计算机科学

计算机科学 ›› 2024, Vol. 51 ›› Issue (6A): 230700077-8.doi: 10.11896/jsjkx.230700077

• 信息安全 • 上一篇    下一篇

基于联邦学习的智能电网AMI入侵检测方法研究

刘东奇1, 张琼1, 梁皓澜1,2, 张孜栋1, 曾祥君1   

  1. 1 长沙理工大学电气与信息工程学院 长沙 410114
    2 湖南工程学院电气与信息工程学院 湖南 湘潭 411104
  • 发布日期:2024-06-06
  • 通讯作者: 梁皓澜(2631650704@qq.com)
  • 作者简介:(liudongqi@csust.edu.cn)
  • 基金资助:
    国家自然科学基金(52177068);国家重点研发计划(2018YFB0904900);湖南省教育厅科研项目(21C0577);长沙理工大学科研创新项目(CXCLY2022076)

Study on Smart Grid AMI Intrusion Detection Method Based on Federated Learning

LIU Dongqi1, ZHANG Qiong1, LIANG Haolan1,2, ZHANG Zidong1, ZENG Xiangjun1   

  1. 1 College of Electrical and Information Engineering,Changsha University of Science & Technology,Changsha 410114,China
    2 College of Electrical and Information Engineering,Hunan Institute of Engineering,Xiangtan,Hunan 411104,China
  • Published:2024-06-06
  • About author:LIU Dongqi,born in 1986,Ph.D,asso-ciate professor.His main research in-terests include intelligent grid information processing and distributed collaborative control.
    LIANG Haolan,born in 1993,Ph.D candidate.Her main research interest is power system information security.
  • Supported by:
    National Natural Science Foundation of China(52177068),National Key R&D Program of China(2018YFB0904900),Research Project of Hunan Provincial Department of Education(21C0577) and Scientific Research and Innovation Project of Changsha University of Science and Technology(CXCLY2022076).

PDF (PC)

331

摘要: 高级量测体系(Advanced Metering Infrastructure,AMI)是建设智能电网及泛在电力物联网的关键一环。随着海量终端接入和异构通信网络组件的应用,AMI遭受网络攻击的风险大大增加。针对传统AMI网络攻击入侵检测方法存在主站计算压力过大、抗灾能力弱以及识别精度不足的问题,提出一种基于联邦学习的AMI入侵检测方法。首先,构建面向AMI的联邦学习入侵检测模型,在模型中集成联邦学习框架;然后,设计一种边缘侧的融合决策树的轻量级入侵检测算法,并提出跨台区云边协同的联合训练方法,实现跨台区经验的共享,提升入侵检测性能;最后,基于NSL-KDD数据集进行仿真验证,结果表明,与集中式、联邦学习与神经网络的入侵检测模型相比,所提方法准确率可达99.76%,误报率仅为0.17%。同时减少了检测时间,提高了通信效率,并且保证数据不离开本地,降低了数据隐私泄露的风险。

关键词: AMI, 联邦学习, 入侵检测, 云边协同, 决策树

Abstract: Advanced metering infrastructure(AMI) is a key link in building smart grid and ubiquitous electric IoT.With the application of mass terminal access and heterogeneous communication network components,the risk of network attacks on AMI is greatly increased.For the problems of traditional AMI network attack intrusion detection methods,such as excessive computing pressure of the main station,weak disaster resistance ability and insufficient recognition accuracy,an AMI intrusion detection method based on federated learning is proposed.Firstly,the federated learning intrusion detection model for AMI is constructed,and the federated learning framework is integrated into the model.Then,a lightweight intrusion detection algorithm that integrates decision tree on the edge side is designed,and a cross-platform cloud-edge collaborative joint training method is proposed to realize cross-platform experience sharing and improve intrusion detection performance.Finally,based on the NSL-KDD dataset,simulation results show that compared with the centralized and federated learning fusion neural network intrusion detection models,the accuracy of the proposed method can reach 99.76%,and the false positive rate is only 0.17%.At the same time,the detection time is reduced,the communication efficiency is improved.It also ensures that data does not leave the local area,reducing the risk of data privacy disclosure.

