A power CPS false data attack modeling method based on gene multi-objective evolution

By using a multi-objective evolutionary modeling method for fake data attacks in power CPS, attack genes are generated, optimized, and evolved. This solves the problem of insufficient adaptability of existing models in dynamic environments, realizes flexible and covert attack strategies, and improves the defense capabilities of power systems.

CN122286754APending Publication Date: 2026-06-26ELECTRIC POWER RES INST OF GUANGXI POWER GRID CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
ELECTRIC POWER RES INST OF GUANGXI POWER GRID CO LTD
Filing Date
2026-02-10
Publication Date
2026-06-26

AI Technical Summary

Technical Problem

Existing power CPS fake data attack models cannot quickly adapt and adjust in dynamic environments, causing the attack effect to decay rapidly in complex and ever-changing real power environments. They are difficult to simulate the evolution of attacker behavior, cannot cope with the adjustment of defense strategies, and have limited cross-scenario reusability and environmental adaptability.

Method used

A multi-objective evolutionary modeling method for fake data attacks in power CPS is adopted. By generating, optimizing and evolving attack genes, an attack gene set is constructed. The attack genes are optimized using a multi-objective fitness function. Combined with the encoding of attack chains and covert chains, flexible attack vectors are generated.

Benefits of technology

It enables autonomous upgrades of attack strategies in dynamic power environments, improving the flexibility and stealth of attacks, enhancing attack effectiveness, adapting to adjustments in defense strategies, and increasing the model's practical application value.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122286754A_ABST
    Figure CN122286754A_ABST
Patent Text Reader

Abstract

This invention discloses a multi-objective evolutionary modeling method for fake data attacks in power system CPS (Computer-Powered Systems), belonging to the field of data attack technology. It solves the problem of insufficient attack flexibility in existing technologies, which fails to provide a foundation for power system defense. This invention models attacks through a three-step attack-defense game: attack gene generation, optimization, and evolution. In the gene generation stage, gene encoding technology is used to construct attack gene units from the decoupled attack offset and tag policy matrix, and these units are then assembled into base pair structures by aligning and splicing them. In the gene optimization stage, a multi-objective fitness function is constructed based on concealment and attack effectiveness objectives. Using residuals and attack effectiveness as objectives, a multi-objective collaborative screening between destructiveness and concealment is achieved to obtain optimized genes. In the gene evolution stage, multi-point crossover and single-point crossover operations are used for the attack chain and concealment chain of the optimized genes, respectively, to enhance the attack effectiveness.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of data attack technology, and in particular to a method for modeling fake data attacks in power CPS based on multi-target evolution of genes. Background Technology

[0002] The deep informatization evolution of smart grids has given rise to Cyber-Physical Systems (CPS), which, while significantly improving the operational efficiency and management capabilities of power systems, also faces severe security threats due to the open architecture of the information space and the massive number of terminal accesses. Among these, False Data Injection (FDIA) attacks, with their ability to covertly tamper with measurement values ​​and mislead state estimation and scheduling decisions, have become the most challenging form of attack. To address this, the academic community has evolved from static linear state estimation models to nonlinear weighted least squares and convex programming methods. In recent years, machine learning and reinforcement learning techniques have been introduced, using convolutional neural networks to learn measurement features, adversarial generative networks to synthesize false data, and graph theory to identify vulnerable lines, attempting to build more intelligent attack models. Some studies have even drawn on the adaptive mechanisms of the biological immune system to explore the dynamic evolution of attack strategies and the improvement of defense generalization capabilities. However, existing models are still mostly limited to single-mode construction and cannot fully characterize the intelligent behavioral characteristics of attackers in dynamic game theory, complex adaptation, and cross-layer collaboration.

[0003] Despite the continuous expansion of technological pathways, existing attack modeling methods still suffer from fundamental deficiencies in attack flexibility. Current mainstream models generally rely on fixed scenarios and preset rules for construction. When the topology, operational boundaries, or defense strategies of the target system dynamically change, the model cannot quickly adapt and adjust parameters to generate effective attack vectors, resulting in significantly limited cross-scenario reusability and environmental adaptability. This rigid modeling paradigm not only struggles to simulate the evolutionary behavior of real attackers continuously optimizing their strategies based on system feedback, but also fails to cope with adversarial measures such as defenders proactively adjusting detection thresholds or reconstructing protection architectures. This causes attack effectiveness to rapidly decay in the complex and ever-changing real-world power environment, severely restricting the practical application value of the models.

[0004] Therefore, a modeling method for electric CPS fake data attacks based on multi-objective genetic evolution is needed. Summary of the Invention

[0005] To address the problem that existing technologies lack sufficient attack flexibility and cannot provide a foundation for power system defense, this invention provides a power CPS fake data attack modeling method based on multi-target gene evolution. This method, by designing a power CPS fake data attack model structure based on multi-target gene evolution and combining three key steps—attack gene generation, gene optimization, and gene evolution—enables in-depth modeling and optimization of attack characteristics. The specific technical solution is as follows: A multi-objective evolutionary modeling method for fake data attacks in power CPS includes an attack gene generation stage, a gene selection stage, and a gene evolution stage, as detailed below: Attack gene generation stage: Obtain the randomly generated attack offset and the decoupled label policy matrix, and use gene segmentation encoding to realize the mapping relationship between the genotype representing the attack behavior and the phenotype representing the attack vector, so as to obtain a set of double-stranded attack genes; Gene optimization stage: The set of attack genes is input into the multi-target fitness function and the optimized genes are obtained by solving and filtering. Gene evolution stage: Cross and mutate the attack and concealment chains of the preferred genes to generate attack vectors.

[0006] Preferably, the attack gene generation stage specifically performs the following operations: Input a policy label matrix And preset an attack quantity requirement. The system selects the positions in the matrix that need to be set to the attack state, and dynamically assigns an initial attack offset to each selected attack position, thereby constructing an original attack strategy representation with perturbation characteristics. From the strategy tag matrix Extracting location information to construct an attack chain matrix Each column is allowed to contain at most 100,000 characters. Several attack points, simultaneously, from the policy tag matrix Extracting non-zero numerical information to construct a hidden chain matrix , used to carry attack offset information; Encoding the hidden chain is performed. During the encoding process of the hidden chain, Each element in the code corresponds to a continuous attack offset. The continuous interval containing each offset is divided into several discrete sub-intervals. Each item is quantized and encoded to obtain the covert chain code. The hidden chain matrix is ​​sparsely processed into a fixed-length 0 / 1 sequence according to the topological node order to simulate the switching regulation of gene loci. The gene information encoded by the attack target, attack strategy and attack time is used as the attack chain encoding. The decoupled attack chain code is then concatenated with the covert chain code.

[0007] Preferably, during the splicing process, if any encoding contains an illegal gene fragment that exceeds the preset length or violates the boundary rules, it is directly removed.

