检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]国网福建省电力有限公司漳州供电公司 [2]国网福建省电力有限公司信息通信分公司 [3]国网信通亿力科技有限责任公司
出 处:《自动化博览》2024年第4期50-53,共4页Automation Panorama1
摘 要:目前,网络攻击已成为新型武器,敌对势力利用网络攻击成功破坏电力等国家关键基础设施已成为现实。电网智能终端攻击一般针对电力特有的协议和特定的业务逻辑,具有攻击目标明确、操作隐蔽、潜伏时间长等特点,且一般通过集团式甚至是国家级实施攻击。目前电网智能终端系统在攻击检测方面主要是借鉴传统IT系统已较成熟技术,检测网络侧的安全事件,但无法检测到如伪造控制指令等针对系统业务指令级的异常安全事件。针对电网网络侧流量检测,本研究提出了基于单类支持向量机OCSVM的流量异常检测技术,其基本思想就是通过机器学习的方法对数据进行二分类,并且只需要一类样本就可以训练检测模型,对噪声样本数据具有鲁棒性,很好地满足了工控系统的数据不平衡特点。At present,network attacks have become a new type of weapon,where hostile forces have successfully used network attacks to destroy critical national infrastructures like power systems.Smart terminal attacks on power grids generally target electricity specific protocols and specific business logic,and have characteristics such as clear targets,covert operations,and long latency.They are generally carried out through group or even national level attacks.At present,the intelligent terminal system of the power grid mainly draws on the mature technology of traditional IT systems in attack detection,detecting security events on the network side,failing to detect abnormal security events targeting the system's business instruction level,such as forged control instructions.This study proposes a traffic anomaly detection technology based on single class support vector machine(OcsvM)for power grid network side flow detection.The fundamental principle of ocsvM involves using machine learning to classify data into binary categories using only one class of samples for training the detection model.It is robust to noise sample data and well meets the data imbalance characteristics of industrial control systems.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.222.226.47