检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:缪海飞 曹翔 林青[1] 胡绍谦[1] 汤震宇[1] MIAO Haifei;CAO Xiang;LIN Qing;HU Shaoqian;TANG Zhenyu(NR Electric Co.,Ltd,Nanjing 211102)
出 处:《电气技术》2022年第2期99-104,共6页Electrical Engineering
摘 要:针对目前难以实时准确且低能耗地识别电力监控系统中分布式拒绝服务(DDoS)攻击的问题,本文基于电力监控系统专用防火墙装置提出一种实时DDoS攻击检测方法。采用软硬件结合的方式:硬件方面,防火墙采用现场可编程门阵列(FPGA)实时采集报文数据,在转发报文时更新计数器,实时提供检测所需的特征值并进行攻击预判;软件方面,在防火墙的用户空间内运行基于机器学习的在线识别器,首先在实时采集报文数据时感知网络状态,当网络可能异常时使用在线识别器检测攻击。本文实现了基于该方法的DDoS攻击检测原型系统,并进行了实验。实验表明,该方法可以实现资源占用低、识别准确率高的实时DDoS攻击检测。Aiming at the problem that distributed denial-of-service(DDoS)attacks in power monitoring system are difficult to identify in real time with high accuracy and low energy consumption,a real-time DDoS attack detection method based on firewall is proposed.The method adopts a combination of software and hardware.On the hardware side,the firewall uses field programmable gate array(FPGA)to collect message data in real time,update counters when forwarding messages,provide real-time characteristic values required for detection and perform attack prediction.On the software side,it runs a recognizer based on machine learning.The hardware senses the network status in real time when collecting packet data.Once the network is abnormal,the online identifier is launched to detect DDoS attack.A DDoS attack detection prototype system based on this method is implemented and deployed.Experiments show that the method can detect DDoS attack in real time with low resource occupancy and high accuracy.
关 键 词:电力监控系统 分布式拒绝服务(DDoS)攻击 检测 实时 机器学习
分 类 号:TM73[电气工程—电力系统及自动化]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.117