[go: up one dir, main page]

CN106375344B - A kind of smart grid load integrality attack detection method towards cloud storage - Google Patents

A kind of smart grid load integrality attack detection method towards cloud storage Download PDF

Info

Publication number
CN106375344B
CN106375344B CN201610943338.XA CN201610943338A CN106375344B CN 106375344 B CN106375344 B CN 106375344B CN 201610943338 A CN201610943338 A CN 201610943338A CN 106375344 B CN106375344 B CN 106375344B
Authority
CN
China
Prior art keywords
data
verification
cloud storage
block
sub
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201610943338.XA
Other languages
Chinese (zh)
Other versions
CN106375344A (en
Inventor
张少敏
赵庆
王保义
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
North China Electric Power University
Original Assignee
North China Electric Power University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by North China Electric Power University filed Critical North China Electric Power University
Priority to CN201610943338.XA priority Critical patent/CN106375344B/en
Publication of CN106375344A publication Critical patent/CN106375344A/en
Application granted granted Critical
Publication of CN106375344B publication Critical patent/CN106375344B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1466Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

一种面向云存储的智能电网负荷完整性攻击检测方法,目的是保证电力系统安全稳定运行,其技术方案是,所述方法首先由数据采集者将智能仪表采集到的电网负荷数据加密后,通过云动态保存到云存储器;然后由数据分析者发起验证攻击;进而由云存储器生成验证证据;最后由数据分析者进行攻击验证,并依据验证结果决定对云存储器中的数据进行分析操作或者重新采集操作。本发明通过加密技术保护系统量测值,减少量测值冗余,降低攻击检测的时间,防止虚假数据注入攻击。该方法通过云存储技术,将采集到的海量系统量测值存储到云端,使负荷完整性攻击检测适用于大规模数据,从而确保了电力系统的安全与稳定运行。

A cloud storage-oriented smart grid load integrity attack detection method, the purpose is to ensure the safe and stable operation of the power system. The cloud is dynamically saved to the cloud storage; then the data analyst initiates a verification attack; then the cloud storage generates verification evidence; finally, the data analyst conducts the attack verification, and decides to analyze or re-acquire the data in the cloud storage based on the verification result operate. The invention protects system measurement values through encryption technology, reduces redundancy of measurement values, reduces attack detection time, and prevents false data injection attacks. This method uses cloud storage technology to store the collected massive system measurement values in the cloud, making load integrity attack detection applicable to large-scale data, thus ensuring the safe and stable operation of the power system.

Description

一种面向云存储的智能电网负荷完整性攻击检测方法A smart grid load integrity attack detection method for cloud storage

技术领域technical field

本发明涉及一种基于密码学的负荷完整性攻击检测方法,属于检测技术领域。The invention relates to a method for detecting load integrity attacks based on cryptography, and belongs to the technical field of detection.

背景技术Background technique

在智能电网深入推进的形势下,电力系统的数字化、信息化和智能化快速发展。智能变电站、智能电表、实时监测系统、现场移动检修系统、测控一体化系统等的应用,使数据的规模和种类高速增长。云存储技术是通过集群应用、网络技术或分布式文件系统等功能,将集群内的物理存储资源无缝整合为统一的存储系统,从而可以存储智能电网中的大数据。负荷数据主要来源于用电信息采集系统、负荷控制系统、电能质量检测等系统,是负荷预测和负荷特性分析的基础,也是对需求侧进行负荷调整与控制的基础。比如电力系统中负荷的波动改变,将会改变电网的工作频率和电压等级。负荷完整性攻击是针对系统状态估计的新型攻击方法。攻击者通过采集并分析智能仪表的数据,预先制定虚假数据后注入,从而有效地绕过系统的检测与防御,影响系统状态估计的结果,进而使控制中心做出错误的系统运行状态并做出错误的决策,还会误导系统进入一个不安全的操作状态,导致在部分传输线上负载可能超过承受能力。因此,在智能电网的环境下,分析系统存在的数据漏洞,研究相应的检测与防范方法,具有重要的理论与现实意义。Under the situation of in-depth advancement of the smart grid, the digitization, informatization and intelligence of the power system are developing rapidly. The application of smart substations, smart meters, real-time monitoring systems, on-site mobile maintenance systems, and integrated measurement and control systems has rapidly increased the scale and types of data. Cloud storage technology seamlessly integrates physical storage resources in the cluster into a unified storage system through functions such as cluster applications, network technology, or distributed file systems, so that it can store big data in smart grids. Load data mainly comes from power consumption information collection system, load control system, power quality inspection and other systems, which is the basis for load forecasting and load characteristic analysis, as well as the basis for load adjustment and control on the demand side. For example, the fluctuation of the load in the power system will change the operating frequency and voltage level of the power grid. Load integrity attack is a new attack method for system state estimation. The attacker collects and analyzes the data of the smart meter, injects false data in advance, thereby effectively bypassing the detection and defense of the system, affecting the result of the system state estimation, and then causing the control center to make a wrong system operating state and make an error. Wrong decisions can also mislead the system into an unsafe operating state, causing the load on some transmission lines to exceed its capacity. Therefore, in the smart grid environment, it is of great theoretical and practical significance to analyze the data loopholes in the system and study the corresponding detection and prevention methods.

许多学者对负荷数据攻击的防范方法进行了研究,取得了一系列的研究成果,如通过保护一组量测值来防范攻击;通过为每个电力潮流量测值附加安全指标的方式来保护量测值;采用贪婪算法来选择量测的一个子集,通过增加检测的量测值的数量,识别注入的虚假数据攻击;运用支持向量机SVM的方法进行异常检测等。但这些方法均存在这样或那样的不足,如造成一定程度上的量测值冗余;只适用于传统的虚假数据注入攻击,难以适应大规模数据等,无法保证电力系统的安全与稳定运行。Many scholars have studied the prevention methods of load data attacks, and achieved a series of research results, such as preventing attacks by protecting a set of measurement values; Measured values; use a greedy algorithm to select a subset of measured values, and identify injected false data attacks by increasing the number of detected measured values; use support vector machine (SVM) method for anomaly detection, etc. However, these methods all have shortcomings of one kind or another, such as causing a certain degree of redundancy in measurement values; they are only suitable for traditional false data injection attacks, and it is difficult to adapt to large-scale data, etc., and cannot guarantee the safe and stable operation of the power system.

发明内容SUMMARY OF THE INVENTION

本发明的目的在于针对现有技术之弊端,提供一种面向云存储的智能电网负荷完整性攻击检测方法,以确保电力系统的安全与稳定运行。The purpose of the present invention is to provide a cloud storage-oriented smart grid load integrity attack detection method to ensure the safe and stable operation of the power system in view of the drawbacks of the prior art.