[0008] Preferably, the gene selection stage involves the following operations: Randomly selected from the double-stranded attack gene set Individual genes constitute the initial population; The attack chain and the covert chain are decoded separately: the attack chain is encoded and decoded into an attack perturbation term, and the covert chain is encoded and converted into an attack policy mask. Finally, the attack perturbation term and the attack policy mask are combined, and the actual attack measurement vector is constructed through element-wise multiplication. ; Attack measurement vectors generated by double-chain decoding Inject raw measurement data to construct attack measurements ; Construct a multi-target fitness function, with the optimization objective being to maximize the attack effect; The attack genes in the double-stranded attack gene set are selected and screened using a multi-objective fitness function to identify high-quality genes.

[0009] Preferably, the multi-objective fitness function is expressed as follows: in, This indicates the number of attack nodes that the attacker selects and controls at a given moment. This is the upper limit threshold for the attack scale, and it is a system preset parameter; Indicates the first Standardized residuals at each measurement point; Indicates the first The residual values ​​corresponding to each measurement point. This indicates the first [item] in the constructed attack measurement data. One component; attack measurement The obtained state estimate; This is the measurement matrix used in power CPS state estimation; This represents the average residual of the i-th measurement point within the statistical window; Indicates the first The first sampling The residual values ​​at each measurement point; Number of samples; This represents the standard deviation of the residual at the i-th measurement point.

[0010] Preferably, the attack genes are selected and screened using a fitness function. The specific process for screening high-quality genes is as follows: First, the overall fitness value of all individuals in the initial population is normalized, the fitness value is mapped to the corresponding probability weight, and a virtual "roulette" structure is constructed. By using inverse weighting, individuals with low fitness are given a higher probability of selection; The fitness function guides the solution toward the global optimum.

[0011] Preferably, during the gene evolution stage, the attack offset of the concealed chain adopts single-point crossover, while the strategy tag of the attack chain adopts multi-point crossover.

[0012] Preferably, the following operations are performed during the gene evolution stage: In a continuous parameter space, local gene exchange is performed; in a discrete topological space, multiple gene breakpoints are randomly selected, and parent gene segments are exchanged alternately in odd and even order. Mutations are made at specific locations in an individual's genes, as follows: in, It is a genetically modified individual. It is the current genetic individual, It's the mutation amount. It is the mutation amplitude coefficient; The constraints are constructed, including physical constraints and hidden constraints. The physical constraints ensure line capacity limits and node power balance, while the hidden constraints include residual thresholds and limits on the number of attack nodes.

[0013] A computer-readable storage medium includes a stored program, wherein, when the program is executed, it controls the device on which the computer-readable storage medium is located to perform the electric CPS fake data attack modeling method for multi-objective genetic evolution as described above.

[0014] A processor for running a program, wherein the program, when running, executes the electric CPS fake data attack modeling method for multi-objective genetic evolution as described above.

[0015] Compared with the prior art, the beneficial effects of the present invention are as follows: This invention models attack in a game of offense and defense through a three-step process: attack gene generation, optimization, and evolution. It generates an attack gene set based on gene encoding, optimizes attack genes using a multi-objective fitness function, and then performs selection, differential crossover, and mutation operations on the optimized genes to obtain the optimal attack gene. In the gene generation stage, an attack gene is defined as a complete attack sequence containing key attributes such as attack target, offset, and time. Using gene encoding technology, the decoupled attack offset and tag strategy matrix are constructed into attack gene units, which are then assembled into a base pair structure to obtain the attack gene set. In the gene optimization stage, a multi-objective fitness function is constructed based on stealth and attack effect objectives. By introducing two parameters into the objective function and using residual terms to achieve implicit association, the weights are continuously adjusted to achieve multi-objective collaborative screening between destructiveness and stealth, with residuals and attack effect as objectives, to obtain the optimized gene. In the gene evolution stage, multi-point crossover and single-point crossover operations are used for the attack chain and stealth chain of the optimized gene, respectively, to enhance the attack effect. The optimal attack gene sequence obtained through evolution is decoded and mapped into an attack gene vector. Attached Figure Description

[0016] To more clearly illustrate the specific embodiments of the present invention or the technical solutions in the prior art, the accompanying drawings used in the description of the specific embodiments or the prior art will be briefly introduced below. In all the drawings, similar elements or parts are generally identified by similar reference numerals. In the drawings, the elements or parts are not necessarily drawn to scale.

[0017] Figure 1 This is a flowchart of the method of the present invention; Figure 2 FDIA attack model structure for multi-target evolution of genes - attack gene generation; Figure 3 FDIA attack model structure for multi-target evolution of genes - optimal selection of attack genes; Figure 4 FDIA attack model structure for multi-target evolution of genes - attacking gene evolution; Figure 5 To attack gene structure; Figure 6 Flowchart for attack gene generation; Figure 7 Flowchart for optimizing attack genes; Figure 8 This is a normalized residual plot; Figure 9 A comparative diagram of stealth under different attack modeling methods; Figure 10 A schematic diagram comparing the stealth capabilities of different attack modeling methods in the IEEE 118 system; Figure 11 This is a comparison chart of the changes in state values ​​before and after the attack; Figure 12 This is a comparison chart of the changes in state values ​​before and after the IEEE118 attack; Figure 13 This is a distribution diagram of the overload rate of each line in the IEEE 33-node system after the attack. Figure 14 A schematic diagram showing a comparative analysis of key indicators of the IEEE 33-node power system before and after the attack. Figure 15 A heatmap showing the relationship between attack genes and normal data; Figure 16 Comparison of attack success rates under different attack scenarios; Figure 17 Comparison of attack success rates of IEEE 118 under different attack scenarios; Figure 18 A comparative chart showing the evolutionary trends of the fitness of attack gene chains. Detailed Implementation

[0018] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0019] It should be understood that, when used in this specification and the appended claims, the terms "comprising" and "including" indicate the presence of the described features, integrals, steps, operations, elements and / or components, but do not exclude the presence or addition of one or more other features, integrals, steps, operations, elements, components and / or collections thereof.

[0020] It should also be understood that the terminology used in this specification is for the purpose of describing particular embodiments only and is not intended to limit the invention. As used in this specification and the appended claims, the singular forms “a,” “an,” and “the” are intended to include the plural forms unless the context clearly indicates otherwise.

[0021] It should also be further understood that the term "and / or" as used in this specification and the appended claims refers to any combination of one or more of the associated listed items and all possible combinations, and includes such combinations.

[0022] The following is combined Figures 1-18 The specific implementation methods of this invention will be further explained below.

[0023] False Data Injection (FDIA) attacks are a form of attack targeting power cyber-physical systems (CPS). They inject carefully designed attack vectors into the power system, posing a serious threat to power system security due to their high degree of stealth and destructiveness. To prevent future evolving attack forms and provide a foundation for power system defense, one embodiment of this invention provides a multi-objective evolutionary modeling method for false data injection attacks in power CPS. This method achieves autonomous upgrades of attacks within the power system through attack gene generation, optimization, and evolution. The specific model framework is as follows: Figure 1 As shown, it mainly includes three key parts: attack gene generation, attack gene selection, and attack gene evolution. Its principle is: (i) In the attack gene generation stage, the randomly generated attack offset is decoupled from the label strategy matrix and used as input. Gene segmentation encoding is used to realize the mapping relationship between the genotype representing the attack behavior and the phenotype representing the attack vector, thereby obtaining a set of double-stranded attack genes.

