首页 | 本学科首页   官方微博 | 高级检索  
     

基于云安全的高级计量体系恶意软件检测方法
引用本文:苏盛,李志强,谷科,石东源,钱斌. 基于云安全的高级计量体系恶意软件检测方法[J]. 电力系统自动化, 2017, 41(5): 134-138
作者姓名:苏盛  李志强  谷科  石东源  钱斌
作者单位:智能电网运行与控制湖南省重点实验室(长沙理工大学), 湖南省长沙市 410004,智能电网运行与控制湖南省重点实验室(长沙理工大学), 湖南省长沙市 410004,智能电网运行与控制湖南省重点实验室(长沙理工大学), 湖南省长沙市 410004,强电磁工程与新技术国家重点实验室(华中科技大学), 湖北省武汉市 430074,南方电网科学研究院, 广东省广州市 510080
基金项目:湖南省教育厅科研基金资助项目(15A005)
摘    要:高级计量体系(AMI)中,智能电表主要依赖嵌入式硬件加密(ESAM)提供保护,遭破解后可能遭恶意软件攻击威胁。针对智能电表通信和计算资源有限的特征,提出了基于白名单的云安全防护方法。首先利用运行环境封闭固定的特点,在计量中心云端安全服务器中建立并维护合法进程白名单;然后在智能电表中安装运行进程检测模块,由其枚举出所有运行进程,计算唯一标识各进程的哈希值特征码并提交到云端安全服务器,与白名单进行对比即可检出含非法进程的表计。该模式仅需在智能电表中计算并上传进程特征码,可在有限的计算和通信资源约束下满足恶意软件检测需求,能够强化AMI的网络安全防护水平。

关 键 词:高级计量体系;云安全;哈希值;白名单;智能电表
收稿时间:2016-07-09
修稿时间:2017-01-18

Cloud Security Based Malware Detection in Advanced Metering Infrastructure
SU Sheng,LI Zhiqiang,GU Ke,SHI Dongyuan and QIAN Bin. Cloud Security Based Malware Detection in Advanced Metering Infrastructure[J]. Automation of Electric Power Systems, 2017, 41(5): 134-138
Authors:SU Sheng  LI Zhiqiang  GU Ke  SHI Dongyuan  QIAN Bin
Affiliation:Hunan Province Key Laboratory of Smart Grids Operation and Control(Changsha University of Science and Technology), Changsha 410004, China,Hunan Province Key Laboratory of Smart Grids Operation and Control(Changsha University of Science and Technology), Changsha 410004, China,Hunan Province Key Laboratory of Smart Grids Operation and Control(Changsha University of Science and Technology), Changsha 410004, China,State Key Laboratory of Advanced Electromagnetic Engineering and Technology(Huazhong University of Science and Technology), Wuhan 430074, China and Electric Power Research Institute of China Southern Power Grid, Guangzhou 510080, China
Abstract:Smart meters in advanced metering infrastructure(AMI)are protected by encryption/decryption of embedded secure access module(ESAM)and may undergo intrusion of malware once the key is compromised. Since smart meters have limited computation and communication resources, a cloud security based approach is proposed to detect malware in smart meters. A software module is installed to enumerate all processes in smart meters. Thereafter, Hash code of all processes is calculated and uploaded to the server over cloud and the malware detection module in the server can identify malware just by comparing Hash code with that in blacklist and whitelist. Since the jobs with a high requirement on computation are implemented in server over cloud, its requirement on meters is notably lower than on the traditional approach.
Keywords:advanced metering infrastructure   cloud security   Hash code   whitelist   smart meters
本文献已被 CNKI 等数据库收录!
点击此处可从《电力系统自动化》浏览原始摘要信息
点击此处可从《电力系统自动化》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号