CN114995158B - Self-adaptive sampling switching control method of complex circuit network system under DoS attack - Google Patents

Self-adaptive sampling switching control method of complex circuit network system under DoS attack Download PDF

Info

Publication number
CN114995158B
CN114995158B CN202210759316.3A CN202210759316A CN114995158B CN 114995158 B CN114995158 B CN 114995158B CN 202210759316 A CN202210759316 A CN 202210759316A CN 114995158 B CN114995158 B CN 114995158B
Authority
CN
China
Prior art keywords
dos attack
attack
controller
sampling
logic processor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210759316.3A
Other languages
Chinese (zh)
Other versions
CN114995158A (en
Inventor
张瑞梅
曾德强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan University
Original Assignee
Sichuan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan University filed Critical Sichuan University
Priority to CN202210759316.3A priority Critical patent/CN114995158B/en
Publication of CN114995158A publication Critical patent/CN114995158A/en
Application granted granted Critical
Publication of CN114995158B publication Critical patent/CN114995158B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B13/00Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion
    • G05B13/02Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric
    • G05B13/04Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric involving the use of models or simulators
    • G05B13/042Adaptive control systems, i.e. systems automatically adjusting themselves to have a performance which is optimum according to some preassigned criterion electric involving the use of models or simulators in which a parameter or coefficient is automatically adjusted to optimise the performance
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Automation & Control Theory (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a self-adaptive sampling switching control method of a complex circuit network system under DoS attack, wherein a sensor samples the complex circuit network system in a period T, and a transmitter transmits a data packet consisting of an error sampling state and a sampling point sequence to a communication network; when a data packet arrives at the buffer, the buffer immediately generates a first control signal, the comparator captures DoS attack key information according to the data packet and a time point sequence, and the intelligent logic processor sends different signals to the controller according to the DoS attack key information; the controller controls the switching control gain parameter according to the signal sent by the intelligent logic processor, and the signal is fed back to the complex circuit network system through the zero-order retainer and the actuator, so that the complex circuit network system is driven. The invention combines the intelligent logic processor and the self-adaptive sampling switching control mechanism, adopts different controllers aiming at different DoS attack situations, and effectively enhances the robustness of the system against the DoS attack.