本发明所述问题是以下述技术方案解决的:Problem described in the present invention is solved with following technical scheme:

一种面向云存储的智能电网负荷完整性攻击检测方法,所述方法首先由数据采集者将智能仪表采集到的电网负荷数据加密后,通过云动态保存到云存储器;然后由数据分析者发起验证攻击;进而由云存储器生成验证证据;最后由数据分析者进行攻击验证,并依据验证结果决定对云存储器中的数据进行分析操作或者重新采集操作。A cloud storage-oriented smart grid load integrity attack detection method, the method first encrypts the grid load data collected by the smart meter by the data collector, and then dynamically saves it to the cloud storage through the cloud; then the data analyst initiates the verification Then, the verification evidence is generated by the cloud storage; finally, the data analyst conducts the attack verification, and decides to analyze or re-acquire the data in the cloud storage according to the verification result.

上述面向云存储的智能电网负荷完整性攻击检测方法,所述方法按以下步骤进行:The above cloud storage-oriented smart grid load integrity attack detection method, the method is carried out according to the following steps:

a.数据采集者对智能仪表采集的数据进行预处理操作,将各种数据结构处理成CIM/XML格式,并对文件进行分块操作:a. Data collectors preprocess the data collected by smart meters, process various data structures into CIM/XML format, and perform block operations on files:

数据采集者将智能仪表中的数据采集后,首先把各种结构的数据处理成CIM/XML数据文档格式F,并把文件F划分为n个子块,得到子块mi(1≤i≤n),然后把每个子块划分为k个基本块,得到基本块mi,j(1≤i≤n.1≤j≤k),构建一个状态表S-Table记录所有的子块miAfter collecting the data in the smart instrument, the data collector first processes the data of various structures into the CIM/XML data file format F, and divides the file F into n sub-blocks to obtain the sub-block m i (1≤i≤n ), and then divide each sub-block into k basic blocks to obtain basic blocks m i,j (1≤i≤n.1≤j≤k), and build a state table S-Table to record all sub-blocks m i ;

b.数据采集者进行初始化操作,生成公钥和私钥以及每个基本块的标签信息:b. Data collectors perform initialization operations to generate public and private keys and label information for each basic block:

数据采集者调用密钥生成算法生成公钥pk=(e,N)和私钥sk=d,公钥公开,私钥自己保存;并生成每个基本块mi,j(1≤i≤n.1≤j≤k)的标签信息Ti,jThe data collector calls the key generation algorithm to generate the public key pk=(e,N) and the private key sk=d, the public key is made public, and the private key is kept by itself; and each basic block m i,j (1≤i≤n .1≤j≤k) label information T i,j :

其中N=p×q,p和q是随机生成的两个大素数,且p≠q,Φ(N)=(p-1)(q-1),随机数e∈[0,Φ(N)-1],且与Φ(N)互质,d满足ed≡1(modΦ(N)),h(·)为同态哈希函数,f(·)是伪随机函数;Where N=p×q, p and q are two large prime numbers randomly generated, and p≠q, Φ(N)=(p-1)(q-1), random number e∈[0,Φ(N )-1], and is relatively prime to Φ(N), d satisfies ed≡1(modΦ(N)), h(·) is a homomorphic hash function, and f(·) is a pseudorandom function;

数据采集者把子块与子块的标签信息关联到S-Table上,把文件F和关联表S-Table上传到云存储器中保存,并把S-Table共享给数据分析者;The data collector associates the sub-block and sub-block label information with the S-Table, uploads the file F and the associated table S-Table to the cloud storage for storage, and shares the S-Table with the data analyst;

c.数据分析者发起验证攻击:c. The data analyst launches a verification attack:

数据分析者随机选择一个系数c(1≤c≤n)发送给云存储器,云存储器接收到c后,查找到对应的第c个子块,并根据子块包含的基本块的标签信息Ti,j计算得到子块的标签信息TiThe data analyst randomly selects a coefficient c (1≤c≤n) and sends it to the cloud storage. After receiving c, the cloud storage finds the corresponding cth sub-block, and according to the label information T i of the basic block contained in the sub-block, j calculates the label information T i of the sub-block:

数据分析者生成随机数r∈[1,2k-1]和攻击验证请求chal={r,c};Data analyst generates random number r∈[1,2 k -1] and attack verification request chal={r,c};

d.云存储器生成验证证据R:d. Cloud storage generates verification evidence R:

云存储器计算:Cloud storage computing:

er=er modNe r =e r mod N

并计算输出验证证据:And calculate the output verification proof:

然后将子块的标签信息Ti和验证证据R发送给数据分析者;Then send the tag information T i and verification evidence R of the sub-block to the data analyst;

e.数据分析者进行攻击验证:e. Data analysts conduct attack verification:

数据分析者由验证证据R、待检测文件的公钥pk、子块mi的标签信息Ti以及验证请求chal,计算:The data analyst calculates from the verification evidence R, the public key pk of the file to be detected, the label information T i of the sub-block mi and the verification request chal:

N是公钥pk里的参数,Ti是第i个数据块的标签,与Tt是一个意思,代表的是第t个数据块的标签;N is the parameter in the public key pk, T i is the label of the i-th data block, and T t is the same meaning, representing the label of the t-th data block;

其中,t,1≤t≤c是随机抽取的数据块个数,Tt r是任一个数据块使用随机数r生成的标签信息;Among them, t,1≤t≤c is the number of randomly selected data blocks, and T t r is the label information generated by any data block using a random number r;

数据分析者为待检测文件生成正确的验证信息:The data analyst generates the correct verification information for the file to be detected:

R'=TrmodNR'=T r mod N

其中,Tr是抽取的数据生成的总的标签信息,比较等式R'=R是否成立;Among them, T r is the total label information generated by the extracted data, and compares whether the equation R'=R is established;

验证由云存储器生成的验证证据R和数据分析者生成的正确的验证信息R'是否相等,若R'=R说明云存储器中的量测值被正确存储,数据分析者可以安全下载需要的量测值,然后进行系统状态分析;否则说明云存储器中的量测值已被窜改或者删除,数据分析者可以要求数据采集者重新采集数据。Verify that the verification evidence R generated by the cloud storage is equal to the correct verification information R' generated by the data analyst. If R'=R, it means that the measured values in the cloud storage are stored correctly, and the data analyst can safely download the required amount Then analyze the system status; otherwise, it means that the measured value in the cloud storage has been tampered with or deleted, and the data analyst can ask the data collector to re-collect the data.

上述面向云存储的智能电网负荷完整性攻击检测方法,当有数据分析者需要同时进行M个完整性验证请求时,则采用批量验证的方法:For the above cloud storage-oriented smart grid load integrity attack detection method, when a data analyst needs to perform M integrity verification requests at the same time, the method of batch verification is adopted:

首先,数据分析者向云存储器发送M个验证请求{chal};其次,云存储器接收到验证请求后,分别为每个验证请求生成验证证据Rm,且最后,数据分析者生成验证信息R'm,且再根据R'和R是否相等验证数据的完整性。First, the data analyst sends M verification requests {chal} to the cloud storage; secondly, after receiving the verification requests, the cloud storage generates verification evidence R m for each verification request, and Finally, the data analyst generates verification information R' m , and Then verify the integrity of the data according to whether R' and R are equal.