[0024] (ii) In the gene selection stage, the set of attack genes is input into a multi-objective fitness function for selection. This function comprehensively considers two objectives: the stealth and the destructiveness of the attack. To this end, the attack offset is used to quantify the stealth, and the strategy label matrix measures the destructive effect brought about by the attack. The optimal genes are obtained by solving and screening.

[0025] (iii) In the gene evolution stage, the optimized genes are input into the gene evolution algorithm, and the attack effect is further evolved through differential crossover, thereby obtaining an evolutionary attack and realizing the generation of attack gene vectors.

[0026] The three stages are explained in detail below: (a) Attack gene generation stage An attack gene is a structured coding model that injects key attack characteristics into false data. It includes elements such as attack target, attack time, attack strategy, and attack intensity, precisely describing "when and where to attack, and with what force," thus constructing a systematic characterization of attack behavior. In nature, it is a genetic coding carrier of attack behavior, inheriting constraints such as the number of measurements and time steps in power system attack scenarios, while also possessing the unique mutation capabilities (adjusting intensity and replacing targets) and combination capabilities (forming complex schemes through gene chain cross-linking). Thus, the attack gene is both bound by rules and capable of dynamic change. In terms of function, its value lies in two dimensions: first, by precisely coding and comprehensively covering the destructiveness and concealment of attacks, it achieves a complete mapping of multiple attack attributes; second, relying on mutation and combination characteristics, combined with a two-dimensional design, it provides flexible optimization space for attack strategies, enabling evolutionary attacks.

[0027] From a formal perspective, attack genes It is The matrix represents the attack strategy over n time steps, where m represents the number of attack measurements and n represents the number of attack time steps. The dimensions of the matrix directly define the scale and time span of the attack; non-zero values ​​in the matrix represent the attack intensity. The entire matrix represents the attack strategy over n time steps, transforming the abstract attack logic into a quantifiable and structured form.

[0028] The attack gene structure consists of two parts: the attack chain and the stealth chain. The structure at a certain attack moment is as follows: Figure 5 As shown, the attack chain is responsible for disrupting the logic, while the covert chain is responsible for control. When the two are bound together, they form a complete and flexible attack structure, describing an attack that can both "hurt the system" and "hide itself".

[0029] An attack chain contains fragments of an attack strategy matrix, with each position corresponding to a specific attack label representing the selection of the attack target, the temporal characteristics of the attack, and other elements related to the attack strategy. The attack chain clearly expresses the organizational form of the attack in the spatial and temporal dimensions, characterizing the destructive characteristics and execution path of the attack. The dimension of the attack chain is set to... .

[0030] The covert chain corresponds to the attack offset at each attack point, which is the attack strength, i.e., the degree of perturbation relative to normal data, used to control the stealth of the attack. By controlling the size of the offset, the attacker can make the attack as covert as possible while ensuring the attack effect. Each offset value is a floating-point number, which follows a uniform distribution in the range [0-100], and each attack offset occupies 7 bits.

[0031] To achieve structured and scalable characterization of attack genes, this embodiment presents a method for generating attack genes, the specific generation process of which is as follows: Figure 6 As shown. The main task is to process the input data through a split encoding method, constructing a covert chain and an attack chain separately, thereby generating a dual-chain attack gene with discriminative and optimization potential, and finally obtaining a complete attack gene set.

[0032] (1) Input the policy matrix with offset First, a policy label matrix is ​​randomly initialized. This matrix represents the attack status of each channel or node. During initialization, a preset attack quantity requirement is established. The number of attack channels determines the positions in the matrix that need to be set to the attack state. At the same time, an initial attack offset is dynamically assigned to each selected attack position. This offset is randomly generated according to a Gaussian distribution, thereby constructing an original attack strategy representation with perturbation characteristics.

[0033] Where m represents the dimension of the attack target and n represents the number of time steps.

[0034] (2) Semantic decoupling To achieve decoupled representation of structural features and attack behaviors in the input information, this embodiment performs a separation operation on the numerical values ​​and structure of the random input matrix. Specifically, positional information is first extracted from the original input to construct an attack chain matrix. Each column is allowed to contain at most 100,000 characters. There are several attack points. Let represent the number of targets into which perturbations can be injected simultaneously. To avoid overly dense attack chains, a column constraint strategy is introduced: when the number of non-zero elements in a column exceeds 100... At that time, only the largest value is retained. The first term is set to zero, and the rest of the terms are set to zero, thus achieving sparsity control.

[0035] At the same time, non-zero numerical information is extracted from the original matrix to construct the hidden chain matrix. This structure is used to carry attack offset information, enabling separate modeling of information carrying and perturbation injection. Through this structure, the attack offset and policy label respectively correspond to... and The two coding branches provide a unified representation framework for subsequent gene coding and structured characterization, effectively improving the flexibility and interpretability of the attack gene.

[0036] in, It is the original random input matrix, which contains structural information, i.e. which positions are selected as attack points; and numerical information, i.e. the attack offset of the corresponding position. For matrix The Line 1 Column element. If it is 0, it means that the position is not an attack point; otherwise, it means that there is a disturbance injection at the position. This is an indicator function; it takes the value 1 if the condition is true, and 0 otherwise. and It is the matrix dimension, which can usually be understood as It is the number of candidate attack points. It refers to the target of the attack or the attack chain. For matrix The total number of non-zero elements, which is the total number of attack points or genes actually activated. Let be the hidden chain vector, with length . It carries from The attack offset gene extracted from the data is used to achieve separate modeling of information carrying and disturbance injection location.

[0037] in, Encode the attack offset vector. For encoding length, a common setting is... , is the length of a candidate set after it is numbered. For the first The offset value of each encoded position. For the structure mask, This indicates that the location has been selected as an attack point where disturbances can be injected. This indicates that no disturbance will be injected at this location. It is a random distribution function used to generate the amplitude of the disturbance. and These are the mean and variance of the distribution, used to control the center and dispersion of the attack offset.

[0038] in, The attack chain matrix is ​​constructed from positional information and only expresses the structure, not the magnitude. For the first matrix Column, representing the first The selection of attack points for each target. For the first Liede The row's structure value, equal to 1, indicates that the attack point is selected. This indicates the maximum number of attack points allowed in each column. The truncation operator sorts the values ​​in the column from largest to smallest, keeping the top-K and setting the rest to 0.

[0039] in, This represents the sparse attack chain matrix after applying column constraints. Indicates the first The number of 1s in a column represents the density of the selected attack chains in that column. The logical implication of this formula is that if the number of attack points in a column does not exceed a certain threshold... Then the original structure is maintained. If it exceeds Use Top-K truncation to retain only the most... One attack point is set, and the rest are set to 0, thus avoiding an overly dense attack chain. (2) Hidden chain encoding The covert chain is encoded based on the attack offset to ensure the stealth of the attack. During the encoding process of the covert chain, Each element in the matrix corresponds to a continuous attack offset. To map these offset values ​​into a discrete, operable gene form, this embodiment employs binary gene encoding technology, dividing the continuous interval containing each offset value into several discrete sub-intervals, and quantizing and encoding each item. Specifically, the offset is... In the measured boundary interval Perform uniform quantization on it and map it to A binary encoded segment. The discrete values ​​of the attack offset are calculated as follows: Where s is the number of quantization bits, , The measured value represents the amplitude boundary. And... This represents the discretized hidden chain gene encoding value, which is the offset of the continuous attack. The integer gene values ​​obtained after normalization and uniform quantization are discrete gene expression forms used for genetic evolution operations in the hidden chain.

