当前位置: X-MOL 学术IEEE J. Emerg. Sel. Top. Circuits Syst. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Incomplete Information Stochastic Game Theoretic Vulnerability Management for Wide-Area Damping Control Against Cyber Attacks
IEEE Journal on Emerging and Selected Topics in Circuits and Systems ( IF 3.7 ) Pub Date : 2022-02-16 , DOI: 10.1109/jetcas.2022.3151645
Qingyang Li 1 , Yang Li 2 , Shichao Liu 1 , Xiaozhe Wang 3 , Hicham Chaoui 1
Affiliation  

While securing wide-area damping controllers (WADCs) against cyber attacks becomes critical, most existing efforts deal with model-based attacks. A smart attacker may not follow the prescribed models and can intelligently change the attack actions. To tackle this challenge, this work proposes a stochastic game theoretic framework that can model the dynamic interaction between the attacker (a jammer) and the defender (intrusion detector in the WADC) with the player’s type uncertainty to optimally manage the vulnerability of the power system. Uniquely, the always opponent assumption of the other player made in most of the existing works is removed as this assumption may lead to serious resource waste due to the high over-defense rate. In this incomplete information stochastic game, the attacker intelligently jams the communication links between phasor measurement units (PMUs) and WADCs, while the intrusion detection of the WADCs is considered as the defense action. The vulnerability level of the power system resulted from the attack and defense actions in the cyber-layer is indexed by the trace of the observability Gramian. Therefore, the proposed stochastic game framework provides a cyber-physical view to make the optimal cyber-layer intrusion detection system (IDS) triggering strategy for the WADC. As the types of the other player are unknown to the defender, a Bayesian based posterior type belief update method is proposed for the defender to update the type belief about the opponent by the boundary probability based on the Bayesian Nash Equilibrium. The proposed cyber-layer IDS triggering strategy is tested and compared with other game approaches on the IEEE 39-bus 10-generator system. Simulation results show that the proposed approach can achieve the same defense performance compared to the complete information stochastic game while reducing the over-defense rate from 40% to 16%.

中文翻译:


针对网络攻击的广域阻尼控制的不完全信息随机博弈论漏洞管理



虽然保护广域阻尼控制器 (WADC) 免受网络攻击变得至关重要,但大多数现有工作都是针对基于模型的攻击。聪明的攻击者可能不遵循规定的模型,并且可以智能地改变攻击行为。为了应对这一挑战,这项工作提出了一种随机博弈论框架,可以根据玩家的类型不确定性对攻击者(干扰器)和防御者(WADC 中的入侵检测器)之间的动态交互进行建模,以最佳地管理电力系统的脆弱性。独特的是,大多数现有作品中对其他玩家所做的始终对手的假设被删除,因为这种假设可能会因高过度防御率而导致严重的资源浪费。在这种不完全信息随机博弈中,攻击者智能地干扰相量测量单元(PMU)和WADC之间的通信链路,而WADC的入侵检测被视为防御行动。网络层的攻击和防御行为导致的电力系统的脆弱性等级通过可观测性格拉米亚迹来表征。因此,所提出的随机博弈框架提供了一个网络物理视图,为 WADC 制定最佳的网络层入侵检测系统(IDS)触发策略。由于防守方未知对方球员的类型,提出一种基于贝叶斯的后验类型信念更新方法,供防守方通过基于贝叶斯纳什均衡的边界概率来更新对手的类型信念。所提出的网络层 IDS 触发策略在 IEEE 39 总线 10 发电机系统上进行了测试,并与其他博弈方法进行了比较。 仿真结果表明,该方法能够实现与完全信息随机博弈相同的防御性能,同时将过度防御率从40%降低到16%。
更新日期:2022-02-16
down
wechat
bug