基于PanSec-GNN框架的新型配电系统终端身份欺骗检测研究

胡兴元

中检集团天帷信息技术（安徽）股份有限公司，安徽合肥，231200；

摘要：配电级AMI的大规模部署使智能电表成为身份欺骗的新攻击面。传统加密与阈值检测难以应对凭证泄露及间歇伪装引发的拓扑冲突。针对上述问题，提出一种PanSec-GNN框架：以AMI通信-电气耦合拓扑构建动态图，将欺骗检测转化为节点级异常分类。框架递进式引入GCN捕获邻域一致性、GAT学习边权重聚焦可疑交互，并以GRU-残差STGNN建模时序演化。IEEE-34节点数据集上的7天50次多策略攻击实验表明，PanSec-GNN取得96.1%准确率、94.8%F1，显著优于现有基线；注意力可视化可直接定位身份冲突链路，为运维人员提供可解释告警。

关键词：智能电网安全；身份伪造攻击；图神经网络；注意力机制；时空建模

参考文献

[1]ZibaeiradA,KoleiniF,BiS,etal.Acomprehensivesurveyonthesecurityofsmartgrid:Challenges,mitigations,andfutureresearchopportunities[J].arXivpreprintarXiv:2407.07966,2024.

[2]刘生源,游书堂,尹浩等.电力系统网络安全中的无模型数据认证[J].智能电网汇刊,2020,11(5):4565-4568.

[3]崔宇,白峰,刘勇,等.智能电网中同步相量数据对抗欺骗攻击的时空特征分析[J].电气与电子工程师学会智能电网汇刊,2019,10(5):5807-5818.

[4]EastS,ButtsJ,PapaM,etal.ATaxonomyofAttacksontheDNP3Protocol[C]//InternationalConferenceonCriticalInfrastructureProtection.Berlin,Heidelberg:SpringerBerlinHeidelberg,2009:67-81.

[5]Radoglou-GrammatikisP,SiniosoglouI,LiatifisT,etal.Implementationanddetectionofmodbuscyberattacks[C]//20209thInternationalConferenceonModernCircuitsandSystemsTechnologies(MOCAST).IEEE,2020:1-4.

[6]AbineshR,VGY,TJS,etal.Deepgraphconvolutionneuralnetworkbasedintrusiondetectionsystemtowardsearlydetectionofmaliciousattacks[C]//20248thInternationalConferenceonI-SMAC(IoTinSocial,Mobile,AnalyticsandCloud)(I-SMAC).IEEE,2024:549-554.

[7]TakiddinA,AtatR,IsmailM,etal.Generalizedgraphneuralnetwork-baseddetectionoffalsedatainjectionattacksinsmartgrids[J].IEEETransactionsonEmergingTopicsinComputationalIntelligence,2023,7(3):618-630.

[8]SweetenJ,TakiddinA,IsmailM,etal.Cyber-physicalgnn-basedintrusiondetectioninsmartpowergrids[C]//2023IEEEinternationalconferenceoncommunications,control,andcomputingtechnologiesforsmartgrids(SmartGridComm).IEEE,2023:1-6.