Key words: AMI, Federated learning, Intrusion detection, Cloud edge collaboration, Decision tree

中图分类号: 

  • TP399
[1]PANAGIOTIS I R G,PANAGIOTIS G S.Securing the Smart Grid:A Comprehensive Compilation of Intrusion Detection and Prevention Systems[J].IEEE Access,2019,7:46595-46620.
[2]ZHANG L P,LU W,XIAO Y,et al.Anomaly Detection method of Smart Meters data based on GMM-LDAclustering feature Learning and PSO Support Vector Machine[C]//IEEESustai-nable Power and Energy Conference.Beijing,China,2019.
[3]WANG X.Multi-domain Network Intrusion Detection Based on Attention-based Bidirectional LSTM[C]//2023 IEEE 6th Information Technology,Networking,Electronic and Automation Control Conference.Chongqing,China,2023:805-810.
[4]YU Y,HENG Y H,LIANG Z Y,et al.AdaBoost-CNN:a hybrid method for electricity theft detection[C]//Asia Conference on Power and ElectricalEngineering(ACPEE).Chongqing,China,2021.
[5]LIU F F.Research on Application of Intrusion Detection Algorithm Based on Deep Learning in AMI[D].Lanzhou:Lanzhou Jiaotong University,2020.
[6]OZAY M,ESNAOLA I,VURAL F,et al.Machine LearningMethods for Attack Detection in the Smart Grid[J].IEEE Transactions on Neural Networks and Learning Systems,2016,27(8):1773-1786.
[7]AHMED S,LEE Y D,SEUNG H H,et al.Unsupervised Ma-chine Learning-based Detection of Covert Data Integrity Assault in Smart Grid Networks Utilizing Isolation Forest[J].IEEE Transactions on Information Forensics and Security,2019,14(10):2765-2777.
[8]KURT M N,OGUNDIJO O,LI C,et al.Online Cyber-AttackDetection in Smart Grid:A Reinforcement Learning Approach[J].IEEE Transactions on Smart Grid,2018,10(5):5174-5185.
[9]AN D,YANG Q,LIU W,et al.Defending Against Data Integrity Attacks in Smart Grid:A Deep Reinforcement Learning-Based Approach[J].IEEE Access,2019,7:110835-110845.
[10]ZHANG Y C,WANG L F,SUN W Q,et al.Distributed IDS in a multi-layer network architecture of smart grids[J].IEEE Tran-sactions on Smart Grid,2011,2(4):796-808.
[11]ALSEIARI F,AUNG Z.Real-time anomaly-based distributedintrusion detection systems for advanced Metering Infrastructure utilizing stream data mining[C]//International Conference on Smart Grid and Clean Energy Technologies.Offenburg,Germany,2016:148-153.
[12]ZHAO R J,YIN Y,SHI Y,et al.Intelligent intrusion detection based on federated learning aided long short-term memory[J].Physical Communication,2020,42:1874-4907.
[13]RAHMAN S,TOUT H,TALHI C,et al.Internet of things intrusion detection:Centralized,on-device,or federated learning?[J].IEEE Network,2020,34(6):310-317.
[14]WANG R,MA C G,WU P.Intrusion detection method based on federated learning and convolutional neural network[J].Information Network Security,2020(4):47-54.
[15]TANG Z,MIN Q Q.Line Fault Monitoring System of Distribution Network Based on Power Line Carrier and ZigBee Techno-logy[J].Journal of Electric Power Science and Technology,2012,27(1):70-74.
[16]LUO H X,JIN X,QIAN B,et al.Security protection method ofintelligent terminal and smart electricity meter based on block chain[J].China Southern Power Grid Technology,2021,15(4):50-58.
[17]ROBERTO M C.Modular Advanced Metering Infrastructure to Reduce Electricity Theft and a Cluster-Based Illegal Loads Detection[J].IEEE Latin America Transactions,2023,21(4):579-587.
[18]ZHANG Y.Research on decision tree classification and pruning algorithm[D].Harbin:Harbin University of Technology,2009.
[19]SHI W C.Research on industrial internet intrusion detectionmethod based on integrated learning[D].Changchun:Jilin University,2022.
[20]JIANG H B,LIU B,YUAN W H.Research on Adaptive Random Search Algorithm Based on Metropolis Criterion[J].Science and Technology in Western China,2015,14(3):17-19.
[21]JAHROMI A,KARIMIPOUR H,DEHGHANTANHA A,et al.Toward Detection and Attribution of Cyber-Attacks in IoT-Enabled Cyber-Physical Systems[J].IEEE Internet of Things Journal,2021,8(17):13712-13722.
[22]ZHANG S C,XIE X Y,XU Y.Intrusion Detection MethodBased on DCNN[J].Journal of Tsinghua University(Natural Science Edition),2019,59(1):46-54.
[23]MA Q,HU J H,YU Y J.Research on intrusion detection based on decision tree algorithm[J].Telecommunication Engineering Technology and Standardization,2022,35(5):33-39.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发