电力系统自动化2024,Vol.48Issue(17):97-108,12.DOI:10.7500/AEPS20230423004
电力工控系统高隐身虚假遥控指令注入攻击检测
Detection of High-stealth False Remote Control Command Injection Attacks on Power Industrial Control Systems
摘要
Abstract
With the deepening of the coupling between information domain and physical domain in new power system and the rapid development of cyber attack technology,power industrial control systems are facing the threat of customized cyber attack,among which high-stealth false remote control command injection(HFCI)attacks have become one of the most destructive cyber attack types.This paper presents a HFCI attack detection method for power industrial control system.First,the optimized convolutional neural network model is used to detect HFCI and filter abnormal packets at the shallow application layer for IEC 60870-5-104 protocol business traffic.Then,HFCI attack commands at deep application layer are detected through the factory-level command threat assessment module and the system-level command risk judgment module.Finally,the IEEE 30-bus simulation system verifies the accuracy and generalization ability of the proposed HFCI attack detection method.关键词
电力工控系统/IEC60870-5-104协议/业务流量/高隐身虚假遥控指令注入攻击/攻击检测Key words
power industrial control system/IEC 60870-5-104 protocol/business traffic/high-stealth false remote control command injection(HFCI)attack/attack detection引用本文复制引用
张博,宋宇飞,郑豪丰,刘绚,王文博..电力工控系统高隐身虚假遥控指令注入攻击检测[J].电力系统自动化,2024,48(17):97-108,12.基金项目
国家自然科学基金资助项目(51777062). This work is supported by the National Natural Science Foundation of China(No.51777062). (51777062)