[0040] (3) Attack chain encoding The attack chain primarily describes the destructive characteristics of an attack, including information such as the attack target, timing, and strategy. Since the strategy tag matrix is ​​discrete and contains temporal and spatial information (e.g., attacking a specific node at a certain time, specifying which node is attacked), the discrete matrix is ​​sparsified according to the topological node order into a fixed-length 0 / 1 sequence. This simulates the switching and regulation of gene loci, and the gene information encoded by the attack target, attack strategy, and attack timing is used as a bigenetic attack chain. Specifically, it is represented as follows: in, Indicates the gene locus of the attack chain, and indicates the first gene locus in the attack chain. In the first attack phase, the... The binary attack gene locus corresponding to the candidate attack target. If the value is 1, it means that the binary attack gene locus is at the nth candidate attack target. The first stage, for the first The attack strategy is executed on each target node. If the value is 0, it means that no attack is executed at that location.

[0041] (4) splicing Finally, in order to construct a fixed-length attack gene sequence with double-stranded characteristics, this embodiment encodes the decoupled attack strand. With hidden chain encoding The genotype representation is assembled into a "base pair" structure. During the assembly process, any encoding containing an illegal gene fragment exceeding the preset length or violating boundary rules is directly removed to ensure structural consistency.

[0042] in, It is the result of the attack chain encoding. It is the result of hidden chain encoding. The target length during splicing. This represents the attack chain gene sequence, a binary structured gene sequence obtained from the attack chain encoding, derived from the attack chain encoding result. The rearrangement. The hidden chain gene sequence represents a discrete numerical gene sequence obtained by encoding the hidden chain, which is formed by quantizing and binary encoding the continuous attack offset. , representing the single-strand gene length, indicating the uniform gene length of the attack strand and the hidden strand before splicing.

[0043] (II) Gene Selection Stage Due to the influence of randomness and diversity in the design during the generation of attack genes, not all individuals in the generated attack gene set are effective. Some genes may fail to meet the constraints of attack injection or, under the system state estimation algorithm, may not achieve sufficient stealth and destructiveness, leading to injection failure. Therefore, after obtaining the attack gene set, it is necessary to select the optimal attack gene through multi-objective collaborative optimization. In this stage, attack offset and attack strategy label are encoded as gene parameters. The attack offset represents the perturbation to the measurement data, and the attack strategy label determines which nodes or data are attacked and when. These parameters, after gene encoding, are input into the optimization module for screening. In the optimization stage, the objective function consists of two parts: attack stealth and destructiveness. Through a combined objective function with two parameters, these two are quantified and collaboratively optimized to achieve an effective trade-off between stealth and destructiveness, ultimately selecting the optimal attack gene. The specific operation process is as follows: Figure 7 As shown.

[0044] (1) Initialize the population To construct the initial solution set, this embodiment randomly selects from the encoded double-stranded attack gene sequence. Individuals with 10 genes constitute the initial population. Let the initial population be represented as... Each of them This represents a legitimate attack gene individual, containing joint encoded information of the attack chain and the covert chain. This represents the representation space of a single attack gene individual, where 1 indicates that the gene individual is stored as a row vector. Indicates the total length of the double-stranded gene, the first... The position is the attack chain gene, after which... The position is a hidden chain gene. This represents the initial generation 0 attack population. This initial population serves as the starting point for the genetic algorithm's search and participates in subsequent fitness evaluation, selection, crossover, and mutation operations, gradually evolving to obtain a better combination of attack genes.

[0045] (2) Calculate individual fitness After initializing the population, to guide the evolutionary direction of the attack genes, the fitness of each individual attack gene needs to be assessed. The dual objectives of the attack behavior—stealth and destructiveness—must be considered.

[0046] (3) Double-stranded gene decoding To complete the behavioral expression of the attack gene, the selected attack gene individual needs to be decoded to restore its encoded form into an executable attack vector, facilitating subsequent fitness evaluation and attack effectiveness verification. Given the differences in the expressive meaning of the attack chain and the hidden chain, they are decoded separately. Specifically, the attack chain encoding... Decoded into an attack perturbation vector And hidden chain encoding The structure control signal is converted into an attack strategy mask. Finally, by combining the decoding structures of the two chains, the actual attack measurement vector is constructed through element-wise multiplication. in, This vector represents element-wise product. It represents the attack information to be injected and can be directly injected into the original measurement data.

[0047] (4) Construct attack measurement Due to the attack gene vector generated by double-chain decoding Inject it into the raw measurement data In the middle, construct attack measurement ,Right now: in, These are the original attack measurements. This is the attack gene vector. (Constructed) State estimation is performed, which is then used for attack assessment and fitness calculation.

[0048] (5) Constructing a multi-objective fitness function In this model, attack offset and policy label are two optimization objectives. Attack offset optimizes stealth, while attack label optimizes attack effectiveness. Specifically, the attack policy label is actually the node controlled by the attacker at a certain moment. Its optimization objective is to select some high-impact, low-visibility attack points so that the attack can significantly change the system state. The optimization objective is to maximize the attack effectiveness, expressed as: in, Indicates the first The residual values ​​corresponding to each measurement point are used to characterize the deviation between the system measurements and model predictions after the attack. This indicates the first [item] in the constructed attack measurement data. Each component. attack measurement The obtained state estimate. This is the measurement matrix in power CPS state estimation, which describes the mapping relationship between system state and measurements.

[0049] in, This represents the average residual of the i-th measurement point within the statistical window. Indicates the first In the second sampling, the first The residual values ​​of each measurement point. The number of samples. Let represent the standard deviation of the residual at the i-th measurement point. This formula describes the dispersion of the residual and measures whether the perturbation introduced by the attack is abnormally significant. The smaller the standard deviation, the less likely the attack is to be detected by traditional residual detection methods. The standard deviation is used to normalize the attack effect and constrain its concealment.

[0050] in, This indicates the number of attack nodes that the attacker selects and controls at a given moment. This is the upper limit threshold for the attack scale, a system preset parameter. Indicates the first The standardized residuals of each measurement point amplify the systematic bias without significantly increasing the residual volatility.

[0051] The attack offset directly controls the strength of the spoofed data injection. By perturbing the measured values ​​(line power), it causes the system state estimate to deviate from the true value. The optimization objective is to minimize the L2 norm of the residuals, making the attack as covert as possible and bypassing residual detection. This is expressed as: in, This represents the estimated system state before the attack. This represents the estimated state of the system after the attack. This represents the perturbation value injected into the system by the attacker, i.e., the attack offset of false data. Its function is to change the system's state estimate by perturbing the measurement value, thereby affecting the estimate without being detected. The optimization goal is to make this offset value as concealed as possible, bypassing residual detection.