Description

Self-adaptive sampling switching control method of complex circuit network system under DoS attack
Technical Field
The invention relates to the technical field of circuit system safety control, in particular to a self-adaptive sampling switching control method of a complex circuit network system under DoS attack.
Background
With the rapid development of networking and informatization, the complex circuit network system brings wealth and convenience to people and also increasingly highlights the safety problem. The complex circuit network system is a complex system formed by a plurality of circuit systems connected through a network. The interior of each circuit system is an organic whole formed by a sensor, a controller, an actuator, a network and the like, and the circuit systems are in information interaction through the network. Due to the high openness and sharing of the network, the network is easy to attack. The prevalence of global cyber attack events has led to an increasing awareness of the importance of cyber security in recent years. Since the network security control can effectively resist various network attacks, the security control of the complex circuit network system becomes a key point of research. For a complex circuit network system, most of the current control methods are mainly designed based on continuous feedback information. In continuous feedback control, information of the state variables needs to be continuously transmitted to the controller and fed back to the system. This continuous feedback control mode is somewhat wasteful of computational and network communication resources. Compared with a continuous feedback control method, sampling control only needs to transmit signals at sampling points to a controller, so that the information transmission quantity can be greatly reduced, and network communication resources are effectively saved. At present, the sampling control of a complex circuit network system becomes a research focus. DoS attacks, a common type of network attacks, can seriously affect the synchronization performance and security of a complex circuit network system. Therefore, it is far-reaching to explore the safety sampling control of the complex circuit network system under the DoS attack, but at present, the related research is lacked. In addition, in order to effectively resist the influence of DoS attacks on the performance of the network system, the document "flexible control design of a type of networked control system based on a sampling model under DoS attacks", IEEE control journal, 2020 and 8 months "proposes a flexible security sampling control method under a sampling mode. In the method, in order to capture DoS attack information, an author embeds a logic processor in the design of a sampling controller, and the method is successfully applied to solve the consistency problem of a multi-agent system under the DoS attack, the logic processor can effectively capture the DoS attack information, and the provided elastic safety sampling control method can effectively resist the influence of the DoS attack on the performance of a network system. However, the method has three disadvantages: (1) The designed logic processor can not fully capture DoS attack key information, such as the total number of attacked sampling points and attack initiation time; (2) Neglecting the relationship among the DoS attack frequency, the DoS attack dwell, the sampling period and the maximum dwell time; (3) The same control gain is used at all times regardless of whether DoS attack occurs, which may result in poor control robustness to some extent.
Disclosure of Invention
The invention aims to provide a self-adaptive sampling switching control method of a complex circuit network system under DoS attack, which is used for solving the problems that in the prior art, when an elastic security sampling control method resists the influence of the DoS attack on the performance of the network system, the key information of the DoS attack cannot be fully captured, the DoS attack frequency, the DoS attack dwell range, the relation between the sampling period and the maximum dwell time is ignored, and the control robustness is poor.
The invention solves the problems through the following technical scheme:
a self-adaptive sampling switching control method of a complex circuit network system under DoS attack comprises the following steps:
s100, sampling a complex circuit network system by a sensor in a period T to obtain an error sampling state and a sampling point sequence of the circuit system;
the sensor samples the complex circuit network system with a period T to obtainAt sampling point s by the ith circuitry l Error sampling state η of i (s l ) Sum sampling point sequence S = { S = { (S) 0 ,s 1 ,…,s l ,…,s L In which s is 0 =0,s l =lT,s l For the sampling time, L is the sampling frequency, L =0,1,2, \ 8230 \ 8230;, L; i =1,2,3, \8230 \ 8230;, m; m is the number of circuit systems;
