基于卡尔曼滤波的电力虚假数据注入攻击检测方法

能源互联网的主体是基于状态估计下的电力系统。虚假数据注入攻击（FDIA）通过恶意篡改或注入电力数据,进而引发错误的状态估计结果。这种攻击方式存在引发大面积停电事故的风险,严重影响能源互联网的正常运行。在matpower 4.0中的IEEE-14节点系统上,利用以残差方程为基础的标准残差检测法和目标函数极值法,对FDIA进行了检测实验。提出了一种基于卡尔曼滤波的FDIA检测方法,并在MATLAB上进行了验证。实验结果表明,该方法可以在短时间内发现FDIA的发生。     

数字图像水印攻击方法新分类*

分析了数字图像水印攻击方法及对策,提出了一种新的数字图像水印攻击分类,可以完善已有攻击分类.数字水印基准测试软件为数字水印算法提供一种评测标准.在文献[7,8]的基础上,介绍了新的数字水印攻击基准Certimark,并对Checkmark和Stirmark中典型的射影攻击和旋转攻击进行了分析比较.     

基于混合网络结构的可控型蠕虫网络系统

研究和建立了一种可控型的蠕虫网络,设计了广播网络与树状网络相结合的混合网络结构,讨论组网、通信和控制方案,并对性能作了分析,有助于对蠕虫网络的认识和防治.     

近30年全球大停电事故发生的深层次原因分析及启示

2019年以来,委内瑞拉、阿根廷、美国、印尼、英国等多国相继发生多起大停电事故,电网安全成为各方关注的焦点与舆论热点。通过梳理近30年138件主要大停电事件,发现2008年后大停电进入高发期,主要经济体是大停电事故的“重灾区”。自然灾害原因占比56%,影响范围相对明确可控;电力管理体制原因占31%,易与其他诱发因素伴发,具有全局性、系统性影响,可能危害到整个国家和地区的能源安全;意外或人为事故原因占10%;网络攻击成为新兴原因占3%,具有隐蔽性、复杂性强、防御难度大、物理伤害大等特点。深入剖析4类大停电事故发生的原因,根据中国国情和网情,提出防范中国大停电事故发生的措施和建议。     

基于拓扑篡改的电力市场虚假数据注入攻击方案

从攻击者的角度出发,在直流状态估计框架下提出了一种基于拓扑篡改的虚假数据注入攻击(FDIA)方案.首先,通过分析攻击后由网络拓扑处理器计算所得拓扑结构与传感器测量结果的一致性以及对比攻击前、后的残差,给出可以躲避拓扑误差处理检测以及残差检测的隐蔽攻击定义;然后,基于上述定义以及攻击向量列空间的隐蔽条件,提出一种FDIA方案,通过求解凸规划问题实现在保证隐蔽性的同时获得最大发电收益;最后,基于标准IEEE 9节点及14节点系统对所提方案的有效性进行验证.结果表明,与现有FDIA方案相比,所提将拓扑篡改与FDIA相结合的攻击方案具有更强的隐蔽性且获利更大.     

基于改进自注意力机制生成对抗网络的智能电网GPS欺骗攻击防御方法

为了避免全球定位系统欺骗攻击(GSA)对相量测量装置造成的危害,提出了一种基于改进自注意力机制生成对抗网络(SAGAN)的智能电网GSA防御方法.首先,通过引入深度学习参数,构建了改进网络-物理模型,利用历史数据计算得到当前时刻的量测值.然后,在SAGAN的生成器和判别器网络中分别融入一个时间注意力模块,提出了一种用于实现网络-物理模型的改进SAGAN防御方法.通过训练改进SAGAN,得到一对判别器和生成器,利用判别器检测采集的量测值是否遭受GSA,当检测到攻击时,利用生成器生成的数据替换欺骗数据,从而实现智能电网对GSA的主动防御.最后,基于IEEE 14节点和IEEE 118节点系统进行仿真测试,结果验证了所提方法的可行性和有效性.     

几种添加剂对模型石膏性能的影响

研究了N型减水剂、硅溶胶等添加剂对模型石膏凝结时间、强度、吸水率、溶蚀率等性能的影响,并确定了有关性能与添加量之间的关系,得出了最佳添加量。     

Long-term performance of cement paste during combined calcium leaching-sulfate attack: kinetics and size effect

This paper presents experimental results obtained on cement paste samples (water/cement ratio of 0.4) subjected to a low-concentration (15 mmol/l) external sulfate attack during several weeks. Chemical and microstructural analyses include the continuous monitoring of calcium loss and sulfate consumption within the cement paste, periodic layer by layer X-ray diffraction (XRD)/energy-dispersive spectrometer (EDS) analyses of the solid constituents of the cement matrix (ettringite, portlandite, gypsum) within the calcium-depleted part of the samples. Scanning electron microscopy (SEM) and visual observations are used to follow the crack pattern evolution during the external sulfate attack. The relation between the size of the specimen and crack initiation/development is investigated experimentally by performing tests on samples with different thickness/diameter ratios.     

Data-mining based SQL injection attack detection using internal query trees

Detecting SQL injection attacks (SQLIAs) is becoming increasingly important in database-driven web sites. Until now, most of the studies on SQLIA detection have focused on the structured query language (SQL) structure at the application level. Unfortunately, this approach inevitably fails to detect those attacks that use already stored procedure and data within the database system. In this paper, we propose a framework to detect SQLIAs at database level by using SVM classification and various kernel functions. The key issue of SQLIA detection framework is how to represent the internal query tree collected from database log suitable for SVM classification algorithm in order to acquire good performance in detecting SQLIAs. To solve the issue, we first propose a novel method to convert the query tree into an n-dimensional feature vector by using a multi-dimensional sequence as an intermediate representation. The reason that it is difficult to directly convert the query tree into an n-dimensional feature vector is the complexity and variability of the query tree structure. Second, we propose a method to extract the syntactic features, as well as the semantic features when generating feature vector. Third, we propose a method to transform string feature values into numeric feature values, combining multiple statistical models. The combined model maps one string value to one numeric value by containing the multiple characteristic of each string value. In order to demonstrate the feasibility of our proposals in practical environments, we implement the SQLIA detection system based on PostgreSQL, a popular open source database system, and we perform experiments. The experimental results using the internal query trees of PostgreSQL validate that our proposal is effective in detecting SQLIAs, with at least 99.6% of the probability that the probability for malicious queries to be correctly predicted as SQLIA is greater than the probability for normal queries to be incorrectly predicted as SQLIA. Finally, we perform additional experiments to compare our proposal with syntax-focused feature extraction and single statistical model based on feature transformation. The experimental results show that our proposal significantly increases the probability of correctly detecting SQLIAs for various SQL statements, when compared to the previous methods.     

基于FPGA实现AES的侧信道碰撞攻击

为了解决攻击点在能量迹中具体位置的识别问题,在对侧信道碰撞攻击技术研究的基础上,提出了通过计算能量迹中每个采样点的方差来识别攻击点的方差检查技术。并利用基于相关系数的碰撞检测方法,对一种AES的FPGA实现实施了攻击。实验结果表明,方差检查技术可以有效地识别攻击点在能量迹中的具体位置。