Research and Application of Key Technologies of Network Security Situation Awareness for Smart Grid Power Control Systems

被引:0
|
作者
Zhang L. [1 ]
Qu G. [1 ]
Li H. [1 ]
Jin H. [1 ]
机构
[1] East Branch of State Grid Corporation of China, Shanghai
来源
Shanghai Jiaotong Daxue Xuebao/Journal of Shanghai Jiaotong University | 2021年 / 55卷
关键词
Network security; Power control system; Situation awareness; Situation cognition; Situation prediction;
D O I
10.16183/j.cnki.jsjtu.2021.S2.017
中图分类号
学科分类号
摘要
The network security situational awareness (NSSA) technology, which can perceive the potential network security risks globally and dynamically, is receiving more and more attention.With the help of machine learning, artificial intelligence, big data, and the other technologies, the network security situation awareness solution of power control system can learn from the process of the long-term and massive network security situation data, gain insight into the internal logical relationship implied in the data, and realize the abnormal behavior identification, intrusion intention understanding, and impact assessment of various activities in the power business network. First, the basic concept and the logical block diagram of NSSA are introduced. Then, the current situation and the risk of network security of power control system are summarized. Next, aimed at these risks and deficiencies, the key technologies involved in the network security situation awareness platform from the perspective of practice are expounded, which include the multidimensional security event correlation analysis model,the abnormal traffic and abnormal behavior detection method based on "baseline learning",the attack chain recognition model based on attack scenario, and the power remote control security technology based on "address self verification". Finally, the situation awareness solution and its application in power monitoring systems are stated and prospected. © 2021, Shanghai Jiao Tong University Press. All right reserved.
引用
收藏
页码:103 / 109
页数:6
相关论文
共 7 条
  • [1] KE Zonggui, YANG Yubin, MAI Siwen, Network security situational awareness solution based on big data, Information Technology & Standardization, 9, pp. 21-22, (2019)
  • [2] GONG Zhenghu, ZHUO Ying, Research on cyberspace situational awareness, Journal of Software, 21, 7, pp. 1605-1619, (2010)
  • [3] BRADSHAW J M, CARVALHO M, BUNCH L, Et al., Sol: An agent-based framework for cyber situation awareness, KI-Künstliche Intelligent, 26, 2, pp. 127-140, (2012)
  • [4] LIU N, WANG D G, HUANG X M, Et al., Research on network security situation awareness technology based on artificial immunity system, 2009 International Forum on Information Technology and Applications, pp. 472-475, (2009)
  • [5] ZOU F T, LI L S, WU Y, Et al., Detecting domain-flux malware using DNS failure traffic, International Journal of Software Engineering and Knowledge Engineering, 28, 2, pp. 151-173, (2018)
  • [6] ZOU F T, ZHANG S Y, LI L S, Et al., Detecting malware based on expired command-and-control traffic, International Journal of Distributed Sensor Networks, 13, 7, (2017)
  • [7] ZOU F T, ZHANG S Y, RAO W X, Et al., Detecting malware based on DNS graph mining, International Journal of Distributed Sensor Networks, 2015, pp. 1-12, (2015)
1