step S200, a data packet formed by the error sampling state and the sampling point sequence is sent to a communication network by a sender; i.e. data packet(s) li (s l ) ) is sampled by error i (s l ) Sum sampling point sequence S = { S = { (S) 0 ,s 1 ,…,s l ,…,s L };
Step S300, when the data packet arrives at a buffer of the intelligent logic processor, a first control signal is immediately generated when the data of the buffer is updated, and the first control signal is used for realizing the safety synchronous control of the system; time point sequence of data packet sent by intelligent logic processor to controller
Figure BDA0003723681520000021
A comparator of the intelligent logic processor captures the DoS attack key information according to the data packet and the time point sequence, and the intelligent logic processor sends different signals to the controller according to the DoS attack key information;
and S400, controlling a switching control gain parameter according to a signal sent by the intelligent logic processor by the controller, generating a second control signal according to the signal sent by the intelligent logic processor and the control gain, converting the discretely sampled second control signal into a continuous signal by using a zero-order retainer, and feeding back the continuous signal to the complex circuit network system through the actuator so as to drive the complex circuit network system.
Capturing DoS attack key information specifically includes:
initializing sampling instants
Figure BDA0003723681520000031
Number of occurrences of DoS attack N 0 =0, attack residence total time D after detection 0 =0, maximum dwell time h M = T, first key parameter σ 1 =1 and second key parameter σ 2 =0, wherein,
Figure BDA00037236815200000315
first key parameter σ 1 And a second critical parameter σ 2 For the controller to adaptively adjust the control input;
let system error state eta (t) = [ eta [ ] 1 T (t),η 2 T (t),…,η i T (t),…] T Wherein η i T (t) is the error state for the ith circuitry;
for a given initial value and
Figure BDA0003723681520000032
the comparator first determines the packet
Figure BDA0003723681520000033
Whether it arrives in the buffer, if so, will
Figure BDA0003723681520000034
Assigning to a current time t of a sequence of time points l Sending a signal (σ) 12 ) = (1, 0) and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure BDA0003723681520000035
If not, an alarm is triggered, i.e. a data packet
Figure BDA0003723681520000036
Has suffered a DoS attack at the moment
Figure BDA0003723681520000037
Initiating a moment for an attack; updating DoS attack occurrence number N 0 =N 0 +1, transmission signal (σ) 12 ) =0,1 to the controller and waits for a sample packet (t) l ,η(t l ) If the packet (t) arrives in the buffer l ,η(t l ) When the cache is reached, the attack is ended and the update is performed
Figure BDA0003723681520000038
Wherein
Figure BDA0003723681520000039
Indicating the duration of the attack after detection,
Figure BDA00037236815200000310
is the detected time point;
the comparator judges the maximum residence time h M And
Figure BDA00037236815200000311
if h is M Is less than
Figure BDA00037236815200000312
Then update
Figure BDA00037236815200000313
Transmission signal (sigma) 12 ) = (1, 0) and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure BDA00037236815200000314
Namely acquiring the key information of the DoS attack: attack launch time
Figure BDA0003723681520000041
Total number of attacks N 0 Total duration of attack stay D 0 The number of samples attacked and the maximum dwell time h M
The controller controls the switching control gain according to the signal sent by the intelligent logic processor, and generates a second control signal according to the signal sent by the intelligent logic processor and the control gain, specifically:
if the interval [ t l ,t l+1 ) I =1, 2.. No DoS attack, then there is t l+1 =t l + T; the controller is then:
u i (t)=-k 1i η i (t l ),t∈[t l ,t l +T),i=1,2,…m
wherein m is the number of circuit systems; u. of i (t) is the control input of the ith circuitry, k 1i Is a controller u i (t) a control gain; eta i (t l ) At time t for the ith circuitry l The error state of (a);
if the interval [ t l ,t l+1 ) Subject to DoS attack, there is t l +T<t l+1 ≤t l +h M (ii) a The controller is then:
u i (t)=-σ 1 (t)k 1i η i (t l )-σ 2 (t)k 2i η i (t l ),i=1,2,…m
wherein
Figure BDA0003723681520000042
σ 1 (t)、σ 2 (t) is the first key parameter σ output by the intelligent logic processor 1 Second key parameter σ 2 Of a value of (c) determined 1i 、k 2i Is the control gain.
Compared with the prior art, the invention has the following advantages and beneficial effects:
(1) The invention combines the intelligent logic processor and the sampling control mechanism, adopts the self-adaptive sampling switching control method, adopts different controllers aiming at different DoS attack situations, and can effectively enhance the robustness of the system against the DoS attack on the premise of ensuring the safety performance of a complex circuit network system.
(2) The invention designs an alarm in the intelligent logic processor, which can automatically detect the time when the system is attacked; the total number of the attacked sampling points is obtained through the intelligent logic processor, and the relationship among the DoS attack frequency, the DoS attack dwell, the sampling period and the maximum dwell time can be established.
(3) The invention adaptively selects and controls the gain aiming at different attack situations, thereby effectively enhancing the robustness of the system against the DoS attack.
Drawings
FIG. 1 is a schematic diagram of a Chua circuit system;
FIG. 2 is a schematic diagram of a Chua circuit system;
FIG. 3 is a diagram of a topology for communication between circuitry;
FIG. 4 is a control flow chart of a complex circuit network system under DoS attack;
FIG. 5 is a flow chart of the logical operation of the comparator of the present invention;
FIG. 6 is a flow chart of a prior art comparator;
FIG. 7 is a sequence diagram of a DoS attack;
FIG. 8 is a node trace diagram of a complex circuit network system;
FIG. 9 is a synchronization error map;
FIG. 10 is a diagram of an adaptive sampling switch controller.
Detailed Description
The present invention will be described in further detail with reference to examples, but the embodiments of the present invention are not limited thereto.
Example (b):
a self-adaptive sampling switching control method of a complex circuit network system under DoS attack comprises the following steps:
1. setting system parameters: taking the circuit system as a Chua circuit as an example, the Chua circuit is shown in figure 1, wherein R, R 1 Is a resistance, C 1 ,C 2 Is a capacitance, L is an inductance; v 1 ,V 2 Are respectively a capacitance C 1 ,C 2 Voltage across, i 1 ,i R Respectively, the current flowing through the inductor L and the resistor R; g is a nonlinear resistance;
2. according to kirchhoff's current law, the dynamic characteristics of the circuit system are as follows:
Figure BDA0003723681520000061
wherein g (V) 2 ) For flowing through a non-linear resistorThe current of g, defined as:
Figure BDA0003723681520000062
wherein G a ,G b And E is the diode parameter.
By substitution of variables
Figure BDA0003723681520000063
(1) Can be changed into the following forms
Figure BDA0003723681520000064
Wherein
Figure BDA0003723681520000065
m 1 =RG b ,m 2 =RG a
Figure BDA0003723681520000066
Here, take y 1 =-1.3018,γ 2 =-0.0135,γ 3 =-0.0297,m 1 =-0.5700,m 2 =0.1091. At an initial value of [0.9, -1.1,0.05] T Next, the state trace diagram of the circuit system is shown in fig. 2, and it can be seen from fig. 2 that the system exhibits chaotic behavior.
3. Describing a network communication connection topological structure of a multi-circuit system: taking the communication connection topology of 5 circuit systems as an example, as shown in fig. 3, each circuit system and the target system are all Chua circuit systems. Setting a communication connection factor b ij If information of j (j =1,2, \8230; 5) th circuit system can be transferred to i (i =1,2, \8230; 5) th circuit system, b ij > 0, otherwise b ij And =0. Let b 12 =0.57,b 21 =6.65,b 45 =5.5,b 54 If =0.6, the Laplacian matrix L, the weighted adjacency matrix B, and the degree-of-entry matrix D of the topology are:
Figure BDA0003723681520000071
D=diag{0.57,6.65,0,5.5,0.6}。
4. let the state variables of the circuit system and the target system be theta i (t) (i =1,2, \ 82305) and iota (t), the error state is η i (t)=θ i (t) -iota (t) (i =1,2, \82305). Fig. 4 shows a control flow chart of a complex circuit network system under DoS attack. In FIG. 4,. Eta. i (T) (i =1,2, \82305) first of all the samples are taken by the sensor with a period T, the sampling point sequence being S = { S = { S } 0 ,s 1 ,…,s l 8230, where s 0 =0,s l = lT. Then from the sampling point s l And a sampling state η i (s l ) (i =1,2, \8230;, 5) of a data packet(s) li (s l ) Is sent to the communication network by the transmitter and is fed back to the complex circuit network system through the controller, the zero-order keeper and the actuator. Data packets(s) if the sensor-to-controller channel is subject to a DoS attack li (s l ) Does not reach the controller. In order to analyze the influence of DoS attack, the invention designs a new intelligent logic processor. The intelligent logic processor is composed of a buffer and a comparator. The buffer is used for storing the latest sampling packet. When the data in the buffer is updated, the updated data is immediately used for generating a control signal to realize the safety synchronous control performance of the system, and the time point sequence of the data packets received by the controller is set as
Figure BDA0003723681520000072
The comparator captures DoS attack information by performing some logical operations, as shown in fig. 5, setting initial parameters,
Figure BDA0003723681520000073
is the sampling time and
Figure BDA0003723681520000074
N 0 representing the number of occurrences of a DoS attack, D 0 Represents the total duration of attack residency after detection, h M Indicating the maximum dwell time. Sigma 12 Is a key parameter of the controller for adaptive adjustment of the control input. And assigning an initial value
Figure BDA0003723681520000075
N 0 =0,D 0 =0,h M =T,σ 1 =1,σ 2 =0。
Let eta (t) = [ eta = 1 T (t),η 2 T (t),…,η 5 T (t)] T . For a given initial value sum
Figure BDA0003723681520000076
The comparator will first determine the data packet
Figure BDA0003723681520000077
Whether or not to reach the buffer. If so, the device will
Figure BDA0003723681520000078
Assigned to t l Sending a signal (σ) 12 ) = (1, 0) and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure BDA0003723681520000079
If not, an alarm is triggered indicating a data packet
Figure BDA00037236815200000710
Has suffered a DoS attack at this time
Figure BDA00037236815200000711
The attack launch time. At this time, the number N of occurrences of DoS attack is updated 0 =N 0 +1, transmission signal (σ) 12 ) = (0, 1) to controller, and wait for sample packet (t) l ,η(t l ) ) arrives at the buffer. If packet (t) l ,η(t l ) ) arrives at the buffer, then the attack is done this timeAfter the click is finished, update
Figure BDA0003723681520000081
Wherein
Figure BDA0003723681520000082
Indicating the duration of the attack after detection,
Figure BDA0003723681520000083
is the detected point in time. The comparator will then further determine the maximum dwell time h M And
Figure BDA0003723681520000084
if h is greater than M Is less than
Figure BDA0003723681520000085
Then update
Figure BDA0003723681520000086
Transmission signal (sigma) 12 ) = (1, 0) and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure BDA0003723681520000087
Through the comparator, the DoS attack key information including attack initiation time, total attack times, total attack residence time, the number of attacked samples and maximum residence time can be obtained.
Since the energy of an attacker is usually limited, in this case, the DoS attack frequency and DoS attack dwell satisfy certain constraints. To better understand DoS attacks, the links between the insides of the key information of DoS attacks are revealed, for a given time interval t 0 And t), defining D (t) as the total residence time of all the detected DoS attacks, and N (t) as the total times of the attacks, and according to the operation principle of the intelligent logic processor, establishing the following relations among the DoS attack frequency, the DoS attack residence domain, the sampling period and the maximum residence time:
Figure BDA0003723681520000088
Figure BDA0003723681520000089
wherein: t e [ t ∈ ] l ,t l+1 ),
Figure BDA00037236815200000810
Figure BDA00037236815200000811
Then
Figure BDA00037236815200000812
Is the total number of samples that are attacked,
Figure BDA00037236815200000813
meaning that the rounding is done down,
Figure BDA00037236815200000814
denotes t j Left limit of (d), h l =t l+1 -t l ∈(T,h M ]。
And (3) proving that: for t e [ t ∈ l ,t l+1 ) L =0,1,2
Figure BDA0003723681520000091
Figure BDA0003723681520000092
It is noted that if
Figure BDA0003723681520000093
Then
Figure BDA0003723681520000094
According to the conclusion there are
Figure BDA0003723681520000095
From the formula (4), a
Figure BDA0003723681520000096
The expressions (2) and (3) are satisfied by the expressions (4) and (5).
FIG. 6 is a flow chart of a comparator in the prior art, wherein d k 、h m 、h M 、n 0 、T m Δ and
Figure BDA0003723681520000097
respectively representing the data packet time successfully received by the logic processor, the minimum attack dwell time, the maximum attack dwell time, the total attack times, the attack dwell area (sum of attack dwell time), the time interval between two adjacent successfully transmitted data packets and the data packet time successfully received by the logic processor in a specific time. If the time interval delta between two adjacent successfully transmitted data packets is not greater than the sampling period T 0 Then d will be k Is assigned to
Figure BDA0003723681520000098
If the time interval delta between two adjacent successfully transmitted data packets is greater than the sampling period T 0 Then T is added m +Δ-T 0 Is assigned to T m Update n 0 =n 0 +1; and further judging whether the time interval delta between the current two adjacent successfully transmitted data packets is larger than h M . If so, assign Δ to h M If not, whether or not further Delta is less than or equal to h m If so, will Δ -T 0 Is assigned to h m If not, d k Is assigned to
Figure BDA0003723681520000099
Compared with the prior artCompared with a middle comparator, the comparator designed by the invention has the following advantages: (1) an alarm is installed in the operation process, and the alarm can automatically detect the DoS attack time of the system; (2) the total number of the attacked sampling points can be obtained
Figure BDA0003723681520000101
(3) And can establish DoS attack frequency N (T), doS attack dwell D (T), sampling period T and maximum dwell time h M The relationship between
