基于信息熵的工业网络涉密信息安全防护策略研究  

作　　者：杨耀忠[1] 段鸿杰[1] 胥林[1] 王文蔚[1] 史进[1] YANG Yaozhong;DUAN Hongjie;XU Lin;WANG Wenwei;SHI Jin(Shengli Oilfield Branch,SINOPEC,Dongying 257000,China)

机构地区：[1]中国石油化工股份有限公司胜利油田分公司,山东东营257000

出　　处：《自动化仪表》2023年第10期70-74,共5页Process Automation Instrumentation

摘　　要：工业网络包含多种类的海量涉密信息。当工业网络受到入侵攻击时,不同区间的涉密信息入侵特征繁杂,导致入侵检测误报情况较多、涉密信息安全防护性能较差。提出基于信息熵的工业网络涉密信息安全防护策略。构建涉密信息安全防护机制,从多个角度监控访问用户。读取涉密信息后,设计入侵检测方法,利用相关信息熵选择不同区间的入侵特征,统一入侵衡量标准,以保证工业网络信息安全。将选择后的特征输入至K均值算法中,完成入侵数据检测,以实现工业网络涉密信息安全防护。试验结果表明,该策略能够有效降低多种入侵攻击的误报次数,并能够在攻击发生时保障通信带宽稳定,从而有效保证工业网络涉密信息的安全性。所提方法能够为工业网络涉密信息的安全存储提供理论支持。Industrial networks contain multiple types of massive classified information.When the industrial networks is attacked by intrusion,the intrusion characteristics of classified information in different zones are complicated,which leads to more false alarm cases of intrusion detection and poor performance of classified information security protection.The industrial networks classified information security protection strategy based on information entropy is proposed.The classified information security protection mechanism is constructed to monitor access users from multiple perspectives.The intrusion detection method is designed after reading the classified information,and the intrusion features of different intervals are selected using the correlation information entropy to unify the intrusion measurement standard and ensure the information security of industrial networks.The selected features are input to the K-mean algorithm to complete the intrusion data detection and realize the information security protection of industrial networks classified information.The experimental results show that the strategy can effectively reduce the number of false positives of various intrusion attacks and can guarantee the stability of communication bandwidth when the attacks occur,so as to effectively ensure the security of industrial networks classified information.The proposed method can provide theoretical support for the secure storage of classified information in industrial networks.

关 键 词：工业网络 信息熵 涉密信息 安全防护 提取入侵特征 入侵检测 蠕虫攻击 

分 类 号：TH86[机械工程—仪器科学与技术]