基于高斯混合聚类的电力工控系统异常检测研究

电力工控系统数据在时间维度上具有周期性,但其时间序列呈现多元高斯分布特性且周期长度不固定,这导致通过相似性度量来发现异常难以进行。针对上述问题,文章提出一种基于多元高斯聚类的电力工控系统异常时序检测方法。该方法首先获取电力工控系统流量数据,对其采用多元高斯分布混合算法实现时间序列的符号化,然后利用马尔可夫链从长度不固定的时间序列中提取出大小一致的状态转移概率矩阵作为数据特征,最后通过层次聚类方法计算样本的异常率实现异常检测。经实验分析表明,文章方法可以有效实现电力工控系统时序数据周期长度不同下的异常自动检测。

Research on Anomaly Detection of Power Industrial Control System Based on Gaussian Mixture Clustering

The data of power industrial control system has periodicity in the time dimension,but its time series shows the characteristic of multiple Gaussian distribution and the period length is not fixed,which makes it difficult to carry out similarity measurement to find anomalies.According to the above problem,this paper proposes a power control system based on multivariate gaussian clustering anomaly temporal detection method,this method first obtains power system flow control in the data,adopts the multivariate Gaussian hybrid algorithm to realize the symbolization of time series,and then uses the Markov chain from the length of time series to extract transition probability matrix of the same size as the datacharacteristics. At last, anomaly detection is realized by using hierarchical clustering methodto calculate the sample rate of abnormal. The experimental results show that this method caneffectively realize the abnormal automatic detection of power industrial control system withdifferent timing data cycle lengths.