CN113098897B - Asymmetric encryption transmission method and system for data in networked control system - Google Patents

Asymmetric encryption transmission method and system for data in networked control system Download PDF

Info

Publication number
CN113098897B
CN113098897B CN202110454801.5A CN202110454801A CN113098897B CN 113098897 B CN113098897 B CN 113098897B CN 202110454801 A CN202110454801 A CN 202110454801A CN 113098897 B CN113098897 B CN 113098897B
Authority
CN
China
Prior art keywords
data
model
encryption
sensor data
control system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110454801.5A
Other languages
Chinese (zh)
Other versions
CN113098897A (en
Inventor
蒋宇辰
吴诗梦
罗浩
张九思
尹珅
李献领
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Harbin Institute of Technology
Original Assignee
Harbin Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Harbin Institute of Technology filed Critical Harbin Institute of Technology
Priority to CN202110454801.5A priority Critical patent/CN113098897B/en
Publication of CN113098897A publication Critical patent/CN113098897A/en
Application granted granted Critical
Publication of CN113098897B publication Critical patent/CN113098897B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Arrangements For Transmission Of Measured Signals (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A data asymmetric encryption transmission method and system in a networked control system belong to the technical field of data security transmission. The invention solves the problem of limited anti-eavesdropping attack performance of the existing method. By designing different encryption methods of the encryption key and the decryption key, the invention improves the difficulty of an attacker who steals information to crack the encryption information, improves the performance of resisting eavesdrop attacks, and has larger key space. And the data quantity of the transmission data can be reduced by compressing the self-encoder, and the efficiency of data transmission is improved. The invention can be applied to the transmission of data in a networked control system.