Figure BDA0003723681520000102
(4) Different control parameters can be fed back according to different attack situations.
5. Design of the adaptive sampling switching controller. The controller is closely cooperated with the intelligent logic processor, when the intelligent logic processor receives a sampling data packet, the controller immediately uses the sampling data packet to generate a control signal, and then the discrete sampling control signal is converted into a continuous signal by using the zero-order retainer and then fed back to the system through the actuator, thereby driving the complex circuit network system. The adaptive sampling switching control protocol in the controller is designed as follows:
case i: if the interval [ t l ,t l+1 ) I =1, 2.. No DoS attack, then there is t l+1 =t l +T;
Case ii: if the interval [ t l ,t l+1 ) Subject to DoS attack, then there is t =1,2 l +T<t l+1 ≤t l +h M
For case i, the following sampling controller is designed
u i (t)=-k 1i η i (t l ),t∈[t l ,t l +T),i=1,2,…5 (6)
Wherein u i (t) is the control input of the ith circuitry, k 1i Is a controller u i (t) control gain.
For case ii, the following sampling controller is designed
u i (t)=-σ 1 (t)k 1i η i (t l )-σ 2 (t)k 2i η i (t l ),i=1,2,…5 (7)
Wherein
Figure BDA0003723681520000103
σ 1 (t)、σ 2 (t) is the value of σ output by the logic processor 1 、σ 2 Of a value of (c) determined 1i 、k 2i (i =1,2, \8230;, 5) is the control gain.
The prior art controller has a fixed control gain regardless of whether a DoS attack has occurred. The invention designs self-adaptive sampling switching control protocols, namely formulas (6) and (7), according to different attack situations. In this protocol, for an arbitrary interval [ t ] l ,t l+1 ) According to different attack situations, on the premise of ensuring the safety synchronization performance of the complex circuit network system, different control gains k 1i 、k 2i (i =1,2, \8230;, 5) will be chosen. If in the interval [ t l ,t l+1 ) If DoS attack does not occur, then control gain k is adopted 1i . If in the interval [ t l ,t l+1 ) The DoS attack occurs, the data packet (t) l +T,η i (t l + T)) will not reach the register and the logical processor will immediately issue an alarm. In this case, at t ∈ [ t ] l ,t l + T), using control gain k 1i (ii) a At t ∈ [ t ] l +T,t l+1 ) Then, a control gain k is adopted 2i 。k 1i And k 2i The adaptive switching selection is output by the logic processor 1 And σ 2 Is determined. Compared with the control method in the prior art, the self-adaptive sampling switching control method provided by the invention is more flexible, and can effectively enhance the robustness of the system against the DoS attack.
To verify the effectiveness of the present invention and the advantages of the method, the following simulation experiments were performed. Consider that the sensor-to-controller channel of the above complex circuit network system is subject to a DoS attack, the attack sequence of which is shown in fig. 7. According to the knowledge of graph theory, when nodes 1,3 and 5 are contained, the graph 3 has a spanning tree. Under the DoS attack as shown in FIG. 7, the control gain is taken
k 11 =10.1742,k 12 =0,k 13 =7.9494,k 14 =0,k 15 =12.9165,
k 21 =4.9895,k 22 =0,k 23 =4.4786,k 24 =0,k 25 =5.0785。
Under the control of the adaptive sampling switching control protocol, equations (6) and (7), the node trajectory diagram, the synchronization error trajectory diagram and the adaptive sampling switching controller diagram of the complex circuit network system are respectively shown in fig. 8, fig. 9 and fig. 10. From fig. 8, it can be found that the state trajectories of all nodes reach synchronization, and from fig. 9, it can be found that the synchronization error tends to 0, thereby verifying that the adaptive sampling switching control method designed by the present invention can effectively resist DoS attack influence, and ensuring the safety synchronization performance of a complex circuit network system.
Under the same system parameters, the maximum attack residence time h can be obtained by the fixed control gain method in the prior art M =0.18, and the maximum attack residence time h obtained by the adaptive sampling switching control method of the present invention M =0.24. The larger the upper bound of attack residence time is, the stronger the robustness of the designed control method is. Therefore, the control method has stronger DoS attack resisting capability, thereby enhancing the robustness of the complex circuit network system against the DoS attack.
Although the present invention has been described herein with reference to the illustrated embodiments thereof, which are intended to be preferred embodiments of the present invention, it is to be understood that the invention is not limited thereto, and that numerous other modifications and embodiments can be devised by those skilled in the art that will fall within the spirit and scope of the principles of this disclosure.

Claims (1)

1. A self-adaptive sampling switching control method of a complex circuit network system under DoS attack is characterized by comprising the following steps:
s100, sampling a complex circuit network system by a sensor in a period T to obtain an error sampling state and a sampling point sequence of the circuit system;
step S200, a data packet formed by the error sampling state and the sampling point sequence is sent to a communication network by a sender;
step S300, when the data packet arrives at a buffer of the intelligent logic processor, a first control signal is immediately generated when the data of the buffer is updated, and the first control signal is used for realizing the safety synchronous control of the system; time point sequence for sending data packet to controller by intelligent logic processor
Figure FDA0003988796140000011
Sampling point sequences; a comparator of the intelligent logic processor captures the DoS attack key information according to the data packet and the time point sequence, and the intelligent logic processor sends different signals to the controller according to the DoS attack key information;
step S400, the controller determines a key parameter of switching control gain according to a signal sent by the intelligent logic processor, generates a second control signal according to the signal sent by the intelligent logic processor and the control gain, converts the discretely sampled second control signal into a continuous signal by using a zero-order retainer, and feeds the continuous signal back to the complex circuit network system through an actuator so as to drive the complex circuit network system;
capturing DoS attack key information specifically includes:
initializing sampling instants
Figure FDA0003988796140000015
Number of occurrences of DoS attack N 0 =0, total attack stay duration D after detection 0 =0, maximum dwell time h M = T, first key parameter σ 1 =1 and second key parameter σ 2 =0, wherein,
Figure FDA0003988796140000014
s is a sampling point sequence and a first key parameter sigma 1 And a second critical parameter σ 2 For the controller to adaptively adjust the control input;
let system error state eta (t) = [ eta 1 T (t),η 2 T (t),…,η i T (t),…] T Wherein η i T (t) is the error state for the ith circuitry;
for a given initial value and
Figure FDA0003988796140000012
the comparator first determines the packet
Figure FDA0003988796140000013
Whether it arrives in the buffer, if so, will
Figure FDA0003988796140000021
Assigning to a current time t of a sequence of time points l Sending a signal (σ) 12 ) = (1, 0) and packet (t) l ,η(t l ) To the controller and will t l Is assigned to
Figure FDA0003988796140000022
If not, an alarm is triggered, i.e. a data packet
Figure FDA0003988796140000023
Has suffered a DoS attack at the moment
Figure FDA00039887961400000213
Initiating a moment for an attack; updating DoS attack occurrence number N 0 =N 0 +1, transmission signal (σ) 12 ) =0,1 to the controller and waits for a sample packet (t) l ,η(t l ) If the packet (t) arrives in the buffer l ,η(t l ) When the cache is reached, the attack is ended and the update is performed
Figure FDA0003988796140000024
Wherein
Figure FDA0003988796140000025
Indicating the duration of the attack after detection,
Figure FDA0003988796140000026
is the detected time point;
the comparator judges the maximum residence time h M And with
Figure FDA0003988796140000027
If h is greater than M Is less than
Figure FDA0003988796140000028
Then update
Figure FDA0003988796140000029
Transmission signal (sigma) 12 ) = (1, 0) and packet (t) l ,η(t l ) To the controller and will t l Assign to
Figure FDA00039887961400000210
Namely acquiring the key information of the DoS attack: attack launch time
Figure FDA00039887961400000212
Total number of attacks N 0 Total duration of attack stay D 0 The number of samples attacked and the maximum dwell time h M
The controller controls the switching control gain parameter according to the signal sent by the intelligent logic processor, and generates a second control signal according to the signal sent by the intelligent logic processor and the control gain, specifically:
if the interval [ t l ,t l+1 ) I =1, 2.. No DoS attack, then there is t l+1 =t l + T; the controller is then:
u i (t)=-k 1i η i (t l ),t∈[t l ,t l +T),i=1,2,…m
wherein,m is the number of circuit systems; u. of i (t) is the control input of the ith circuitry, k 1i Is a controller u i (t) a control gain; eta i (t l ) For the ith circuit system at time t l The error state of (a);
if the interval [ t l ,t l+1 ) Subject to DoS attack, there is t l +T<t l+1 ≤t l +h M (ii) a The controller is then:
u i (t)=-σ 1 (t)k 1i η i (t l )-σ 2 (t)k 2i η i (t l ),i=1,2,…m
wherein
Figure FDA00039887961400000211
σ 1 (t)、σ 2 (t) is the first key parameter σ output by the intelligent logic processor 1 Second key parameter σ 2 Is determined by the value of (a) 1i 、k 2i Is the control gain.
CN202210759316.3A 2022-06-30 2022-06-30 Self-adaptive sampling switching control method of complex circuit network system under DoS attack Active CN114995158B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210759316.3A CN114995158B (en) 2022-06-30 2022-06-30 Self-adaptive sampling switching control method of complex circuit network system under DoS attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210759316.3A CN114995158B (en) 2022-06-30 2022-06-30 Self-adaptive sampling switching control method of complex circuit network system under DoS attack

