基于流量特征的电力物联网设备识别方法  被引量：1

作　　者：王潇淇 程光 张玉健[1,2,3] 郭靓 张付存[4] Wang Xiaoqi;Cheng Guang;Zhang Yujian;Guo Liang;Zhang Fucun(School of Cyber Science&Engineering,Southeast University,Nanjing Jiangsu,211189;Jiangsu Ubiquitous Network Security Research Center,Southeast University,Nanjing Jiangsu,211111;International Governance Research Base of Cyberspace,Southeast University,Nanjing Jiangsu,211111;Nanjing NARI Information&Communication Technology Co.,Ltd,Nanjing Jiangsu,210000)

机构地区：[1]东南大学网络空间安全学院,江苏南京211189 [2]东南大学江苏省泛在网络安全工程研究中心,江苏南京211111 [3]东南大学网络空间国际治理研究基地,江苏南京211111 [4]南京南瑞信息通信科技股份有限公司,江苏南京210000

出　　处：《工业信息安全》2022年第1期48-57,共10页Industry Information Security

基　　金：2019年工业互联网创新发展工程(No.6709010003)资助。

摘　　要：随着电力工业中通信技术的发展,越来越多的设备接入了电力网络,这大大增加了电力物联网的安全风险。传统的电力网络设备识别大多依赖于人工操作,但随着电力物联网规模的扩大,亟需提出一种先进的电力物联网设备识别方法。因此,本文结合电力网络自身特点,提出一种基于流量特征方法来识别电力物联网中的设备。该方法通过一种两层架构进行设备识别:在第一层中,识别电力物联网流量与非电力物联网流量;在第二层中,从流粒度和包粒度两个维度对电力物联网流量进行特征提取,并构建设备分类器进行设备识别。通过在某省会城市供电公司的智能电网机房中采集真实电网流量后,并对这些流量进行实验和分析,结果表明,本文提出的方法可以有效识别电力物联网流量与非电力物联网流量,并且电力设备识别率能够达到99.3%,从而增强电力网络的安全性。With the development of communication technology in the power industry,an increasing number of devices are connected to the power network,which greatly increases the security risks of the Power Internet of Things.Traditional power network devices identification highly relies on manual operation,but with the expansion of the Power Internet of Things,it is urgent to propose an advanced method to identify devices in Power Internet of Things.Therefore,combining the features of the power network itself,we proposes a method based on traffic characteristics to identify devices in the Power Internet of Things.This method uses a two-layer architecture for device identification:in the first layer,the Power Internet of Things traffic and Non-power Internet of Things traffic are identified;in the second layer,feature extraction of the Power Internet of Things traffic is performed from the two dimensions of flow granularity and packet granularity and a device classifier is constructed for device identification.After collecting the real grid traffic in the smart grid computer room of a provincial capital city power supply company,we experiment and analyze these traffic.The results show that the method proposed in this paper can effectively identify the Power Internet of Things traffic and the Non-power Internet of Things traffic,and the devices identification rate can reach 99.3%,which enhances the security of the power network.

关 键 词：电力物联网 设备识别 流量特征 机器学习 

分 类 号：TN929.5[电子电信—通信与信息系统] TP391.44[电子电信—信息与通信工程] TM73[自动化与计算机技术—计算机应用技术]