[0052] The two objective functions above are inherently conflicting, so weights are designed to balance them and achieve the search for the optimal solution. The final comprehensive optimization objective is specifically expressed as follows: in, This is a trade-off coefficient between attack effectiveness and stealth. This represents the attack offset vector injected by the attacker into the power CPS measurement data. It directly affects the measurement value and is used to control the strength and magnitude of the spoofed data injection. This represents the set of attack nodes or the scale of an attack selected and controlled by the attacker at a certain moment, corresponding to the activated gene loci in the attack chain gene.

[0053] (6) Roulette selection This study uses a fitness function to select and screen attack genes, identifying high-quality genes to guide subsequent search directions. It achieves multi-objective optimization by balancing concealment and destructiveness using a multi-objective fitness function. The selection operation employs a roulette wheel selection mechanism to select individuals with higher fitness from the population for mating, providing a high-quality gene pool for subsequent crossover and mutation.

[0054] In this process, the overall fitness value of all individuals in the population is first normalized, mapping the fitness value to a corresponding probability weight, and a virtual "roulette" structure is constructed. The overall fitness function considers the trade-offs of multiple objectives, assigning higher selection probabilities to individuals with low fitness through inverse weighting, thereby avoiding the preferential selection of local optima and promoting global search.

[0055] in, Indicates the first The probability of selecting an individual with an attack gene. Indicates the first An individual with an attack gene. The first value is calculated by the comprehensive fitness function. The fitness of an individual with an attack gene. For inverse fitness weights, it represents the weight of the first... The fitness gap between each individual and the optimal individual. This is a normalization factor used to normalize the inverse weights of all individuals into a probability distribution. This represents the current maximum fitness value of the population. This represents the total number of individuals in the current population. A reverse weighting method assigns higher selection probabilities to individuals with low fitness. The roulette wheel algorithm achieves wide-area exploration under weak selection pressure through global probability allocation, preventing local elite individuals from prematurely dominating the population. This allows for the full exploration of potential high-quality solutions within the continuous space of attack offsets and the discrete combination space of attack tags, and guides the population towards the global optimum through fitness function selection.

[0056] (III) Stages of Gene Evolution After completing gene selection, this study employs a differential genetic evolution algorithm to iteratively evolve the attack genes. This is necessary due to two core characteristics of attack genes: combinatorial nonlinearity and environmental dependence. The effectiveness of attack genes is not a simple superposition of single-dimensional features, and the dynamic upgrading of the defense system can cause selected genes to quickly become ineffective. Therefore, the algorithm can optimize attack genes through improved crossover and mutation operations using genetic algorithms to generate more adaptive attack vectors. Specific operations are shown in Table 1. The goal of this part is to fully exploit the potential of attack genes through differentiated evolutionary strategies, thereby improving attack effectiveness and stealth.

[0057] Table 1 Attack Vector Generation Algorithm Based on Differential Gene Evolution (1) Differentiated crossover Traditional crossover operations typically involve randomly exchanging gene segments between two parent individuals. Differential crossover, however, selectively crossovers specific parts of the gene to attack, based on optimization requirements for attack effectiveness and stealth. In the process of gene evolution, the design of crossover operations profoundly reflects the shift towards continuous attack bias. Discrete attack strategy tags The differential optimization logic employs different cross-strategies for the spatial characteristics and physical semantics of the two types of parameters. Specifically, single-point cross-crossing is used for the attack offset of the hidden chain, while multi-point cross-crossing is used for the strategy label of the attack chain, to adapt to the different characteristics of attack offsets and attack strategy labels. In particular, within the continuous parameter space, through local gene exchange, the validated binary patterns in the attached hidden chain are preserved, generating offspring with gradient inheritance characteristics. Local optimization patterns are retained within the continuous space to ensure a smooth transition of attack offsets. Its manifestation is as follows: in, This indicates that the offspring hidden chain gene sequence generated through a single-point crossover operation is a binary encoded gene after quantization of continuous attack offsets. and These represent the hidden gene sequences of the two parent individuals participating in the crossover operation, which are decoded from the attack gene individuals that entered the mating pool through roulette wheel selection in the previous generation population. is the length of the hidden chain gene, representing the total length of the attack offset encoding in the hidden chain. This indicates a randomly swapped position.

[0058] In a discrete topological space, multiple gene breakpoints are randomly selected, and parent gene fragments are swapped alternately in odd and even patterns to stimulate attack path diversity, explore non-neighborhood attack node combinations, and avoid detection risks in highly redundant measurement regions. This is represented as: in, This represents the gene sequence of the offspring attack chain generated through multi-point crossover operations, used to describe the combination of attack targets, attack times, and attack paths in the offspring attack scheme. and These represent the generations of parent 1 and parent 2 respectively in the first and second generations. The corresponding attack chain gene fragments within each breakpoint interval. This is a gene fragment index, representing the sequence number of the current gene fragment. When the number is odd, it inherits the gene segment from parent 1. When the number is even, it inherits the gene segment from parent generation 2. The number of multi-point crossover breakpoints represents the number of randomly selected gene breakpoints, used to control the perturbation intensity and structural diversity of attack chain crossovers.

[0059] (2) Variation After the crossover operation, the mutation operation introduces random perturbations into the evolutionary process, breaking local convergence and increasing the diversity of the population. Specifically, this study adopts a basic mutation strategy, which mutates some positions of individual genes to ensure that diversity is maintained while avoiding early convergence, thereby improving the robustness and optimization efficiency of the algorithm.

[0060] in, It is a genetically modified individual. It is the current genetic individual, It's the mutation amount. It is the mutation amplitude coefficient.

[0061] (3) Physical constraints The constraints mainly consist of physical constraints and hidden constraints. Physical constraints ensure line capacity limits and node power balance, while hidden constraints include residual thresholds and limits on the number of attack nodes. Details are as follows: , .

[0062] in, Indicates the first The actual transmission power of the transmission line under attack conditions. Indicates the first The maximum allowable transmission capacity of each transmission line. The meaning is to ensure that false data attacks will not cause the line power to exceed the physical capacity limit, avoid triggering overload protection or scheduling alarms, and ensure that the attack plan is feasible at the physical level. Indicates the first The amount of active power injected into each node. This represents the active load power of each node in the system. This represents the line loss power generated during the power transmission process of the system. The meaning is to ensure that the system as a whole satisfies the law of power conservation before and after the attack, to ensure that the attack injection will not disrupt the basic operating balance of the power system, and to improve the credibility of the attack results in state estimation and power flow calculation. For residual threshold constraints, This represents the measurement residual vector obtained by the system under attack conditions, and is usually defined as the difference between the measured value after the attack and the predicted value of the state estimate. The L2 norm of the residual vector is used to measure the overall residual magnitude. This indicates the residual threshold set by the system's residual detection mechanism. This represents the attack strategy vector, where non-zero elements represent the measurement points being attacked. This represents the L0 norm of the vector, i.e., the number of attacking nodes. This indicates the maximum number of nodes that can be attacked simultaneously.

[0063] The effectiveness of the gene multi-objective evolutionary power CPS spoofing attack modeling method is verified on the IEEE-14 and IEEE-33 node systems using NYISO (2020) load data, MATLAB R2022a, and MATPOWER 7.0.