Publications (2)

Publication Number Publication Date
CN114995158A CN114995158A (en) 2022-09-02
CN114995158B true CN114995158B (en) 2023-01-24

Family

ID=83020019

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210759316.3A Active CN114995158B (en) 2022-06-30 2022-06-30 Self-adaptive sampling switching control method of complex circuit network system under DoS attack

Country Status (1)

Country Link
CN (1) CN114995158B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116073982B (en) * 2023-02-07 2024-01-19 中国人民解放军陆军工程大学 Secret communication method and system for resisting DoS attack in limited time

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108258681A (en) * 2018-01-11 2018-07-06 南京邮电大学 The security incident trigger control method of LOAD FREQUENCY control system under a kind of DoS attack
CN109672177B (en) * 2019-01-18 2021-04-27 南京邮电大学 Load frequency quantitative control method based on event trigger mechanism under DoS attack
CN110213115B (en) * 2019-06-25 2022-04-22 南京财经大学 Security control method of event-driven network control system under multi-network attack
US11425163B2 (en) * 2020-02-05 2022-08-23 King Fahd University Of Petroleum And Minerals Control of cyber physical systems subject to cyber and physical attacks
CN112099356B (en) * 2020-09-18 2021-07-27 河南农业大学 Design method of event-driven SDOFQH controller under DoS attack
CN112068441B (en) * 2020-09-18 2021-07-30 河南农业大学 Collaborative design method for security event driver and SDOFR controller
CN112859607B (en) * 2021-01-13 2024-03-19 河南农业大学 Collaborative design method for distributed security event driver and SDOFD controller
CN113625684B (en) * 2021-07-26 2022-08-09 云境商务智能研究院南京有限公司 Design method of tracking controller based on event trigger mechanism under hybrid network attack
CN113467332B (en) * 2021-07-28 2022-05-20 南京市初仁智能科技有限公司 Design method of event trigger controller of information physical system under denial of service attack
CN114326398B (en) * 2021-12-27 2024-04-05 华中科技大学 Control method and control system of linear switching system with unstable mode
CN114489025B (en) * 2022-02-14 2023-07-04 上海交通大学宁波人工智能研究院 Model-driven industrial control system safety protection method

Also Published As

Publication number Publication date
CN114995158A (en) 2022-09-02

Similar Documents

Publication Publication Date Title
Wen et al. Synchronization of switched neural networks with communication delays via the event-triggered control
Li et al. Detection and defense of DDoS attack–based on deep learning in OpenFlow‐based SDN
Molin et al. Price-based adaptive scheduling in multi-loop control systems with resource constraints
CN114995158B (en) Self-adaptive sampling switching control method of complex circuit network system under DoS attack
CN112865752B (en) Filter design method based on self-adaptive event triggering mechanism under hybrid network attack
CN109814381A (en) A kind of Controller Design for Networked Control Systems method based on event triggering
Li et al. A comparative simulation study of TCP/AQM systems for evaluating the potential of neuron-based AQM schemes
CN114415633B (en) Security tracking control method based on dynamic event triggering mechanism under multi-network attack
CN113886225A (en) Unknown industrial control protocol-oriented fuzzy test system and method
Sun et al. Event-triggered H∞ filtering for cyber–physical systems against DoS attacks
CN113452676A (en) Detector allocation method and Internet of things detection system
CN110224852A (en) Network security monitoring method and device based on HTM algorithm
CN110365678A (en) A kind of industry control network protocol bug excavation method based on anti-sample
Yang et al. Event-triggered impulsive control for stability of stochastic delayed complex networks under deception attacks
Zhao et al. Resilient adaptive event‐triggered synchronization control of piecewise‐homogeneous Markov jump delayed neural networks under aperiodic DoS attacks
CN115022205A (en) Cross-network data transmission method applied to high-concurrency scene of massive terminals
Yang et al. Interval type-2 fuzzy sliding mode resilient control via probability-dependent adaptive event-triggered scheme
JP6767434B2 (en) Evaluation device and evaluation method
CN113741198A (en) T-S fuzzy system self-adaptive event trigger state estimation method under random network attack
Ramesh et al. Steady state performance analysis of multiple state-based schedulers with CSMA
EP1578077A1 (en) Data transmission system and data transmission device
CN115562241A (en) Event trigger prediction control method in networked control system
Arce et al. RED gateway congestion control using median queue size estimates
Guo et al. Observer‐based event‐triggered consensus control of nonlinear cyber‐physical systems under backlash‐like hysteresis and denial‐of‐service attacks
Shi et al. Flocking control for Cucker–Smale model under denial‐of‐service attacks

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant