基于模糊聚类的多类簇归属电力实体行为异常检测算法

针对数字化主动电网中电力实体行为复杂化、攻击手段隐蔽化等问题，提出了一种基于模糊聚类的多类别归属异常检测算法。首先，对电力实体行为相似性的度量方式进行优化，并基于优化后的度量方法构建模糊聚类算法，通过多次迭代得到实体行为对应各类别的隶属度矩阵；其次，根据类别软划分隶属度矩阵，分别计算实体在各个类别内的近邻距离、近邻密度与近邻相对异常因子等参数；最后，分析实体在各类簇内的相对异常情况，判断该电力实体行为是否属于异常行为。结果表明，与LOF，K-Means和Random Forest算法相比，新方法具有更高的异常行为检出数量和更优的异常检测评价指标，解决了传统异常检测算法样本评价角度单一的问题，进一步提高了数字化主动电网抵御未知威胁的能力。

An abnormal behavior detection algorithm based on fuzzy clustering for multi-categories affiliation of power entities

Aiming at the problems of complex behavior of power entities and concealed attack means in the digital active power grid,a multi-category attribution anomaly detection algorithm based on fuzzy clustering was proposed.Firstly,the similarity measurement method of power entity behavior was optimized,a fuzzy clustering algorithm was constructed based on the measurement value,and the membership matrix of entity behavior corresponding to various classes was obtained through several iterations.Secondly,the nearest neighbor distance,nearest neighbor density,and nearest neighbor relative anomaly factor of entities in each category were calculated according to the category softening membership matrix.Finally,the relative abnormal situation of the entity in various clusters was analyzed to judge whether the behavior of the power entity belongs to the abnormal behavior category.The results show that compared with LocalOutlier Factor(LOF),K-means,and RandomForest algorithms,the new method has detected more abnormal behaviors and achieved better anomaly detection evaluation indexes.The problem of a single evaluation angle of samples in traditional anomaly detection algorithms was solved and the ability of the digital active power grid to resist unknown threats was improved.