[0064] The experimental setup is as follows: Load data: This experiment used load data published by the New York Independent System Operator (NYISO, 2020). Continuous power flow calculations were performed on the bus system using MATPOWER 7.0. Load simulations were conducted on the IEEE 14, IEEE 33, and IEEE 118 node power systems using MATLAB R2022a. For each timestamp, the load values ​​were proportionally allocated and scaled to the bus based on their initial values, and power flow algorithms were executed. Measured data collected by the SCADA (Supervisory Control and Data Acquisition) system included bus active power, bus reactive power, branch power flow, and bus voltage.

[0065] Initial setup: The simulated system model is an IEEE 14 and IEEE 33-node communication model, where the threshold... The genetic algorithm is configured with 1e-3 hyperparameters as follows: population size 50, number of evolutions 100, and mutation rate 0.05. The server environment is configured as follows: RTX 4060 graphics card, 24 GB of RAM.

[0066] Evaluation criteria: There are four basic indicators in the attack task, namely the concealment indicator, the attack success rate, the state estimation error, and the line overload indicator. (1) The concealment indicator measures the degree of concealment of the attack in the power system. Attackers usually hope to reduce the deviation of the system state estimation by reducing the residual caused by the attack. (2) The attack success rate measures whether the attack strategy can successfully destroy the system within a predetermined time. The attack success rate is whether the deviation of the state estimation value after the attack from the normal state value exceeds a set threshold. (3) The state estimation error refers to the difference between the system state estimation value after the attack and the real state. (4) The line overload measures whether the load of the critical line exceeds the thermal stability limit after the power flow transfer caused by the attack. This indicator directly reflects the impact of the attack on the safe operation of the power system and is an important supplement to the destructive assessment. In the false data injection attack, the attacker's goal is to make the system state estimation deviate from the real state, causing system instability or wrong decision-making. Therefore, the comprehensive use of these four evaluation indicators helps to more comprehensively evaluate and improve the attack strategy, especially in the application of large-scale power CPS systems.

[0067] Concealment assessment experiment: To verify the stealth of the proposed method, the following experiments were designed in this section. Four different attack methods were used in the simulation, and the stealth of each attack method was evaluated by analyzing the residual graph and threshold. The experimental results are as follows: Figure 8 As shown, the four different attack strategies exhibit different performance characteristics. Traditional attacks ( Figure 8 Although Figure a) maintains a minimum normalized residual below 0.05, its residual fluctuations are large, indicating poor concealment of the strategy. In contrast, a single strategy ( Figure 8 Figure b) and single offset ( Figure 8 Figure c) shows an increase in the range of residuals, but some residuals remain prominent at certain times, indicating that its attack concealment is still relatively weak. Overall, the residual values ​​are smaller at most times, and the concealment is improved compared to the former, but it still does not achieve the ideal concealment effect. Finally, the attack mode combining offset and strategy ( Figure 8Figure d) demonstrates the strongest attack concealment, with the minimum normalized residual remaining between 0 and 0.02. Its stable residual value and low volatility indicate that, compared to other methods, the offset-policy combination attack approach represents a breakthrough in concealment, proving its effectiveness in power grid attacks. Therefore, the offset-policy combination attack approach may be a relatively effective attack strategy, showcasing the potential advantages of gene attack models in power grid attacks.

[0068] For different attack modeling methods, the L2 norm of the residuals is used to show the effectiveness and stealth of each attack strategy. Figure 9 Data shows that the residual L2 norm exhibits significant differences as attack methods evolve. Specifically, while traditional methods offer some concealment, the relatively large residuals limit the attack success rate. In contrast, single-chain methods improve concealment, but the improvement is limited. The dual-chain combined attack mode demonstrates superior performance; for example, with 14 nodes, the residual value is reduced to 1.83 × 10⁴, a 40.3% reduction compared to traditional methods. In summary, the experimental results verify the superior concealment performance of the dual-chain gene attack method combining offset and strategy, further demonstrating the effectiveness of the multi-objective evolutionary mechanism proposed in this embodiment for attack modeling of power CPS systems.

[0069] The above verification of concealment was only conducted on IEEE 14-bus and 33-bus small-scale power grid systems. This limited test scale cannot fully evaluate the model's performance in larger-scale power grids. Especially when facing large-scale power grids, the model's stability and practicality may be challenged by the system's complexity and scale. Therefore, to better verify the model's robustness and applicability in real-world large-scale power grids, we used the IEEE 118-bus power grid system for testing, such as... Figure 10 As shown, its residual value decreased to 1.45 × 10⁻⁶. 4 This represents a 45.8% reduction compared to traditional methods. This significant improvement demonstrates that the double-stranded gene attack method not only excels in concealment but also significantly reduces its impact on the system.

[0070] (2) Attack effect evaluation experiment In this experiment, spoofing attacks were performed on IEEE 14-node and IEEE 33-node systems. The state estimation results before and after the attacks were compared and analyzed to assess the impact of the attacks on the system state. The experimental results are as follows: Figure 11As shown, significant deviations in the system state after the attack were observed in both the IEEE 14-node system (Figure a) and the IEEE 33-node system (Figure b), demonstrating the destructive nature of the false data injection attack. In the IEEE 33-node system, the deviations after the attack were more pronounced, with larger fluctuations, indicating a stronger attack effect. Compared to traditional methods, the double-stranded gene attack method strikes a balance between stealth and attack effectiveness, resulting in improved attack performance. Overall, the optimized attack gene selection enhances the attack effect, further validating the effectiveness of this method in different systems.

[0071] In the preceding section, we validated the attack effectiveness using IEEE 14-node and 33-node systems. However, experiments conducted only in small-scale power grid systems cannot fully reflect the applicability of the proposed method in large-scale power grid environments. Therefore, this study further extends the testing scope to the IEEE 118-node system and evaluates it under the same metrics. Figure 12 As shown, under large-scale complex network conditions, the state variables before and after the attack still exhibit significant differences. After the attack, the state shift of some nodes reaches approximately -0.75, and the state changes before and after the attack show significant fluctuations in the time series. The post-attack state values ​​are uniformly distributed within a low range, indicating that the proposed method can maintain high consistency throughout the time series. These results demonstrate that the proposed method not only has significant attack effectiveness in large-scale power grid scenarios but also exhibits strong applicability and robustness, providing strong support for its application in complex power grid systems.

[0072] (3) Analysis of the impact of circuit overload based on attack genes This embodiment primarily targets the manipulation of the system's active power vector, constructing a disturbance and inputting it into the system state estimation module. This achieves potential interference with the power flow of the power grid. During the attack, without triggering the detection mechanism, the attack significantly interferes with the state estimation results, causing the dispatch center to make incorrect judgments based on the falsified power distribution. Due to the active power distribution shift caused by the attack, some lines that were originally operating within the safety boundary are misjudged as having low load under the false power flow estimation, when in fact they are carrying more power, potentially inducing severe power flow shifts and line overload risks.

