融合状态估计和深度学习的智能电网异常检测模型  

作　　者：郑铁军 张宏杰 王景 王洋 ZHENG Tie-jun;ZHANG Hong-jie;WANG Jing;WANG Yang(State Grid Ningxia Electric Power Co.Ltd.,Yinchuan 750001,China;Beijing Kedong Power Control System Co.Ltd.,Beijing 100192,China)

机构地区：[1]国网宁夏电力有限公司,宁夏银川750001 [2]北京科东电力控制系统有限责任公司,北京100192

出　　处：《兰州理工大学学报》2025年第2期143-151,共9页Journal of Lanzhou University of Technology

基　　金：国网宁夏电力有限公司科技项目(5229NX230008)。

摘　　要：针对Web攻击和DDoS攻击引发的电力系统中一系列难以检测的网络安全事件问题,提出了一种加权最小二乘法、扩展卡尔曼滤波器与两阶段深度学习异常检测模型相融合的智能电网异常检测方法.该方法采用自适应合成采样算法,解决了电力系统中网络安全数据分布不平衡问题;融合加权最小二乘法和扩展卡尔曼滤波器,借助电力系统中的动态非线性特性,通过精确的状态估计提高了智能电网异常检测的准确性,并使用χ^(2)检验和异常检测指数检测了电力系统中的安全风险;在此基础上,将改进的深度神经网络模型和多重BiLSTM网络模型相结合,对网络安全风险事件进行了分类识别.将该方法在CICIDS2017数据集上进行数值模拟验证.数值仿真结果表明该方法能有效检测出各类攻击,具有更好的异常检测能力,并对网络安全风险事件分类精度提升了3.85%.Aiming at a series of difficult to detect network security events in power system caused by Web attacks and DDoS attacks,a smart power grid anomaly detection method that combines the weighted least squares method,extended Kalman filter,and a two-stage deep learning anomaly detection model is proposed.This method first adopts an adaptive composite sampling algorithm to address the issue of imbalanced distribution of network security data in the power system;Then,by integrating the weighted least squares method and the extended Kalman filter to utilize the dynamic nonlinear characteristics in the power system,the accuracy of intelligent power grid anomaly detection is improved through accurate state estimation,and safety risks in the power system are detected using the chi-square test and anomaly detection indicators;On this basis,the improved deep neural network model and multiple BiLSTM network models are combined to achieve the classification and recognition of network security risk events.Finally,the proposed method was numerical simulation verified on the CICIDS2017 dataset.The numerical simulation results show that this method can effectively detect various attacks,it has better anomaly detection capability and improve the accuracy of network security risk event classification by 3.85%.

关 键 词：智能电网 状态估计 异常检测 自适应合成采样 

分 类 号：O235[理学—运筹学与控制论]