Time Series Association State Analysis Method for Attacks on the Smart Internet of Electric Vehicle Charging Network

A robust, integrated and flexible charging network is essential for the growth and deployment of electric vehicles (EVs). The State Grid of China has developed a Smart Internet of Electric Vehicle Charging Network (SIEN). At present, there are three main ways to attack SIEN maliciously: distributed data tampering; distributed denial of service (DDoS); and forged command attacks. Network attacks are random and continuous, closely related to time. By contrast, when analyzing the alarm in malicious attacks, the traditional Markov chain based model ignores the association relationship in the time series between states of alarm, so that the analysis and prediction of alarms are not suitable for real situations. This paper analyzes the characteristics of the three types of attack and proposes an association state analysis method on the time series. This method firstly analyzes alarm logs at different locations, different levels, and different types, and then establishes the temporal association of scattered and isolated alarm information. Secondly, it tracks the transition trend of abnormal events in the SIEN’s main station layer, the channel layer, and the sub-station layer. It also identifies the real attack behavior. This method not only provides a prediction of security risks, but, more importantly, it can also accurately analyze the trend of SIEN security risks. Compared with the ordinary Markov chain model, this method can better smooth the fluctuation of processing values, with higher real-time performance, stronger robustness, and higher precision. This method has been applied to the State Grid of China.