[0073] To assess the physical impact of this attack strategy, this embodiment calculates the power flow distribution based on the estimated state after the attack and compares it with the line's rated power (set at 1.2 pu). Taking IEEE 33 nodes as an example, the results are as follows: Figure 13The results show that under the dual-chain attack strategy, several critical lines exhibited significant overload. Lines 1–2 and 18–33 had the highest overload rates, with maximum power flows reaching approximately 1.39 PU and 1.31 PU, respectively, corresponding to overload rates of 84.4% and 64.0%. Furthermore, several other lines, including lines 2–3, 10–11, and 2–19, also had overload rates exceeding 40%, indicating that the attack triggered a significant power flow redistribution in the system. Simultaneously, a large discrepancy existed between the estimated load and the actual load at some nodes, further confirming that this attack strategy, while maintaining strong concealment, also possesses a certain degree of physical destructive capability.

[0074] (4) Quantitative assessment of the impact of attack genes on the economy and stability of power systems In this experiment, we not only evaluated the stealth and effectiveness of the attack gene from an informational perspective, but also conducted a comprehensive quantitative analysis of the actual impact of the attack on the power system by introducing key indicators such as scheduling cost, number of voltage-limit-overrunning nodes, and wind power curtailment rate. Figure 14 As shown, the attack significantly negatively impacted the system's economy and stability. Firstly, the change in dispatch costs was most pronounced, rising to 190.72 yuan after the attack, a significant increase compared to the normal 50.55 yuan. This indicates that the attack exacerbated the complexity of power system dispatch, leading to a substantial decrease in the economic efficiency of power dispatch. This is likely due to the uneven distribution of power resources caused by the anomaly in the dispatch system, resulting in a substantial increase in optimization costs. Regarding voltage stability, the number of nodes exceeding voltage limits increased from 21 to 27 after the attack, indicating that the attack disrupted system stability, with more nodes experiencing voltage problems. This could increase the risk of grid instability and equipment damage. The voltage exceeding phenomenon suggests that the system's dispatch and control strategies failed to adapt or effectively adjust in the face of the attack. For wind power consumption, the wind power output (Pg) decreased to 4.0107 MW after the attack, a decrease compared to the normal 4.6238 MW, while the curtailment rate increased from 7.52% to 19.79%. This reflects that the attack affected the effective absorption of wind power, and the system failed to effectively dispatch wind power, resulting in the waste of renewable energy. In summary, the experimental results show that the attack not only affected the dispatch of traditional power, but also the utilization efficiency of renewable energy.

[0075] (4) Visual analysis of the distribution of measured values The optimized attack gene sequence successfully maximized the attack effect while maintaining stealth. However, the optimized attack gene does not guarantee accurate injection into the system, as the injection location and method may be influenced by other factors during the actual attack process. This experiment uses visualization to analyze the differences in measurement distribution between attack data and normal data. Figure 15 As shown in the figure, the data demonstrates a significant difference in the distribution of measurement values ​​between attack data and normal data. The first 20 data points represent normal data, while the subsequent data points represent attack data. The distribution of attack data at different nodes differs significantly from that of normal data, revealing the separability of attack data patterns from normal data patterns. Although the attack data has undergone stealth optimization, its unique patterns and characteristics remain evident, demonstrating the independence and targeting of the attack gene data.

[0076] (5) Analysis of attack success rate under different attack scenarios In this experiment, based on a set state estimation offset threshold (0.1), we evaluated and compared the performance of attack modeling under five attack scenarios through multi-dimensional assessment, and analyzed the comprehensive advantages of attack gene modeling. The experimental results are as follows: Figure 16 This paper compares the attack success rates of various nodes in the IEEE 14-node system (Figure a) and the IEEE 33-node system (Figure b) under different attack modeling methods. Scenario 1 and Scenario 2 use traditional modeling methods, representing fixed offset attacks and random injection attacks, respectively; Scenario 3 and Scenario 4 use single-gene chain modeling methods, optimizing attack strength and attack strategy labels, respectively; Scenario 5 uses a double-chain modeling method. As shown in the figures, the double-chain attack gene modeling method achieves a higher attack success rate on most nodes than the other four modeling methods. Especially when considering attack concealment and effectiveness, the optimized method exhibits a higher attack success rate. This advantage is particularly evident in the IEEE 14-node system, where the attack success rate of Scenario 5 approaches or reaches its maximum value at multiple nodes. In the IEEE 33-node system, despite the larger number of nodes, Scenario 5 maintains high consistency and attack success rate. The comparison shows that our method improves the attack success rate by 12.270% compared to traditional methods, enhancing the attack's concealment, effectiveness, and operability, further validating the effectiveness and practicality of this attack generation method.

[0077] In the preceding section, we validated and analyzed the attack success rate metrics based on IEEE 14-node and 33-node systems. However, evaluating only in small-scale power grid systems is insufficient to fully reflect the applicability of the proposed method in large-scale power grid environments. Therefore, this study further validates the method on an IEEE 118-node system, with the following results: Figure 17As shown in the figure, in the attack success rate distribution across various measurement points, Scenario 5 (using the method proposed in this embodiment) is significantly higher than other scenarios on the vast majority of nodes, especially showing a clear advantage in the P6–P46 and P66–P96 intervals. Quantitative analysis results show that, out of 118 nodes, Scenario 5 has a better success rate than all comparison scenarios on 86 nodes, accounting for 72.88%, further demonstrating the robustness of the proposed method in large-scale complex networks and verifying its effectiveness in improving attack success rates.

[0078] (6) Experiment on the evolutionary trend analysis of the attack gene chain From the above experimental results, we can clearly observe the evolutionary trend of the attack gene chain. Figure 18 (a) shows the dynamic process of the fitness value of the attack gene changing with generations and population. The fitness value gradually increases, indicating that the genetic algorithm optimizes the attack strategy through iterative adjustment. Figure 18 (b) illustrates the results of the hidden gene optimization, where the fitness value gradually decreases with increasing generations. This change indicates that the adjustment of the hidden gene gradually approaches the optimal attack offset, reducing interference with the system and enhancing stealth. Overall, the improved genetic algorithm enhances the attack effect by continuously increasing the fitness value of the attack strategy, while simultaneously improving attack stealth by decreasing the fitness value of the offset optimization, ultimately achieving the optimal balance between attack effect and stealth.

[0079] (7) Ablation test To systematically evaluate the effectiveness and robustness of the proposed double-stranded attack gene optimization strategy, this embodiment designed ablation experiments on IEEE 14-node, IEEE 33-node, and IEEE 118-node systems, focusing on the impact of different attack gene configurations on attack residuals and success rates. The selected experimental strategies included the following four comparative schemes: (1) traditional attack method (without any gene structure optimization); (2) using only the hidden strand (removing the attack strand and optimizing only the concealment parameters); (3) using only the attack strand (removing the hidden strand and optimizing only the attack strategy label); and (4) using the complete double-stranded gene structure (joint optimization of the attack strand and the hidden strand). The experimental results are summarized in Tables 2-4. The results show that the double-stranded gene optimization method exhibits significantly better performance than other comparative methods on both test systems. Taking the IEEE 14-node system as an example, the dual-chain scheme reduces the attack residual to 1.8294e+04, a significant decrease compared to both the traditional method (3.0642e+04) and the single-chain model, while also improving the success rate from 0.475 to 0.510. Results from the IEEE 33-node system show that the dual-chain scheme significantly reduces the residual to 2.5799e+11 and improves the success rate to 0.598. Results from the IEEE 118-node system also demonstrate consistency, indicating that the proposed method possesses good transferability and versatility across different system scales. Further ablation analysis reveals that removing either the attack chain or the covert chain weakens the overall attack performance to varying degrees. Specifically, removing the covert chain significantly increases the residual, indicating that the attack offset parameter plays a crucial role in maintaining low observability; while removing the attack chain significantly reduces the success rate, validating the core contribution of policy labels to attack effectiveness. This finding empirically emphasizes the value of joint optimization of the "destructiveness" and "stealth" dimensions in the dual-chain gene model.