Description

Asymmetric encryption transmission method and system for data in networked control system
Technical Field
The invention belongs to the technical field of data security transmission, and particularly relates to a data asymmetric encryption transmission method and system in a networked control system.
Background
With the advent of the 4.0 era of industry, large-scale infrastructures began to be equipped with monitoring and data acquisition systems that interacted with information via a communication network, allowing data to flow in time between digital controllers, sensors and actuators. However, the use of communication networks makes information-physical systems vulnerable to potential cyber-threats. Measurement and control data in these systems are transmitted through unprotected communication channels, so that the systems are vulnerable to attacks of communication networks, such as eavesdropping attacks, and currently, the eavesdropping attacks are mainly prevented by adopting a mode of improving the confidentiality of transmission signals of the systems, such as cryptographic encryption technology, randomization method and the like, and although the existing method has made a certain progress in research of eavesdropping attacks, the eavesdropping attack resistance of the existing method is still limited in general.
Disclosure of Invention
The invention aims to solve the problem of limited anti-eavesdropping attack performance of the existing method, and provides a data asymmetric encryption transmission method and system in a networked control system.
The technical scheme adopted by the invention for solving the technical problems is as follows:
based on one aspect of the invention, the data asymmetric encryption transmission method in the networked control system comprises the following steps:
taking an encoding part of the self-encoder as an encryption model of data and a decoding part of the self-encoder as a decryption model of the data, wherein the number of layers of the encoding part of the self-encoder is the same as that of the decoding part, and the number of nodes of the encoding part and the decoding part of the self-encoder are in mirror symmetry;
respectively carrying out normalization processing on data in each dimension of the original sensor data collected by history, and training an encryption model and a decryption model by utilizing the normalized data;
storing the maximum value and the minimum value of each feature extracted by the encryption model in the historical sensor data;
step three, packaging the trained encryption model and decryption model, wherein the function relationship after packaging is as follows:
encryption model: x is x trans =f(x meas )
Decryption model:
Figure BDA0003040092750000011
wherein x is meas For the sensor data to be encrypted, x trans In order to encrypt the sensor data,
Figure BDA0003040092750000012
for decrypted sensor data;
step four, at the transmitting end, normalizing the data to be transmitted according to the maximum value and the minimum value of each stored characteristic in the historical sensor data to obtain the data to be transmitted after normalization;
inputting the data to be transmitted after normalization processing into an encapsulated encryption model for encryption processing, and transmitting the encrypted data;
and fifthly, inputting the encrypted data into a packaged decryption model at the receiving end, decrypting the encrypted data, and performing inverse normalization on the decrypted data to obtain the data transmitted by the transmitting end.
Based on another aspect of the invention, the data asymmetric encryption transmission system in the networked control system is used for executing the data asymmetric encryption transmission method in the networked control system.
The beneficial effects of the invention are as follows: the invention provides a data asymmetric encryption transmission method and a system in a networked control system. And the data quantity of the transmission data can be reduced by compressing the self-encoder, and the efficiency of data transmission is improved.
Drawings
Fig. 1 is a flowchart of a data asymmetric encryption transmission method in a networked control system according to the present invention.
Detailed Description
Detailed description of the inventionin the first embodiment, this embodiment will be described with reference to fig. 1. The asymmetric encryption transmission method for data in the networked control system specifically comprises the following steps:
taking an encoding part of the self-encoder as an encryption model of data and a decoding part of the self-encoder as a decryption model of the data, wherein the number of layers of the encoding part of the self-encoder is the same as that of the decoding part, and the number of nodes of the encoding part and the decoding part of the self-encoder are in mirror symmetry;
respectively carrying out normalization processing on data in each dimension of the original sensor data collected by history, and training an encryption model and a decryption model by utilizing the normalized data;
storing the maximum value and the minimum value of each feature extracted by the encryption model in the historical sensor data;
step three, packaging the trained encryption model and decryption model, wherein the function relationship after packaging is as follows:
encryption model: x is x trans =f(x meas ) (7)
Decryption model:
Figure BDA0003040092750000021
wherein x is meas For the sensor data to be encrypted, x trans In order to encrypt the sensor data,
Figure BDA0003040092750000022
for decrypted sensor data;
step four, at the transmitting end, normalizing the data to be transmitted according to the maximum value and the minimum value of each stored characteristic in the historical sensor data to obtain the data to be transmitted after normalization;
inputting the data to be transmitted after normalization processing into an encapsulated encryption model for encryption processing, and transmitting the encrypted data;
