基于大数据分析的电力监控网络安全主动防护策略研究*

作为电力工业的关键基础设施之一,电力监控系统的网络安全对电网稳定运行有着非常重要的意义。目前电力监控网络安全防护技术无法保证所有的网络攻击都能够有效防护。基于此,针对电力监控网络无法有效检测多类型网络攻击形成的复合攻击问题,提出了一种新的主动检测防护策略。该策略基于D-S证据理论,计算安全事件的偏离度,根据偏离度大小,采用局部线性加权确定安全事件的权重,形成基于局部线性加权的安全事件证据组合。在此基础上,针对多类型网络攻击,构建了基于证据分类的复合攻击检测防护策略。实验结果表明,本方案不仅对单一攻击源具有非常良好的判别精确度,还能够有效甄别多类型网络攻击行为,对电网安全运行具有参考意义。

Active protection strategy of power monitoring network security

As one of the key infrastructure of power industry, the network security of power monitoring system is of great significance to the stable operation of power grid. At present, power monitoring network security protection technology can not guarantee that all network attacks can be effectively protected. Based on this, a new active detection and protection strategy is proposed to solve the problem that the power monitoring network can not effectively detect the multiple types of network attacks. Based on D-S evidence theory, the deviation degree of security incidents is calculated. According to the deviation degree, the local linear weighting is used to determine the weight of safety incidents, and the evidence combination of safety incidents based on local linear weighting is formed. On this basis, for multiple types of network attacks, a composite attack detection and protection strategy based on evidence classification is constructed. The experimental results show that the scheme not only has a very good discrimination accuracy for a single attack source, but also can effectively identify multiple types of network attacks, which has reference significance for the safe operation of power grid.