[0080] Table 2 Ablation Experiment Results of Different Attack Methods in IEEE 14 Table 3 Ablation Experiment Results of Different Attack Methods in IEEE 33 Table 4 Ablation Experiment Results of Different Attack Methods in IEEE 118 Those skilled in the art will recognize that the units of the various examples described in connection with the embodiments disclosed herein can be implemented in electronic hardware, computer software, or a combination of both. To clearly illustrate the interchangeability of hardware and software, the components of each example have been generally described in terms of function in the foregoing description. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementations should not be considered beyond the scope of this invention.

[0081] In the embodiments provided by the present invention, it should be understood that the division of units is only a logical functional division. In actual implementation, there may be other division methods, such as multiple units can be combined into one unit, one unit can be split into multiple units, or some features can be ignored.

[0082] Furthermore, the functional units in the various embodiments of the present invention can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or as a software functional unit.

[0083] If the integrated unit is implemented as a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention, in essence, or the part that contributes to the prior art, or all or part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, read-only memory (ROM), random access memory (RAM), portable hard drives, magnetic disks, or optical disks.

[0084] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them. Although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some or all of the technical features therein. Such modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the scope of the technical solutions of the embodiments of the present invention, and they should all be covered within the scope of the claims and specification of the present invention.

Claims

1. A method for modeling electric CPS spoofing attacks based on multi-objective genetic evolution, characterized in that, This includes the attack gene generation stage, the gene selection stage, and the gene evolution stage, as detailed below: Attack gene generation stage: Obtain the randomly generated attack offset and the decoupled label policy matrix, and use gene segmentation encoding to realize the mapping relationship between the genotype representing the attack behavior and the phenotype representing the attack vector, so as to obtain a set of double-stranded attack genes; Gene optimization stage: The set of attack genes is input into the multi-target fitness function and the optimized genes are obtained by solving and filtering. Gene evolution stage: Cross and mutate the attack and concealment chains of the preferred genes to generate attack vectors.

2. The method of claim 1, wherein, The attack gene generation phase involves the following operations: Input a policy label matrix And preset an attack quantity requirement. The system selects the positions in the matrix that need to be set to the attack state, and dynamically assigns an initial attack offset to each selected attack position, thereby constructing an original attack strategy representation with perturbation characteristics. From the strategy tag matrix Extracting location information to construct an attack chain matrix Each column is allowed a maximum of [number] columns. Attack points, simultaneously, from the policy tag matrix Extracting non-zero numerical information to construct a hidden chain matrix , used to carry attack offset information; Encoding the hidden chain is performed. During the encoding process of the hidden chain, Each element in the code corresponds to a continuous attack offset. The continuous interval containing each offset is divided into several discrete sub-intervals. Each item is quantized and encoded to obtain the covert chain code. The hidden chain matrix is ​​sparsely processed into a fixed-length 0 / 1 sequence according to the topological node order to simulate the switching regulation of gene loci. The gene information encoded by the attack target, attack strategy and attack time is used as the attack chain encoding. The decoupled attack chain code is then concatenated with the covert chain code.

3. The method of claim 2, wherein, During the splicing process, if any encoding contains an illegal gene fragment that exceeds the preset length or violates the boundary rules, it will be directly removed.

4. The method for modeling electric CPS spoofing attacks based on multi-objective genetic evolution according to claim 1, characterized in that, The gene selection stage involves the following specific operations: Randomly selected from the double-stranded attack gene set Individual genes constitute the initial population; The attack chain and the covert chain are decoded separately: the attack chain is encoded and decoded into an attack perturbation term, and the covert chain is encoded and converted into an attack policy mask. Finally, the attack perturbation term and the attack policy mask are combined, and the actual attack measurement vector is constructed through element-wise multiplication. ; Attack measurement vectors generated by double-chain decoding Inject raw measurement data to construct attack measurements ; Construct a multi-target fitness function, with the optimization objective being to maximize the attack effect; The attack genes in the double-stranded attack gene set are selected and screened using a multi-objective fitness function to identify high-quality genes.

5. The method of claim 4, wherein, The multi-objective fitness function is expressed as follows: in, This indicates the number of attack nodes that the attacker selects and controls at a given moment. This is the upper limit threshold for the attack scale, a system preset parameter; Indicates the first Standardized residuals at each measurement point; Indicates the first The residual values ​​corresponding to each measurement point. This represents the first element in the constructed attack measurement data. One component; attack measurement The obtained state estimate; This is the measurement matrix used in power CPS state estimation; This represents the average residual of the i-th measurement point within the statistical window; Indicates the first The first sampling The residual values ​​at each measurement point; Number of samples; This represents the standard deviation of the residual at the i-th measurement point.

6. The method for modeling electric CPS spoofing attacks based on multi-objective genetic evolution according to claim 1, characterized in that, The process of selecting and screening attack genes using a fitness function, and screening for high-quality genes, is as follows: First, the overall fitness value of all individuals in the initial population is normalized, the fitness value is mapped to the corresponding probability weight, and a virtual "roulette" structure is constructed. By using inverse weighting, individuals with low fitness are given a higher probability of selection; The fitness function guides the solution toward the global optimum.

7. The method for modeling electric CPS spoofing attacks based on multi-objective genetic evolution according to claim 1, characterized in that, During the gene evolution stage, the attack offset of the covert chain adopts single-point crossover, while the strategy tag of the attack chain adopts multi-point crossover.

8. The method of claim 7, wherein, The specific operations performed during the gene evolution stage are as follows: In a continuous parameter space, local gene exchange is performed; in a discrete topological space, multiple gene breakpoints are randomly selected, and parent gene segments are exchanged alternately in odd and even order. Mutations are made at specific locations in an individual's genes, as follows: in, It is a genetically modified individual. It is the current genetic individual, It's the mutation amount. It is the mutation amplitude coefficient; The constraints are constructed, including physical constraints and hidden constraints. The physical constraints ensure line capacity limits and node power balance, while the hidden constraints include residual thresholds and limits on the number of attack nodes.

9. A computer-readable storage medium, characterized in that, The computer-readable storage medium includes a stored program, wherein, when the program is executed, it controls the device containing the computer-readable storage medium to perform the electric CPS fake data attack modeling method for multi-objective evolution of genes as described in any one of claims 1 to 8.

10. A processor, comprising: The processor is used to run a program, wherein the program executes the electric CPS fake data attack modeling method for multi-objective evolution of genes as described in any one of claims 1 to 8.