and fifthly, inputting the encrypted data into a packaged decryption model at the receiving end, decrypting the encrypted data, and performing inverse normalization on the decrypted data to obtain the data transmitted by the transmitting end.
The second embodiment is as follows: the first difference between this embodiment and the specific embodiment is that the number of nodes of the coding layer of the self-encoder decreases from layer to layer, and the whole is in an hourglass shape.
And a third specific embodiment: this embodiment differs from the specific embodiment in that the encryption model is described as:
Figure BDA0003040092750000031
wherein W is 1 e And
Figure BDA0003040092750000032
weight matrix and bias, σ representing the first layer of the encoded portion, respectively T (. Cndot.) is a Tanh nonlinear activation function, x meas For the sensor data to be encrypted, +.>
Figure BDA0003040092750000033
And->
Figure BDA0003040092750000034
Respectively representing the weight matrix and the bias of the nth layer of the coding part, wherein n is the number of layers contained in the coding part. />
The specific embodiment IV is as follows: this embodiment differs from the third embodiment in that the decryption model is described as:
Figure BDA0003040092750000035
wherein W is 1 d And
Figure BDA0003040092750000036
weight matrix and bias, σ representing the first layer of the decoded part, respectively L (. Cndot.) is the Linear activation function, x trans For the encrypted sensor data, +.>
Figure BDA0003040092750000037
And->
Figure BDA0003040092750000038
Respectively representing the weight matrix and the bias of the nth layer of the decoding part, wherein n is the number of layers contained in the decoding part.
Fifth embodiment: the fourth difference between this embodiment and the specific embodiment is that the Tanh nonlinear activation function sigma T The expression of (-) is:
Figure BDA0003040092750000039
where x is the argument of the function and e is the base of the natural logarithm.
Specific embodiment six: the fifth difference between the present embodiment and the specific embodiment is that the Linear activation function σ L The expression of (-) is:
σ L (x)=x (4)。
seventh embodiment: the sixth difference between the present embodiment and the specific embodiment is that, the normalization processing is performed on the data in each dimension of the original sensor data collected by the history, and the specific process of the normalization processing is:
Figure BDA0003040092750000041
wherein x is i′ For the data of the i' th dimension in the original sensor data, min (x i′ ) Is the minimum value of the data in the ith dimension in the original sensor data, max (x i′ ) Is the maximum value of the data in the ith dimension in the original sensor data, x i′,j For the j-th data in the i' th dimension,
Figure BDA0003040092750000042
is the j-th data in the i' th dimension after normalization.
Eighth embodiment: the present embodiment is different from the seventh embodiment in that, when the encryption model and the decryption model are trained using the normalized data, the loss function J (W, b) used is:
Figure BDA0003040092750000043
where k is the number of features extracted by the encryption model,
Figure BDA0003040092750000044
raw sensor data after normalization corresponding to the ith feature, +.>
Figure BDA0003040092750000045
And (3) reconstructing the original sensor data after normalization processing of the ith feature for the decryption model.
Detailed description nine: this embodiment is different from the eighth embodiment in that the parameters are updated by Adam optimization algorithm when the encryption model and the decryption model are trained.
Detailed description ten: the asymmetric encryption transmission system for data in a networked control system according to this embodiment is used for executing the asymmetric encryption transmission method for data in a networked control system according to any one of the first to ninth embodiments.
Examples
The embodiment of the invention is a simulation system of a smart grid. The measurement parameters in the system are calculated by an optimal power flow algorithm aiming at different loads and are composed of power flows of each branch, each generator and each load, and the total number of the measurement parameters is 339.
In this embodiment, data of 36000 time instants are collected and encrypted for transmission and decryption and restoration. Of these, the first 25000 data were used as training sets for offline training, with the remaining 11000 samples used for testing.
1. Offline training stage:
and constructing a decryption and encryption network aiming at the data set, wherein the total network is 8 layers, the node number of the encryption layer is gradually reduced from 339 to 32, the sensor data is trained after being normalized, and the maximum value and the minimum value of each feature in the training stage are stored for the normalization processing of the subsequent online stage. After 130 iterations, the root mean square error of the training set reconstruction reached 0.0045, the validation set was 0.0046.
2. On-line deployment test:
the transmitting end normalizes the data to be transmitted according to a formula (5), the maximum value and the minimum value used for normalization are the maximum value and the minimum value of a sample during offline training, the processed data are encrypted through an encryption model (7), and the encrypted data are transmitted. When the data is transmitted to the receiving end, the decryption operation is carried out through a decryption model (8), and the original data is obtained through inverse normalization.
The above examples of the present invention are only for describing the calculation model and calculation flow of the present invention in detail, and are not limiting of the embodiments of the present invention. Other variations and modifications of the above description will be apparent to those of ordinary skill in the art, and it is not intended to be exhaustive of all embodiments, all of which are within the scope of the invention.