本发明通过加密技术保护系统量测值,减少量测值冗余,降低攻击检测的时间,防止虚假数据注入攻击。该方法通过云存储技术,将采集到的海量系统量测值存储到云端,使负荷完整性攻击检测适用于大规模数据,从而确保了电力系统的安全与稳定运行。The invention protects system measurement values through encryption technology, reduces redundancy of measurement values, reduces attack detection time, and prevents false data injection attacks. The method uses cloud storage technology to store the collected massive system measurement values in the cloud, making load integrity attack detection applicable to large-scale data, thus ensuring the safe and stable operation of the power system.

附图说明Description of drawings

图1是本发明的检测模型架构图;Fig. 1 is a detection model architecture diagram of the present invention;

图2是本发明流程图;Fig. 2 is a flowchart of the present invention;

图3是子块大小与所需时间关系;Fig. 3 is the relationship between sub-block size and required time;

图4是本文算法与极限学习机验证时间比较。Figure 4 is a comparison of the verification time between the algorithm in this paper and the extreme learning machine.

图中各标号分别表示为:mi为子块,mi,j为基本块,pk为公钥,sk为私钥,Ti,j为mi,j的标签信息,p和q是随机生成的两个大素数,h(·)为同态哈希函数,f(·)是伪随机函数,c为随机选择的系数,Ti为子块的标签信息,r是云存储器生成随机数,R是验证证据,chal是验证请求,是任一个数据块使用随机数r生成的标签信息R'是待检测文件的正确验证信息,Tr是抽取的数据生成的总的标签信息。The labels in the figure are respectively represented as: m i is a sub-block, m i,j is a basic block, pk is a public key, sk is a private key, T i,j is the label information of mi,j , p and q are random Two large prime numbers are generated, h( ) is a homomorphic hash function, f( ) is a pseudo-random function, c is a randomly selected coefficient, T i is the label information of the sub-block, and r is the random number generated by the cloud storage , R is the verification evidence, chal is the verification request, The label information R' generated by any data block using random number r is the correct verification information of the file to be detected, and T r is the total label information generated by the extracted data.

具体实施方式Detailed ways

下面结合附图对本发明作进一步说明。The present invention will be further described below in conjunction with accompanying drawing.

1.负荷完整性攻击检测模型设计1. Load integrity attack detection model design

负荷完整性攻击(LoadIntegrityAttack,LIA)检测模型的实体主要分为三个部分:数据采集者;云存储器;数据分析者。采集人员把智能仪表中采集到的量测值加密后,通过云动态保存到云存储器,电力系统可通过数据分析者对云存储器中的数据进行完整性验证。验证成功后,对正确存储的数据和信息进行状态估计,从而有效地阻止虚假数据注入到智能仪表中。LIA检测模型架构如图1所示。The entity of Load Integrity Attack (LIA) detection model is mainly divided into three parts: data collector; cloud storage; data analyzer. After the acquisition personnel encrypt the measurement values collected in the smart meter, they are dynamically saved to the cloud storage through the cloud, and the power system can verify the integrity of the data in the cloud storage through the data analyst. After the verification is successful, the state estimation is performed on the correctly stored data and information, thereby effectively preventing false data from being injected into the smart meter. The LIA detection model architecture is shown in Figure 1.

LIA检测主要分为如下三个步骤:LIA detection is mainly divided into the following three steps:

(1)数据采集者将智能仪表中采集的量测值存储到云存储器,云端处理并存储量测值。(1) The data collector stores the measurement values collected in the smart meter to the cloud storage, and the cloud processes and stores the measurement values.

(2)数据分析者可对云存储器中的量测值进行负荷完整性验证。(2) Data analysts can verify the load integrity of the measured values in the cloud storage.

(3)验证通过时,数据分析者可以下载数据并进行系统状态分析;当验证不通过时,则证明云存储器中的数据不正确,可以查找错误数据甚至重新采集。(3) When the verification is passed, the data analyst can download the data and analyze the system status; when the verification fails, it proves that the data in the cloud storage is incorrect, and the wrong data can be found or even collected again.

2.LIA检测算法设计思想2. Design idea of LIA detection algorithm

负荷完整性攻击检测算法(Load Integrity Attack–Attack Detection,LIA-AD)的流程图如图2所示。首先对采集的数据进行预处理操作,将各种数据结构处理成CIM/XML格式,并对文件进行分块操作。其次数据采集者进行初始化操作,生成公钥和私钥以及每个基本块的标签信息。然后由数据分析者发起验证攻击,验证存储在云存储器中的量测值是否完整。进而云存储器生成验证证据。最后数据分析者进行攻击验证,并依据验证结果决定对云存储器中的数据进行分析操作或者重新采集操作。The flow chart of Load Integrity Attack-Attack Detection (LIA-AD) is shown in Figure 2. Firstly, the collected data is preprocessed, various data structures are processed into CIM/XML format, and the files are divided into blocks. Secondly, the data collector performs the initialization operation to generate the public key and private key and the label information of each basic block. Then the data analyst initiates a verification attack to verify the integrity of the measurement values stored in the cloud storage. The cloud storage in turn generates verification evidence. Finally, the data analyst conducts attack verification, and decides to analyze or re-acquire the data in the cloud storage based on the verification results.

3.LIA-AD算法描述3.LIA-AD Algorithm Description

(1)预处理(1) Pretreatment

数据采集者将智能仪表中的数据采集后,调用密钥生成算法生成密钥参数,公钥公开,私钥自己保存。首先把各种结构的数据处理成CIM/XML数据文档格式F,并把F划分为n个子块,得到子块mi(1≤i≤n)。然后把每个子块划分为k个基本块,得到基本块mi,j(1≤i≤n.1≤j≤k)。构建一个状态表S-Table记录所有的子块mi,如表1所示。After collecting the data in the smart meter, the data collector invokes the key generation algorithm to generate key parameters, the public key is made public, and the private key is kept by itself. First, process the data of various structures into CIM/XML data file format F, and divide F into n sub-blocks to obtain sub-blocks m i (1≤i≤n). Then divide each sub-block into k basic blocks to obtain basic blocks m i,j (1≤i≤n.1≤j≤k). Construct a state table S-Table to record all sub-blocks m i , as shown in Table 1.

表1表S-Table的结构Table 1 Structure of S-Table

其中,FB表示子块,BN表示子块的物理序号,SN表示子块的插入顺序。云存储器存储密钥、标签信息集合和S-Table表。算法主要包括以下几个过程:Wherein, FB represents the sub-block, BN represents the physical serial number of the sub-block, and SN represents the insertion order of the sub-block. Cloud storage stores keys, tag information collections and S-Tables. The algorithm mainly includes the following processes:

(2)初始化(2) Initialization

初始化阶段的输入输出数据为:The input and output data in the initialization phase are:

输入:{d,e,N};Input: {d, e, N};

输出:{pk,sk,Ti,j,Ti}。Output: {pk, sk, T i,j , T i }.

其中N=p×q,p和q是随机生成的两个大素数,且p≠q。Φ(N)=(p-1)(q-1),随机数e∈[0,Φ(N)-1],且与Φ(N)互质。d满足ed≡1(modΦ(N))。公钥pk=(e,N),私钥sk=d,Ti,j为基本块mi,j(1≤i≤n.1≤j≤k)的标签,Ti为子块mi(1≤i≤n)的标签。Where N=p×q, p and q are two large prime numbers randomly generated, and p≠q. Φ(N)=(p-1)(q-1), the random number e∈[0,Φ(N)-1], and is relatively prime to Φ(N). d satisfies ed≡1(mod Φ(N)). Public key pk=(e,N), private key sk=d, T i,j is the label of basic block m i,j (1≤i≤n.1≤j≤k), T i is sub-block m i (1≤i≤n) labels.

数据采集者在此阶段生成公钥和私钥,用于数据分析者对存储在云存储器中的数据进行验证和解密。并为每个基本块mi,j(1≤i≤n.1≤j≤k)生成标签信息Ti,jData collectors generate public and private keys at this stage, which are used by data analysts to verify and decrypt data stored in cloud storage. And generate label information T i,j for each basic block m i,j (1≤i≤n.1≤j≤k):

把子块与子块的标签信息关联到S-Table上。其中h(·)为同态哈希函数,f(·)是伪随机函数。Associate the sub-block and the label information of the sub-block with the S-Table. Among them, h(·) is a homomorphic hash function, and f(·) is a pseudo-random function.

最后,信息采集者把文件F和关联表S-Table上传到云存储器中保存,并把S-Table共享给数据分析者。Finally, the information collector uploads the file F and the association table S-Table to the cloud storage for storage, and shares the S-Table with the data analyst.

(3)发起验证攻击(3) Initiate a verification attack

发起验证攻击阶段的输入输出数据为:The input and output data of the verification attack stage are:

输入:{c};input: {c};

输出:{chal}。Output: {chal}.

其中,c(1≤c≤n)为随机数,chal为验证请求。Among them, c (1≤c≤n) is a random number, and chal is a verification request.

攻击验证的主要目的是由数据分析者对云存储器中存储的数据进行公开验证,从而保证被存储的量测值未被窜改或者删除。验证的过程是数据采集者随机选择存储块中的c块进行验证,在下一小节中证明此种方法的安全性和高效性。The main purpose of attack verification is for data analysts to publicly verify the data stored in cloud storage, so as to ensure that the stored measurement values have not been tampered with or deleted. The verification process is that the data collector randomly selects block c in the storage block for verification. The security and efficiency of this method will be proved in the next section.

数据分析者随机输入一个系数c(1≤c≤n)发送给云存储器,云存储器接收c后,查找到对应的第c个子块,并根据子块包含的基本块的标签信息Ti,j计算得到子块的标签信息TiThe data analyst randomly inputs a coefficient c (1≤c≤n) and sends it to the cloud storage. After receiving c, the cloud storage finds the corresponding c-th sub-block, and according to the label information T i,j of the basic block contained in the sub-block Calculate the label information T i of the sub-block:

数据分析者生成随机数r∈[1,2k-1]和攻击验证请求chal。The data analyst generates a random number r ∈ [1,2 k -1] and an attack verification request chal.

(4)生成验证证据(4) Generate verification evidence

生产验证证据阶段的输入输出数据为:The input and output data for the production verification evidence phase are:

输入:{pk,chal};Input: {pk,chal};

输出:{R}。Output: {R}.

其中,pk为公钥,chal为数据分析者发送的攻击验证请求,R为云存储器生成的验证证据。Among them, pk is the public key, chal is the attack verification request sent by the data analyst, and R is the verification evidence generated by the cloud storage.

数据分析者为了验证云存储器中的量测值是否被正确存储,向云存储器发起挑战要求验证。云存储器接收到数据分析者的挑战后,生成挑战信息,即攻击验证证据,然后发送给数据分析者进行完整性验证。In order to verify whether the measured values in the cloud storage are stored correctly, the data analyst challenges the cloud storage for verification. After receiving the challenge from the data analyst, the cloud storage generates challenge information, which is the proof of attack verification, and then sends it to the data analyst for integrity verification.

攻击验证请求包括公钥pk和验证请求chal。云存储器收到攻击验证请求后,计算:The attack verification request includes the public key pk and the verification request chal. After Cloud Storage receives the attack verification request, it calculates:

er=er modN, (3)e r =e r mod N, (3)

并计算输出验证证据:And calculate the output verification proof:

(5)攻击验证(5) Attack verification

攻击验证阶段的输入输出数据为:The input and output data of the attack verification phase are:

输入:{R,pk,chal};Input: {R,pk,chal};

输出:{0or1}。Output: {0or1}.

其中,R为云存储器生成的验证证据,pk为公钥,chal为验证请求。输出结果为0或者1,代表验证结果成功,文件未被攻击;反之1代表验证失败,文件被攻击。Among them, R is the verification evidence generated by the cloud storage, pk is the public key, and chal is the verification request. If the output result is 0 or 1, it means that the verification result is successful, and the file is not attacked; otherwise, 1 means that the verification fails, and the file is attacked.

数据分析者收到验证证据后,开始进行负荷完整性验证。验证过程如下。After the data analyst receives the proof of verification, he starts to verify the integrity of the load. The verification process is as follows.

由验证证据R、待检测文件的公钥pk、子块mi的标签信息Ti以及验证请求chal,计算:From the verification evidence R, the public key pk of the file to be detected, the label information T i of the sub-block m i and the verification request chal, calculate:

数据分析者为待检测文件生成正确的验证请求:The data analyst generates the correct verification request for the file to be detected:

R'=Trmod N (6)R'=T r mod N (6)

验证由云存储器生成的验证证据R和数据分析者生成的正确的验证信息R'是否相等。若:Verify whether the verification evidence R generated by the cloud storage is equal to the correct verification information R' generated by the data analyst. like:

R'=R (7)R'=R (7)

则返回0,即云存储器中的量测值被正确的存储,数据分析者可以安全的下载需要的量测值,然后进行系统状态分析。否则返回1,代表云存储器中的量测值已被窜改或者删除,数据分析者可以要求数据采集者进行重新采集。If it returns 0, it means that the measured values in the cloud storage are correctly stored, and data analysts can safely download the required measured values, and then analyze the system status. Otherwise, it returns 1, which means that the measured value in the cloud storage has been tampered with or deleted, and the data analyst can ask the data collector to re-collect.

(6)批量验证(6) Batch verification

当有数据分析者需要同时进行M个完整性验证请求时,我们采用批量验证的方法。首先,向云存储器发送M个验证请求chal。其次,云存储器接收到验证请求后,分别为每个验证请求生成验证证据Rm,且最后,数据分析者生成验证信息R'm,且再验证数据的完整性。When there are data analysts who need to perform M integrity verification requests at the same time, we adopt the method of batch verification. First, M verification requests chal are sent to the cloud storage. Secondly, after cloud storage receives the verification request, it generates verification evidence R m for each verification request, and Finally, the data analyst generates verification information R' m , and Verify the integrity of the data again.

4.正确性分析4. Correctness analysis

本文负荷完整性攻击验证方法主要是针对保护系统量测值进行验证。将系统量测值动态存储到云存储器,防止被攻击者获取、窜改或者删除,数据分析者为了正确地对系统量测值进行状态分析,首先进行完整性验证,验证通过后再下载相关数据并进行状态分析。对于本方法的正确性进行证明,证明结果如下。The load integrity attack verification method in this paper is mainly to verify the measurement value of the protection system. The system measurement value is dynamically stored in the cloud storage to prevent the attacker from obtaining, tampering or deleting. In order to correctly analyze the state of the system measurement value, the data analyst first performs integrity verification, and then downloads the relevant data after the verification is passed. Perform status analysis. To prove the correctness of this method, the proof results are as follows.

对等式(7)进行验证,计算步骤为:To verify equation (7), the calculation steps are:

如上所示,得到等式R'=R,证明本文方法是正确的。若存在不等式R'≠R,则证明存储在云存储器中的系统量测值被攻击者窜改或者删除,则需要重新采集数据以进行系统状态分析。As shown above, the equation R'=R is obtained, which proves that the method in this paper is correct. If there is an inequality R'≠R, it proves that the system measurement values stored in the cloud storage have been tampered with or deleted by the attacker, and the data needs to be re-collected for system state analysis.

5.安全性分析5. Security Analysis

智能电网信息交换一般是将量测数据传递给控制中心,而错误的量测数据会干扰控制中心做出不合理的状态估计。在符合完整性攻击中,存在两个重要问题:1)攻击者窜改或者删除保存在云存储器中的系统量测值,影响系统状态估计,从而达到攻击目的。2)攻击者试图通过获取并分析系统量测值,进而将预先制定的数据注入到智能仪表采集到的数据中,即安全地存储到云存储器,并不被数据采集人员和数据分析人员发现,影响系统状态估计。为了证明本文方案的安全性,本文就上述两个问题的安全性进行证明。Smart grid information exchange generally transmits measurement data to the control center, and wrong measurement data will interfere with the control center to make unreasonable state estimates. In conformity integrity attacks, there are two important problems: 1) The attacker tampers or deletes the system measurement values stored in the cloud storage, which affects the system state estimation, so as to achieve the attack purpose. 2) The attacker tries to inject the pre-specified data into the data collected by the smart meter by obtaining and analyzing the measured value of the system, that is, it is safely stored in the cloud storage, and will not be discovered by the data collectors and data analysts. Affects system state estimation. In order to prove the security of this scheme, this paper proves the security of the above two problems.

为了证明云存储器中的系统量测值没有被攻击者窜改或者删除,即证明本文的完整性验证方案是正确的并且安全的。In order to prove that the system measurement value in the cloud storage has not been tampered or deleted by the attacker, it proves that the integrity verification scheme in this paper is correct and safe.

定理1在大整数因式分解困难性问题的假设下,LIA-AD算法是安全的。Theorem 1 Under the assumption that the factorization of large integers is difficult, the LIA-AD algorithm is safe.

证明:假若攻击者进行攻击,则有以下步骤:Proof: If an attacker conducts an attack, the steps are as follows:

(1)密钥生成。数据采集者生成公钥和私钥,并将公钥公开。(1) Key generation. The data collector generates a public key and a private key, and makes the public key public.

(2)标签生成。攻击者把子块mi(1≤i≤n)发送给数据采集者,数据采集者对子块mi中的基本块签名,得到标签Ti,并将信息发送给攻击者。(2) Label generation. The attacker sends the sub-block m i (1≤i≤n) to the data collector, and the data collector signs the basic block in the sub-block m i , obtains the label T i , and sends the information to the attacker.

(3)生成验证证据。数据分析者生成验证请求chal发送给攻击者,攻击者根据验证请求chal和子块mi(1≤i≤n)及其对应的标签信息Ti生成一个检测信息R,并发送给数据分析者。(3) Generate verification evidence. The data analyst generates a verification request chal and sends it to the attacker, and the attacker generates a detection information R according to the verification request chal and the sub-block m i (1≤i≤n) and its corresponding label information T i , and sends it to the data analyst.

(4)攻击验证。数据分析者根据攻击者返回的数据完整性证据{mi',r',e'}计算验证信息,得到(4) Attack verification. The data analyst calculates the verification information according to the data integrity evidence {m i ', r', e'} returned by the attacker, and obtains

其中,mi'为攻击者生成的子块,r'和e'为攻击者生成的两个随机数。Among them, m i 'is the sub-block generated by the attacker, and r' and e' are two random numbers generated by the attacker.

如果攻击者想要攻击成功,则必须使mi'=mi,r'=r,e'=e,则R'=R成立。当攻击者篡改或者删除一部分子块mi(1≤i≤n)时,若想通过完整性验证,则攻击者必须伪造出合适的mi'=mi,r'=r,e'=e使R'=R成立,即攻击者有能力伪造出两个大随机素数p和q,满足p≠q,且gp=gqmodN,其中g是整数集ZN *的一个生成元。所以,成立,从而p-q可以用来进行分解大整数N。If the attacker wants to attack successfully, he must make m i '=m i , r'=r, e'=e, then R'=R is established. When an attacker tampers or deletes a part of sub-block m i (1≤i≤n), if he wants to pass the integrity verification, the attacker must forge a suitable m i '=m i ,r'=r,e'= e makes R'=R established, that is, the attacker has the ability to forge two large random prime numbers p and q, satisfying p≠q, and g p =g q modN, where g is a generator of the integer set Z N * . so, Established, so that pq can be used to decompose a large integer N.

所以,在大整数因式分解困难性问题的假设下,若攻击者想要通过篡改或者伪造数据通过完整性验证,则攻击者必须正确地持有全部的系统量测值和所有的标签信息。即证明在大整数因式分解困难性问题的假设下,存储在云存储器中的系统量测值无法被攻击者窜改或者删除。Therefore, under the assumption of the difficulty of factoring large integers, if an attacker wants to pass integrity verification by tampering or forging data, the attacker must correctly hold all system measurement values and all label information. That is, it is proved that under the assumption of the difficulty of factoring large integers, the system measurement values stored in the cloud storage cannot be tampered or deleted by attackers.

问题2中攻击者试图通过将预先分析的数据注入智能仪表中,即安全地存储在云存储器,则攻击者必须具备数据采集者的特权,比如私钥和密钥。证明过程如下。In problem 2, the attacker tries to inject the pre-analyzed data into the smart meter, which is safely stored in the cloud storage, the attacker must have the privileges of the data collector, such as the private key and key. The proof process is as follows.

定理2在大整数因式分解困难性问题的假设下,将注入的虚假数据保存到云存储器是困难的。Theorem 2 Under the assumption of the large integer factorization difficulty problem, it is difficult to save the injected false data to cloud storage.

证明:LIA是一种新型的虚假数据注入攻击,攻击者通过对大量智能仪表中的信息收集并分析,向智能仪表中注入预先制定的虚假数据。但攻击者若想成功,就必须要把虚假数据成功地保存到云存储器。首先初始化。攻击者由密钥生成算法生成公私钥对(pk',sk'),随机生成两个大素数p'和q',且p'≠q',计算N'=p'×q'和随机生成随机数e'(e'∈ZN),使gcd(e',Φ(N'))=1。则公钥pk'=(N',e'),私钥sk'=(p',q')。Proof: LIA is a new type of false data injection attack. Attackers inject pre-formulated false data into smart meters by collecting and analyzing information from a large number of smart meters. But for an attacker to succeed, they must successfully save the false data to cloud storage. Initialize first. The attacker generates a public-private key pair (pk', sk') by the key generation algorithm, randomly generates two large prime numbers p' and q', and p'≠q', calculates N'=p'×q' and Randomly generate random number e'(e'∈Z N ), make gcd(e',Φ(N'))=1. Then the public key pk'=(N', e'), and the private key sk'=(p', q').

但是,公钥是公开的,即pk=pk',N=N',e=e',攻击者若想得到私钥sk,则必须计算N'=N=p×q,并分解。所以在大整数因式分解困难性问题的假设下,攻击者得到私钥是困难的,即攻击者将注入的虚假数据保存到云存储器是困难的。However, the public key is public, that is, pk=pk', N=N', e=e', if an attacker wants to obtain the private key sk, he must calculate N'=N=p×q and decompose it. Therefore, under the assumption of the difficulty of factoring large integers, it is difficult for the attacker to obtain the private key, that is, it is difficult for the attacker to save the injected false data to the cloud storage.

为了验证所设计的LIA-AD算法可行性、有效性,进行了相关实验。采用Matlab2010b环境生成IEEE118节点标准测试样例,硬件配置为CPU Intel core 2duo 3.4GHz,1.5G RAM。在计算机集群中模拟物理节点、传感器、控制器和控制中心等部件。在物理节点网络底层设置了模型计算中心,并借助Matpower工具包生成标准节点的量测数据,其中生成IEEE118-bus节点系统量测数据900条,虚假量测数据900条。采用最优电力路径算法实时模拟电网状态使其符合电网规律,并在控制中心建立状态估计机制,全面真实的反映电力系统状态。In order to verify the feasibility and effectiveness of the designed LIA-AD algorithm, related experiments were carried out. Using Matlab2010b environment to generate IEEE118 node standard test samples, the hardware configuration is CPU Intel core 2duo 3.4GHz, 1.5G RAM. Simulate components such as physical nodes, sensors, controllers, and control centers in a computer cluster. A model computing center is set up at the bottom layer of the physical node network, and the measurement data of standard nodes is generated with the help of the Matpower toolkit, including 900 pieces of IEEE118-bus node system measurement data and 900 pieces of false measurement data. The optimal power path algorithm is used to simulate the state of the power grid in real time to make it conform to the law of the power grid, and a state estimation mechanism is established in the control center to fully and truly reflect the state of the power system.

6.实验与结果分析6. Experiment and result analysis

本文实验环境是在实验室搭建4个节点的Hadoop云平台,每个节点的机器配置为Intel(R)Core(TM)i5-24004-core CPU@2.60GHz,4GBRAM,网络带宽为100Mbit/s,Hadoop版本为0.20.2。The experimental environment of this paper is to build a Hadoop cloud platform with 4 nodes in the laboratory. The machine configuration of each node is Intel(R) Core(TM) i5-24004-core CPU@2.60GHz, 4GB RAM, and the network bandwidth is 100Mbit/s. Hadoop version is 0.20.2.

首先,我们对生成的900条量测数据处理为CIM/XML文件格式,将解析后的文档加密后保存在HBase中,并对其进行负荷完整性验证。First, we processed the generated 900 pieces of measurement data into CIM/XML file format, encrypted the parsed document and saved it in HBase, and verified the integrity of the load.

(1)实验1安全性实验(1) Experiment 1 Safety Experiment

对三个系统量测值(A、B、C)进行分块并签名后存储,对A删除10%的数据,对B修改10%的数据,对C不做任何操作。最后,对三个系统量测值进行完整性检测。检测结果如表2所示。Block and sign the three system measurement values (A, B, C) and store them, delete 10% of the data for A, modify 10% of the data for B, and do nothing for C. Finally, integrity checks are performed on the three system measurements. The test results are shown in Table 2.

表2检测结果Table 2 Test results

通过实验得到,文件被窜改或者删除后,都无法通过LIA-AD算法的完整性检测,只有没有修改的文件可以通过完整性验证。证明本文方案是安全的。Through experiments, it is found that after the file is tampered with or deleted, it cannot pass the integrity test of the LIA-AD algorithm, and only the unmodified file can pass the integrity verification. It is proved that the scheme in this paper is safe.

(2)实验2时间开销实验(2) Experiment 2 time overhead experiment

对于同一个系统量测值,选择不同的文件子块大小,求完整性检测中的时间开销。假设A文件中有900条量测数据,对其进行CIM/XML数据文档解析后,大约有10MB,当有虚假数据攻击时,求LIA-AD算法的平均时间开销。子块大小依次选择2、4、8、16、32、64、128KB,每次选取460块,记录每次的时间和通信开销。实验结果如图3所示。For the same system measurement value, choose different file sub-block sizes, and find the time overhead in integrity testing. Assume that there are 900 pieces of measurement data in file A. After parsing the CIM/XML data file, it will be about 10MB. When there is a false data attack, find the average time overhead of the LIA-AD algorithm. Select 2, 4, 8, 16, 32, 64, and 128KB in order for the size of the sub-blocks, select 460 blocks each time, and record the time and communication overhead each time. The experimental results are shown in Figure 3.

实验结果表明,LIA-AD算法中,文件子块的大小与验证和检测阶段的开销几乎没有影响,计算时间基本稳定,验证完整性阶段平均需要1.61s,验证信息生成阶段平均需要0.64s,检测请求阶段平均需要0.14s,计算时间总体需要2.39s。The experimental results show that in the LIA-AD algorithm, the size of the file sub-block has almost no effect on the overhead of the verification and detection stages, and the calculation time is basically stable. The average time for the verification integrity stage is 1.61s, and the average verification information generation stage is 0.64s. The request stage takes an average of 0.14s, and the calculation time takes 2.39s overall.

(3)实验3与其他方法的比较实验(3) Comparison experiment between Experiment 3 and other methods

将LIA-AD算法的验证时间与几种基本的极限学习机中神经元的激活函数检测所需时间进行对比,对比结果如图4所示。从图4可以看出不同的激活函数所需的平均训练时间、平均检测时间和总时间是不同的。而本文的LIA-AD算法所需的总时间最少。The verification time of the LIA-AD algorithm is compared with the time required to detect the activation function of neurons in several basic extreme learning machines, and the comparison results are shown in Figure 4. It can be seen from Figure 4 that the average training time, average detection time and total time required for different activation functions are different. However, the total time required by the LIA-AD algorithm in this paper is the least.

极限学习机是进行负荷完整性攻击验证的基本方法,通过极限学习机分类器中神经元的激活函数,把数据降到5维后,再进行100次试验,得到平均检测时间。由于极限学习机需要先训练样本数据后,再进行负荷完整性攻击检测,而本文所提出的LIA-AD算法是在对数据加密后,直接进行负荷完整性攻击验证,大大节省了攻击验证所需时间。The extreme learning machine is the basic method for load integrity attack verification. Through the activation function of the neurons in the extreme learning machine classifier, the data is reduced to 5 dimensions, and then 100 trials are performed to obtain the average detection time. Since the extreme learning machine needs to train the sample data first, and then perform the load integrity attack detection, the LIA-AD algorithm proposed in this paper directly performs the load integrity attack verification after encrypting the data, which greatly saves the attack verification. time.

Claims (2)

1.一种面向云存储的智能电网负荷完整性攻击检测方法,其特征是,所述方法首先由数据采集者将智能仪表采集到的电网负荷数据加密后,通过云动态保存到云存储器;然后由数据分析者发起验证攻击;进而由云存储器生成验证证据;最后由数据分析者进行攻击验证,并依据验证结果决定对云存储器中的数据进行分析操作或者重新采集操作;1. A cloud-storage-oriented smart grid load integrity attack detection method is characterized in that, the method first encrypts the power grid load data collected by the smart meter by the data collector, and then dynamically saves it to the cloud storage through the cloud; then The verification attack is initiated by the data analyst; then the verification evidence is generated by the cloud storage; finally, the data analyst conducts the attack verification, and decides to analyze or re-acquire the data in the cloud storage according to the verification result; 所述方法按以下步骤进行:The method is carried out as follows: a.数据采集者对智能仪表采集的数据进行预处理操作,将各种数据结构处理成CIM/XML格式,并对文件进行分块操作:a. Data collectors preprocess the data collected by smart meters, process various data structures into CIM/XML format, and perform block operations on files: 数据采集者将智能仪表中的数据采集后,首先把各种结构的数据处理成CIM/XML数据文档格式F,并把F划分为n个子块,得到子块mi(1≤i≤n),然后把每个子块划分为k个基本块,得到基本块mi,j(1≤i≤n.1≤j≤k),构建一个状态表S-Table记录所有的子块miAfter collecting the data in the smart instrument, the data collector first processes the data of various structures into the CIM/XML data file format F, and divides F into n sub-blocks to obtain the sub-block m i (1≤i≤n) , and then divide each sub-block into k basic blocks to obtain basic blocks m i,j (1≤i≤n.1≤j≤k), and build a state table S-Table to record all sub-blocks m i ; b.数据采集者进行初始化操作,生成公钥和私钥以及每个基本块的标签信息:b. Data collectors perform initialization operations to generate public and private keys and label information for each basic block: 数据采集者调用密钥生成算法生成公钥pk=(e,N)和私钥sk=d,公钥公开,私钥自己保存;并生成每个基本块mi,j(1≤i≤n.1≤j≤k)的标签信息Ti,jThe data collector calls the key generation algorithm to generate the public key pk=(e,N) and the private key sk=d, the public key is made public, and the private key is kept by itself; and each basic block m i,j (1≤i≤n .1≤j≤k) label information T i,j : 其中N=p×q,p和q是随机生成的两个大素数,且p≠q,Φ(N)=(p-1)(q-1),随机数e∈[0,Φ(N)-1],且与Φ(N)互质,d满足ed≡1(modΦ(N)),h(·)为同态哈希函数,f(·)是伪随机函数;Where N=p×q, p and q are two large prime numbers randomly generated, and p≠q, Φ(N)=(p-1)(q-1), random number e∈[0,Φ(N )-1], and is relatively prime to Φ(N), d satisfies ed≡1(modΦ(N)), h(·) is a homomorphic hash function, and f(·) is a pseudorandom function; 数据采集者把子块与子块的标签信息关联到S-Table上,把文件F和关联表S-Table上传到云存储器中保存,并把S-Table共享给数据分析者;The data collector associates the sub-block and sub-block label information with the S-Table, uploads the file F and the associated table S-Table to the cloud storage for storage, and shares the S-Table with the data analyst; c.数据分析者发起验证攻击:c. The data analyst launches a verification attack: 数据分析者随机选择一个系数c(1≤c≤n)发送给云存储器,云存储器接收到c后,查找到对应的第c个子块,并根据子块包含的基本块的标签信息Ti,j计算得到子块的标签信息TiThe data analyst randomly selects a coefficient c (1≤c≤n) and sends it to the cloud storage. After receiving c, the cloud storage finds the corresponding cth sub-block, and according to the label information T i of the basic block contained in the sub-block, j calculates the label information T i of the sub-block: 数据分析者生成随机数r∈[1,2k-1]和攻击验证请求chal={r,c};Data analyst generates random number r∈[1,2 k -1] and attack verification request chal={r,c}; d.云存储器生成验证证据R:d. Cloud storage generates verification evidence R: 云存储器计算:Cloud storage computing: er=er mod Ne r =e r mod N 并计算输出验证证据:And calculate the output verification proof: 然后将子块的标签信息Ti和验证证据R发送给数据分析者;Then send the tag information T i and verification evidence R of the sub-block to the data analyst; e.数据分析者进行攻击验证:e. Data analysts conduct attack verification: 数据分析者由验证证据R、待检测文件的公钥pk、子块mi的标签信息Ti以及验证请求chal,计算:The data analyst calculates from the verification evidence R, the public key pk of the file to be detected, the label information T i of the sub-block mi and the verification request chal: N是公钥pk里的参数,Ti是第i个数据块的标签,与Tt是一个意思,代表的是第t个数据块的标签;N is the parameter in the public key pk, T i is the label of the i-th data block, and T t is the same meaning, representing the label of the t-th data block; 其中,t,1≤t≤c是随机抽取的数据块个数,Tt r是任一个数据块使用随机数r生成的标签信息;Among them, t,1≤t≤c is the number of randomly selected data blocks, and T t r is the label information generated by any data block using a random number r; 数据分析者为待检测文件生成正确的验证信息:The data analyst generates the correct verification information for the file to be detected: R'=Tr mod NR'=T r mod N 其中,Tr是抽取的数据生成的总的标签信息;比较等式R'=R是否成立;Among them, T r is the total label information generated by the extracted data; whether the comparison equation R'=R is established; 验证由云存储器生成的验证证据R和数据分析者生成的正确的验证信息R'是否相等,若R'=R说明云存储器中的量测值被正确存储,数据分析者可以安全下载需要的量测值,然后进行系统状态分析;否则说明云存储器中的量测值已被窜改或者删除,数据分析者可以要求数据采集者重新采集数据。Verify that the verification evidence R generated by the cloud storage is equal to the correct verification information R' generated by the data analyst. If R'=R, it means that the measured values in the cloud storage are stored correctly, and the data analyst can safely download the required amount Then analyze the system status; otherwise, it means that the measured value in the cloud storage has been tampered with or deleted, and the data analyst can ask the data collector to re-collect the data. 2.根据权利要求1所述的一种面向云存储的智能电网负荷完整性攻击检测方法,其特征是,当有数据分析者需要同时进行M个完整性验证请求时,则采用批量验证的方法:2. a kind of cloud storage-oriented smart grid load integrity attack detection method according to claim 1 is characterized in that, when there are data analysts who need to carry out M integrity verification requests simultaneously, then adopt the method of batch verification : 首先,数据分析者向云存储器发送M个验证请求{chal};其次,云存储器接收到验证请求后,分别为每个验证请求生成验证证据Rm,且最后,数据分析者生成验证信息R'm,且再根据R'和R是否相等验证数据的完整性。First, the data analyst sends M verification requests {chal} to the cloud storage; secondly, after receiving the verification requests, the cloud storage generates verification evidence R m for each verification request, and Finally, the data analyst generates verification information R' m , and Then verify the integrity of the data according to whether R' and R are equal.
CN201610943338.XA 2016-11-02 2016-11-02 A kind of smart grid load integrality attack detection method towards cloud storage Expired - Fee Related CN106375344B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610943338.XA CN106375344B (en) 2016-11-02 2016-11-02 A kind of smart grid load integrality attack detection method towards cloud storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610943338.XA CN106375344B (en) 2016-11-02 2016-11-02 A kind of smart grid load integrality attack detection method towards cloud storage

Publications (2)

Publication Number Publication Date
CN106375344A CN106375344A (en) 2017-02-01
CN106375344B true CN106375344B (en) 2019-08-02

Family

ID=57894185

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610943338.XA Expired - Fee Related CN106375344B (en) 2016-11-02 2016-11-02 A kind of smart grid load integrality attack detection method towards cloud storage

Country Status (1)

Country Link
CN (1) CN106375344B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109218254A (en) * 2017-06-29 2019-01-15 广东高电科技有限公司 A method of detection electric network data cloud storage integrality
CN107463487B (en) * 2017-08-03 2020-12-29 国网江苏省电力有限公司信息通信分公司 A distributed host performance collection system and performance collection method
CN109165504B (en) * 2018-08-27 2021-05-07 广西大学 Power system false data attack identification method based on anti-generation network
CN112260989B (en) * 2020-09-16 2021-07-30 湖南大学 Power system and network malicious data attack detection method, system and storage medium
CN116684118A (en) * 2023-04-11 2023-09-01 广州大学 Data signature defense method for false data injection attack based on smart grid
CN118018271B (en) * 2024-01-31 2024-07-12 东华大学 A method and system for estimating the security state of a networked system against eavesdropping

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8533231B2 (en) * 2011-08-12 2013-09-10 Nexenta Systems, Inc. Cloud storage system with distributed metadata
CN103700041A (en) * 2014-01-16 2014-04-02 湖南大学 Cloud computation-based smart grid load prediction management platform
CN103905469B (en) * 2014-04-30 2017-01-04 电子科技大学 Security control system and method applied to smart grid wireless sensing network and cloud computing
CN104394155B (en) * 2014-11-27 2017-12-12 暨南大学 It can verify that multi-user's cloud encryption keyword searching method of integrality and completeness

Also Published As

Publication number Publication date
CN106375344A (en) 2017-02-01

Similar Documents

Publication Publication Date Title
CN106375344B (en) A kind of smart grid load integrality attack detection method towards cloud storage
Zhu et al. Dynamic audit services for outsourced storages in clouds
CN113691380B (en) Multidimensional private data aggregation method in smart power grid
Li et al. An identity-based data integrity auditing scheme for cloud-based maritime transportation systems
CN103414690A (en) Publicly-verifiable cloud data possession checking method
CN113364595B (en) Power grid private data signature aggregation method and device and computer equipment
CN115037556B (en) Authorized sharing method for encrypted data in smart city system
Muthulakshmi et al. Interplanetary file system and blockchain for secured smart grid networks
CN112100278B (en) Intelligent system data supervision method based on private chain
Wang et al. AI-Enhanced Secure Data Aggregation for Smart Grids with Privacy Preservation.
CN113141247A (en) Homomorphic encryption method, device and system and readable storage medium
CN115514515A (en) Network behavior credibility analysis system and processing device
CN117955751B (en) Electronic equipment abnormal data detection method and system based on Internet of things
CN120165847A (en) Authentication method, device, equipment and storage medium based on quantum key and PUF
CN118797744A (en) A safe and efficient fine-grained data analysis method for distribution networks
CN116346474B (en) Virtual power plant-oriented distributed energy source safety access method and system
Yu et al. Edasvic: Enabling efficient and dynamic storage verification for clouds of industrial internet platforms
Li et al. Unified authentication scheme for iot blockchain based on puf
Javed et al. Securing Synchrophasors Using Data Provenance in the Quantum Era
CN104486311A (en) Extensibility-supporting remote data integrity check method
Zhang Optimization of data packet encryption algorithm in network link transport layer
CN115378642A (en) Block chain-based electric power measurement data source tamper-proof verification system and method
Kamalam et al. A Study on Post‐Quantum Blockchain: The Next Innovation for Smarter and Safer Cities
Cai et al. Design and Implementation of Image Copyright Protection System Based on Chinese Cryptographic Algorithms
CN115514490B (en) Smart grid data aggregation method, device and system based on Chinese remainder theorem

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190802

Termination date: 20201102

CF01 Termination of patent right due to non-payment of annual fee