Risk Assessment Of The Power System Considering The Behaviors Of Attackers

In recent years,malicious cyber-attacks against the power system are becoming increasingly frequent,taking the characteristics of attack behavior into risk assessment would be helpful to power system on recognizing the risk situation and taking effective defense measures.The considerations of attack behaviors in current risk assessment of the power system mainly focus on the descriptions of attack process,without the influence of multiple behavior factors on the attack behavior This thesis takes various factors into account,including the subjective intention preference of attackers and the environment information of the power system,and utility-based behavior analysis model is considered into risk assessment.Then,a risk assessment method and defense strategy considering attacker’s behavior are proposed.At last,the causal relationship between risk situation and behavior factors are analyzed in the case studies,and through the result comparison,the significance of considering subjective attack behavior into risk assessment and defense strategy is highlighted.The main works of this paper are as follow:1)The common cyber-attacks against the SCADA system of power system are analyzed.According to the process of cyber-attack and characteristics of human decision-making,the attack behavior is defined as the attack target selection and attack resource allocation which are depended on the attack preference and environmental factors of the power system.The idea of using utility value as the basis of decision analysis for attack behavior is put forward and the utility function to measure the satisfaction of attacker is proposed.According to the regional characteristics of multi-target attack,the Logit model and the utility attenuation model,which are based on utility value,are established to analyze the attack target selection behavior,and the Poisson probability distribution is used to simulated the distribution of the number of attempted attack targets by the attacker.And attack resource allocation behavior is analyzed according to the percentage of target utility.2)Based on the analysis and model of attack behavior,the probability of successful attack and the probability of risk scenario are calculated,a risk assessment method and a defense strategy considering the attacker’s behavior are proposed respectively.Then,the corresponding risk assessment process based on scenario and its strategy solution method based on attackdefense interaction are given.Case studies are carried out based on IEEE-RTS79 system,the workings and effectiveness of the risk assessment method and defense strategy are illustrated by comparing risk results and defense resource allocations under different attack behaviors,and the significance of considering subjective attack behavior in risk assessment and defense strategy on power system security is highlighted by result comparison with different methods.