Claims (6)

1. The asymmetric encryption transmission method for the data in the networked control system is characterized by comprising the following steps of:
taking an encoding part of the self-encoder as an encryption model of data and a decoding part of the self-encoder as a decryption model of the data, wherein the number of layers of the encoding part of the self-encoder is the same as that of the decoding part, and the number of nodes of the encoding part and the decoding part of the self-encoder are in mirror symmetry;
respectively carrying out normalization processing on data in each dimension of the original sensor data collected by history, and training an encryption model and a decryption model by utilizing the normalized data;
storing the maximum value and the minimum value of each feature extracted by the encryption model in the historical sensor data;
step three, packaging the trained encryption model and decryption model, wherein the function relationship after packaging is as follows:
encryption model: x is x trans =f(x meas )
Decryption model:
Figure FDA0004148054610000011
wherein x is meas For the sensor data to be encrypted, x trans In order to encrypt the sensor data,
Figure FDA0004148054610000012
for decrypted sensor data;
step four, at the transmitting end, normalizing the data to be transmitted according to the maximum value and the minimum value of each stored characteristic in the historical sensor data to obtain the data to be transmitted after normalization;
inputting the data to be transmitted after normalization processing into an encapsulated encryption model for encryption processing, and transmitting the encrypted data;
inputting the encrypted data into a packaged decryption model at a receiving end, decrypting the encrypted data, and performing inverse normalization on the decrypted data to obtain data transmitted by a transmitting end;
the encryption model is described as:
Figure FDA0004148054610000013
wherein W is 1 e And
Figure FDA0004148054610000014
weight matrix and bias, σ representing the first layer of the encoded portion, respectively T (. Cndot.) is a Tanh nonlinear activation function, x meas For the sensor data to be encrypted, +.>
Figure FDA0004148054610000015
And->
Figure FDA0004148054610000016
Respectively representing a weight matrix and bias of an nth layer of the coding part, wherein n is the number of layers contained in the coding part;
the decryption model is described as:
Figure FDA0004148054610000017
wherein W is 1 d And
Figure FDA0004148054610000018
weight matrix and bias, σ representing the first layer of the decoded part, respectively L (. Cndot.) is the Linear activation function, x trans For the encrypted sensor data, +.>
Figure FDA0004148054610000021
And->
Figure FDA0004148054610000022
Respectively representing a weight matrix and bias of an nth layer of the decoding part, wherein n is the number of layers contained in the decoding part;
the Tanh nonlinear activation function sigma T The expression of (-) is:
Figure FDA0004148054610000023
wherein x is an independent variable of the function, and e is a base of natural logarithm;
the Linear activation function sigma L The expression of (-) is:
σ L (x)=x。
2. the method for asymmetrically encrypting and transmitting data in a networked control system according to claim 1, wherein the number of nodes in the coding layer of the self-encoder decreases layer by layer, and the whole is in an hourglass shape.
3. The asymmetric encryption transmission method of data in a networked control system according to claim 1, wherein the normalization processing is performed on the data in each dimension of the original sensor data collected in the history, and the specific process of the normalization processing is as follows:
Figure FDA0004148054610000024
wherein x is i′ For the data of the i' th dimension in the original sensor data, min (x i′ ) Is the minimum value of the data in the ith dimension in the original sensor data, max (x i′ ) Is the maximum value of the data in the ith dimension in the original sensor data, x i′,j For the j-th data in the i' th dimension,
Figure FDA0004148054610000025
is the j-th data in the i' th dimension after normalization.
4. The method for asymmetrically encrypting and transmitting data in a networked control system according to claim 3, wherein the loss function J (W, b) used when training the encryption model and decryption model by using the normalized data is:
Figure FDA0004148054610000026
where k is the number of features extracted by the encryption model,
Figure FDA0004148054610000027
raw sensor data after normalization corresponding to the ith feature, +.>
Figure FDA0004148054610000028
And (3) reconstructing the original sensor data after normalization processing of the ith feature for the decryption model.
5. The method for asymmetrically encrypting and transmitting data in a networked control system according to claim 4, wherein said training of the encryption model and decryption model is performed by updating parameters by Adam optimization algorithm.
6. A data asymmetric encryption transmission system in a networked control system, wherein the system is configured to execute the data asymmetric encryption transmission method in the networked control system according to any one of claims 1 to 5.
CN202110454801.5A 2021-04-26 2021-04-26 Asymmetric encryption transmission method and system for data in networked control system Active CN113098897B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110454801.5A CN113098897B (en) 2021-04-26 2021-04-26 Asymmetric encryption transmission method and system for data in networked control system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110454801.5A CN113098897B (en) 2021-04-26 2021-04-26 Asymmetric encryption transmission method and system for data in networked control system

Publications (2)

Publication Number Publication Date
CN113098897A CN113098897A (en) 2021-07-09
CN113098897B true CN113098897B (en) 2023-05-23

Family

ID=76679977

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110454801.5A Active CN113098897B (en) 2021-04-26 2021-04-26 Asymmetric encryption transmission method and system for data in networked control system

Country Status (1)

Country Link
CN (1) CN113098897B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107135064A (en) * 2017-05-04 2017-09-05 广东工业大学 A kind of information ciphering method based on depth self-encoding encoder
CN108989603A (en) * 2018-07-18 2018-12-11 上海理工大学 Image encryption method based on self-encoding encoder combination relevance imaging
CN110941855A (en) * 2019-11-26 2020-03-31 电子科技大学 Stealing and defending method for neural network model under AIoT scene

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107135064A (en) * 2017-05-04 2017-09-05 广东工业大学 A kind of information ciphering method based on depth self-encoding encoder
CN108989603A (en) * 2018-07-18 2018-12-11 上海理工大学 Image encryption method based on self-encoding encoder combination relevance imaging
CN110941855A (en) * 2019-11-26 2020-03-31 电子科技大学 Stealing and defending method for neural network model under AIoT scene

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"Deep learning-based defense and detection scheme against eavesdropping and typical cyber-physical attacks";S. Wu, Y. Jiang, H. Luo and X. Li;《2021 CAA Symposium on Fault Detection, Supervision, and Safety for Technical Processes (SAFEPROCESS), 2021》;20220201;第1-6页 *
"Detection of False Data Injection Attacks Using the Autoencoder Approach";C. Wang, S. Tindemans, K. Pan and P. Palensky;《2020 International Conference on Probabilistic Methods Applied to Power Systems (PMAPS),2020》;20200901;第2页右栏-第3页左栏,第4页左栏 *
"The Multi Layer Auto Encoder Neural Network (ML-AENN) for Encryption and Decryption of Text Message";A. F. O. Gaffar, A. B. W. Putra and R. Malani;《2019 5th International Conference on Science in Information Technology (ICSITech), 2019,》;20200210;第128-133页 *
"自编码神经网络理论及应用综述";袁非牛, et al;《计算机学报》;20190131;第203-230页 *

Also Published As

Publication number Publication date
CN113098897A (en) 2021-07-09

Similar Documents

Publication Publication Date Title
CN112395643B (en) Data privacy protection method and system for neural network
CN113179264B (en) Attack detection method for data transmission in networked control system
Li et al. An end-to-end encrypted neural network for gradient updates transmission in federated learning
CN112597519B (en) Non-key decryption method based on convolutional neural network in OFDM encryption system
CN113014570B (en) Communication data encryption and decryption method based on convolutional neural network
CN112766495A (en) Deep learning model privacy protection method and device based on mixed environment
CN113098897B (en) Asymmetric encryption transmission method and system for data in networked control system
Almuseelem Energy-efficient and security-aware task offloading for multi-tier edge-cloud computing systems
CN109697613B (en) Security authentication method and system for network transaction in block chain
CN102523085A (en) Data encryption method, data encrypting device and smart card
CN114726502B (en) Security system based on Internet of things and big data
CN112507366B (en) Method and system for efficiently aggregating multidimensional data in smart power grid
CN115208550A (en) Dynamic cross chaotic encryption method and system applied to smart power grid
CN113037553B (en) IEC102 protocol communication behavior abnormity detection method and system based on IA-SVM
Riyadi et al. Real-time testing on improved data transmission security in the industrial control system
Lu et al. A timestamp-based covert data transmission method in Industrial Control System
Wang et al. Generative image steganography based on digital cardan grille
Pandey et al. An approach for secure data transmission in smart grids
CN117592555B (en) Federal learning method and system for multi-source heterogeneous medical data
CN117880762B (en) Short message data security encryption method based on wireless communication
Kuang et al. IIoTBC: A Lightweight Block Cipher for Industrial IoT Security.
Feng et al. PpNNT: Multiparty Privacy-Preserving Neural Network Training System
CN117811842B (en) Power grid security risk assessment method based on privacy calculation
Tao et al. Data Protection of AMI Based on Oblivious Inference and Deep Learning
Huang et al. Design and Implementation of Distributed Photovoltaic Power Plant Data Security Protection System Based on Recurrent Neural Networks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant