or pinpointing abnormal states. Therefore， a multi-scenario AC false data injection attack strategy was proposed， and an attack model better aligning with actual power grid environments and exhibiting strong stealthiness was constructed. On this basis， a defense mechanism based on a multivariate detection model was designed， effectively integrating the advantages of three detectors： extreme learning machine， extreme gradient boosting， and light gradient boosting machine. Using multi-scenario attack cases as training data， an efficient attack detection model capable of pinpointing abnormal states was formed. Both the attack and defense models were simulated in IEEE 14-bus and IEEE 57-bus systems. The experimental results verified the effectiveness， stealthiness， and diversity of the attacks， as well as the real-time performance and accuracy of the detection mechanism.

Key words: cyber-physical power system, electric power system information security, false data injection attack, multivariate detection model, extreme learning machine, extreme gradient boosting, light gradient boosting machine

中图分类号:

TK01：TM73

薛雯丽, 洪晓燕, 杨文杰, 吴婷. 基于多元检测模型的信息物理系统网络攻击防御机制[J]. 综合智慧能源, 2025, 47(11): 52-61.

XUE Wenli, HONG Xiaoyan, YANG Wenjie, WU Ting. Multivariate detection model-based defense mechanism against cyber attacks on cyber-physical power systems[J]. Integrated Intelligent Energy, 2025, 47(11): 52-61.

图/表 11

图1

图2

图3

图4

表1

图5

图6

图7

图8

图9

表2

参考文献 32

[1]	李瑶虹, 黄伟, 孙贝贝, 等. 拒绝服务攻击下基于分布式事件触发一致性预测补偿的微电网能量优化管理[J]. 现代电力, 2021, 38(2): 178-186.
	LI Yaohong, HUANG Wei, SUN Beibei, et al. Optimal energy management in micro‑grid based on distributed event‑triggered consensus predictive compensation under DoS attack[J]. Modern Electric Power, 2021, 38(2): 178-186.
[2]	王胜锋, 丁洲, 吴劲松, 等. 基于拓扑篡改的电力市场虚假数据注入攻击方案[J]. 电力自动化设备, 2021, 41(11): 147-152.
	WANG Shengfeng, DING Zhou, WU Jinsong, et al. False data injection attack scheme of electricity market based on topology tampering[J]. Electric Power Automation Equipment, 2021, 41(11): 147-152.
[3]	WU Y D, WEI Z, WENG J, et al. Resonance attacks on load frequency control of smart grids[J]. IEEE Transactions on Smart Grid, 2018, 9(5): 4490-4502.
[4]	RUAN J Q, YANG C, WANG Q H, et al. Assessment of spatiotemporally coordinated cyberattacks on renewable energy forecasting in smart energy system[J]. Applied Energy, 2023, 347: 121470.
[5]	YE H X, GE Y Y, LIU X, et al. Transmission line rating attack in two‑settlement electricity markets[J]. IEEE Transactions on Smart Grid, 2016, 7(3): 1346-1355.
[6]	YAO W T, WANG Y, XU Y, et al. Cyber-resilient control of an islanded microgrid under latency attacks and random DoS attacks[J]. IEEE Transactions on Industrial Informatics, 2023, 19(4):5858-5869.
[7]	黄崇鑫, 洪明磊, 伏帅, 等. 考虑虚假数据注入攻击的有源配电网分布式状态估计[J]. 电力工程技术, 2022, 41(3): 22-31.
	HUANG Chongxin, HONG Minglei, FU Shuai, et al. Distributed state estimation of active distribution network considering false data injection attack[J]. Electric Power Engineering Technology, 2022, 41(3): 22-31.
[8]	黄鸿志. 恶意攻击威胁下电力系统脆弱性分析模型与方法[D]. 北京: 华北电力大学, 2012.
	HUANG Hongzhi. Analysis of power system vulnerable under deliberate attack threat[D]. Beijing: North China Electric Power University, 2012.
[9]	伍虹, 杨超, 鲁杰, 等. 基于自适应UKF算法的虚假数据注入攻击检测研究[J]. 智能计算机与应用, 2023, 13(6): 168-173.
	WU Hong, YANG Chao, LU Jie, et al. Research on false data injection attack detection based on adaptive unscented Kalman filter algorithm[J]. Intelligent Computer and Applications, 2023, 13(6): 168-173.
[10]	GIRALDO J, HARIRI M E, PARVANIA M. Decentralized moving target defense for microgrid protection against false‑data injection attacks[J]. IEEE Transactions on Smart Grid, 2022, 13(5): 3700-3710.
[11]	WANG H Z, MENG A J, LIU Y T, et al. Unscented Kalman Filter based interval state estimation of cyber physical energy system for detection of dynamic attack[J]. Energy, 2019, 188: 116036.
[12]	郑凯源. 基于机器学习的网络安全威胁检测系统设计[J]. 电脑编程技巧与维护, 2025(2): 158-160.
[13]	汪锦, 张啸宇. 基于LightGBM的家庭负荷虚假数据注入攻击检测模型[J]. 综合智慧能源, 2024, 46(11):1-9.
	WANG Jin, ZHANG Xiaoyu. False data injection attacks detection model based on Light GBM for household load data[J]. Integrated Intelligent Energy, 2024, 46(11): 1-9.
[14]	郭敬东, 刘文亮, 罗富财, 等. 基于梯度提升决策树的网络虚假数据注入攻击检测方法[J]. 自动化技术与应用, 2025, 44(5): 85-89.
	GUO Jingdong, LIU Wenliang, LUO Fucai, et al. Detection method of network false data injection attacks based on gradient lifting decision tree[J]. Techniques of Automation and Applications, 2025, 44(5): 85-89.
[15]	席磊, 李宗泽, 刘治洪, 等. 基于图像编码与多头自注意力卷积神经网络的电网虚假数据注入攻击检测[J/OL]. 中国电机工程学报, 2025: 1-13( 2025-01-06)[2025-03-14].https://doi.org/10.13334/j.0258-8013.pcsee.242225.
	XI Lei, LI Zongze, LIU Zhihong, et al. False data injection attack detection of power grid based on image coding and multi‑head self‑attention convolutional neural network[J/OL]. Proceedings of the CSEE, 2025: 1-13 ( 2025-01-06)[2025-03-14]. https://doi.org/10.13334/j.0258-8013.pcsee.242225.
[16]	吕永升, 张啸宇, 王榕夕, 等. 联邦学习在新型电力系统中的应用与展望[J]. 综合智慧能源, 2024, 46(11): 54-64.
	YongshengLYU, ZHANG Xiaoyu, WANG Rongxi, et al. Application and prospect of federated learning in new power systems[J]. Integrated Intelligent Energy, 2024, 46(11): 54-64.
[17]	曹磊, 温蜜, 何蔚. 基于深度学习的车联网的路网监测系统的DoS和DDoS攻击的入侵检测方法[J]. 计算机应用与软件, 2025, 42(1): 303-311.
	CAO Lei, WEN Mi, HE Wei. Deep learning based DoS and DDoS attack detection method in the highway monitoring system of IOV[J]. Computer Applications and Software, 2025, 42(1): 303-311.
[18]	李华, 陆明璇, 佟永吉, 等. 态势感知技术在新型电力系统运行中的应用[J]. 综合智慧能源, 2023, 45(3): 24-33.
	LI Hua, LU Mingxuan, TONG Yongji, et al. Application of situational awareness technology in the safe and stable operation of new power systems[J]. Integrated Intelligent Energy, 2023, 45(3): 24-33.
[19]	唐云泽, 苏晓茜. 电力系统网络攻击方法研究综述[J]. 中国信息化, 2020(12):57-60.
	TANG Yunze, SU Xiaoqian. A Review of research on cyberattack methods in power systems[J]. China Informatization, 2020(12): 57-60.
[20]	王琦, 邰伟, 汤奕, 等. 面向电力信息物理系统的虚假数据注入攻击研究综述[J]. 自动化学报, 2019, 45(1): 72-83.
	WANG Qi, TAI Wei, TANG Yi, et al. A review on false data injection attack toward cyber-physical power system[J]. Acta Automatica Sinica, 2019, 45(1): 72-83.
[21]	刘石川, 慕腾, 郭裕, 等. 基于直流潮流模型的电网结构优化方法研究与应用[J]. 内蒙古电力技术, 2022, 40(2): 45-49.
	LIU Shichuan, MU Teng, GUO Yu, et al. Research and application of network structure optimization method based on DC power flow model[J]. Inner Mongolia Electric Power, 2022, 40(2): 45-49.
[22]	赵红嘎. 电力系统状态估计中相量量测应用及直流模型处理问题[D]. 济南: 山东大学, 2005.
	ZHAO Hongga. Study on phasor measurements and DC model in power system state estimation[D]. Jinan: Shandong University, 2005.
[23]	王文杰, 房海腾, 朱成杰, 等. 基于KNN分类算法的电力系统网络虚假数据注入攻击防御方法[J]. 微型电脑应用, 2024, 40(10): 130-134.
	WANG Wenjie, FANG Haiteng, ZHU Chengjie, et al. A defense method for false data injection attacks in power system networks based on KNN classification algorithm[J]. Microcomputer Applications, 2024, 40(10): 130-134.
[24]	朱斌, 胡威. 基于同步相量测量的电力系统稳定性分析与控制策略分析[J]. 电工技术, 2024(S2): 484-486.
	ZHU Bin, HU Wei. Stability analysis and control strategy analysis of power system based on synchronous phasor measurement[J]. Electric Engineering, 2024(S2): 484-486.
[25]	伏坚, 胡博, 谢开贵, 等. 应对协同攻击的电力系统发输电拓展随机规划[J]. 电力系统自动化, 2021, 45(2): 21-29.
	FU Jian, HU Bo, XIE Kaigui, et al. Stochastic planning of generation and transmission expansion for power system against coordinated attacks[J]. Automation of Electric Power Systems, 2021, 45(2): 21-29.
[26]	黄冬梅, 杨旭, 胡安铎, 等. 基于CNN-BiGRU-XGBoost的新型电力系统虚假数据注入攻击检测[J]. 电网技术, 2025, 49(5): 2119-2127.
	HUANG Dongmei, YANG Xu, HU Anduo, et al. Detection of false data injection attack in new power system based on CNN-BiGRU-XGBoost[J]. Power System Technology, 2025, 49(5): 2119-2127.
[27]	翟千惠, 朱萌, 俞阳, 等. 基于XGBoost算法的电力虚假数据注入攻击残差检测[J]. 电子设计工程, 2025, 33(1): 109-112, 117.
	ZHAI Qianhui, ZHU Meng, YU Yang, et al. Residual detection of power false data injection attacks based on XGBoost algorithm[J]. Electronic Design Engineering, 2025, 33(1): 109-112, 117.
[28]	李俊颉, 高莲, 李鹏, 等. 基于DDPM-LightGBM的电力CPS多标签不平衡虚假数据注入攻击的检测[J]. 昆明理工大学学报(自然科学版), 2025, 50(3): 49-57.
	LI Junjie, GAO Lian, LI Peng, et al. Detection of imbalanced multi‑class false data injection attacks in cyber-physical systems based on DDPM-Light GBM[J]. Journal of Kunming University of Science and Technology (Natural Science), 2025, 50(3): 49-57.
[29]	常英贤, 郭阳, 王越越, 等. 基于混合集成学习的电网安全评估模型研究[J]. 自动化仪表, 2025, 46(3): 43-48.
	CHANG Yingxian, GUO Yang, WANG Yueyue, et al. Research on grid security assessment model based on hybrid integrated learning[J]. Process Automation Instrumentation, 2025, 46(3): 43-48.
[30]	LI Y F, XUE W L, WU T, et al. Intrusion detection of cyber physical energy system based on multivariate ensemble classification[J]. Energy, 2021, 218: 119505.
[31]	阮兆文, 孟干, 周冬青, 等. 智能电网中的虚假数据注入攻击检测方法研究[J]. 自动化与仪器仪表, 2019(3): 49-52.
	RUAN Zhaowen, MENG Gan, ZHOU Dongqing, et al. Research on false data injection attack detection method in smart grid[J]. Automation & Instrumentation, 2019(3): 49-52.
[32]	单瑞卿, 盛阳, 苏盛, 等. 考虑攻击方身份的电力监控系统网络安全风险分析[J]. 电力科学与技术学报, 2022, 37(5): 3-16.
	SHAN Ruiqing, SHENG Yang, SU Sheng, et al. Risk anlysis of power system cyber securityc onsidering identity of malicious adversaries[J]. Journal of Electric Power Science and Technology, 37(5): 3-16.

系统	检测模型	检测率				平均检测率
系统	检测模型	100	[90,100)	[80,90)	<80	平均检测率
IEEE 14	ELM		20.8	4.3	4.3	96.8
	XGBoost		14.2	3.1	2.1	97.2
	LGB	81.5	13.2	2.8	2.5	97.8
	MDM	83.1	13.7	2.6	0.6	98.4
IEEE 57	ELM	68.6	10.8	11.5	9.1	90.5
	XGBoost	74.6	11.5	5.6	8.3	94.5
	LGB	72.5	9.8	6.2	11.5	95.5
	MDM	78.6	12.5	4.3	4.6	96.5