摘要
近年来,恶意软件攻击对新型电力系统的威胁日益增大。为了应对潜在的风险,研究者通过在智能电网中部署恶意软件检测模型的方式来保护主机系统的安全。然而,越来越多的检测模型在精心构造的对抗样本面前暴露出了弱点。进一步分析潜在的漏洞,对提高新型电力系统稳定性有着深远意义。为此,文章提出一种基于深度强化学习生成恶意软件对抗样本的方法。该方法通过设计动作空间中攻击手段的方式提高对抗样本的逃避能力,然后使用集成环境对智能体进行训练,使得生成样本具有更好的迁移能力。实验结果表明,基于深度强化学习D3QN的对抗样本生成方法相较于其他方法具有更好的综合性能,有利于进一步挖掘目前电力系统中恶意软件检测模型的漏洞。
In recent years,the threat of malware attacks on a new type power systems is increasing.In order to deal with potential risks,researchers protect the security of host systems by deploying malware detection models in smart grids.However,more and more detection models expose weaknesses in the face of carefully constructed adversarial samples.Further analysis of potential vulnerabilities is of far-reaching significance for improving the stability of a new type power systems.Therefore,this paper proposes a method to generate malware adversarial samples based on deep reinforcement learning.This method improves the evading ability of the adversarial samples by designing the attack means in the action space,and then trains the agent in a mixed environment to make the generated samples have better migration ability.The experimental results show that the adversarial sample generation method based on deep reinforcement learning D3QN has better comprehensive performance than other methods,which is conducive to further mining the vulnerabilities of current power system malware detection models.
作者
李敏
徐茹枝
王硕
LI Min;XU Ruzhi;WANG Shuo(School of Control and Computer Engineering,North China Electric Power University,Changping District,Beijing 102206,China)
出处
《电力信息与通信技术》
2023年第6期8-14,共7页
Electric Power Information and Communication Technology
基金
国家自然科学基金项目(61972148)。
关键词
恶意软件检测
对抗样本
强化学习
malware detection
counter samples
intensive learning
