基于Dempster-Shafer证据理论的网络安全推断方法
收稿日期: 2021-08-20
网络出版日期: 2022-01-24
Network Security Inference Method Based on Dempster-Shafer Theory
Received date: 2021-08-20
Online published: 2022-01-24
电力物联网边缘层的网络环境复杂,处于开放环境中,安全威胁多样且动态变化.传统的基于防火墙的网络安全体系难以有效应对电力物联网层出不穷的安全问题.本文使用了数据驱动的思想对边缘设备的网络行为进行动态地判断.基于电力物联网的特点,采用网络日志、域名生成算法以及网络流量三个维度作为判据,给出了基于混淆矩阵的基本概率指派方法.通过Dempster-Shafer证据理论进行多源信息融合,对电力物联网的网络安全进行判别.
关键词: 电力物联网; Dempster-Shafer证据理论; 网络安全; 证据融合
吴楠, 程哲韬, 杜亮, 沈颖平 . 基于Dempster-Shafer证据理论的网络安全推断方法[J]. 上海交通大学学报, 2021 , 55(S2) : 77 -81 . DOI: 10.16183/j.cnki.jsjtu.2021.S2.012
The network environment of the edge layer of the Internet of Things in power systems (IOTIPS) is complex in an open environment, and the security threats are diverse and dynamic. It is difficult for the traditional network security system based on firewall to effectively deal with the emerging security problems of the IOTIPS. This paper uses the data-driven idea to dynamically judge the network behavior of edge devices. Based on the characteristics of the IOTIPS, by using the three dimensions of network log, domain name generated by domain generation algorithm, and network traffic as criteria, a basic probability assignment method based on confusion matrix is proposed. Multi-source information fusion is performed by using the Dempster-Shafer theory, and the network security of IOTIPS is distinguished.
| [1] | 周峰, 周晖, 刁赢龙. 泛在电力物联网智能感知关键技术发展思路[J]. 中国电机工程学报, 2020, 40(1): 70-82. |
| [1] | ZHOU Feng, ZHOU Hui, DIAO Yinglong. Development of intelligent perception key technology in the ubiquitous Internet of Things in electricity[J]. Proceedings of the CSEE, 2020, 40(1): 70-82. |
| [2] | 吕志宁, 胡子珩, 宁柏锋, 等. 针对电力系统的物联网需求攻击研究进展与发展趋势[J]. 南方电网技术, 2020, 14(1): 24-30. |
| [2] | LÜ Zhining, HU Ziheng, NING Baifeng, et al. Review of research progress and development trend of Internet of Things demand attack on power system[J]. Southern Power System Technology, 2020, 14(1): 24-30. |
| [3] | 化存卿. 物联网安全检测与防护机制综述[J]. 上海交通大学学报, 2018, 52(10): 1307-1313. |
| [3] | HUA Cunqing. A survey of security detection and protection for Internet of Things[J]. Journal of Shanghai Jiao Tong University, 2018, 52(10): 1307-1313. |
| [4] | 文志诚, 陈志刚, 唐军. 基于聚类分析的网络安全态势评估方法[J]. 上海交通大学学报, 2016, 50(9): 1407-1414. |
| [4] | WEN Zhicheng, CHEN Zhigang, TANG Jun. Network security assessment method based on cluster analysis[J]. Journal of Shanghai Jiao Tong University, 2016, 50(9): 1407-1414. |
| [5] | KIM Y, KOLESNIKOV V, KIM H, et al. SSTP: A scalable and secure transport protocol for smart grid data collection[C]// 2011 IEEE International Conference on Smart Grid Communications. Brussels, Belgium: IEEE, 2011: 161-166. |
| [6] | DE RANGO F, POTRINO G, TROPEA M, et al. Energy-aware dynamic Internet of Things security system based on elliptic curve cryptography and message queue telemetry transport protocol for mitigating replay attacks[J]. Pervasive and Mobile Computing, 2020, 61:101105. |
| [7] | SHAFER G. A mathematical theory of evidence[M]. Princeton: Princeton University Press, 1976: 23-29. |
| [8] | 蒋雯, 邓鑫洋. D-S证据理论: 信息建模与应用[M]. 北京: 科学出版社, 2018: 8-17. |
| [8] | JIANG Wen, DENG Xinyang. Dempster-Shafer evidence theory: Information modeling and application[M]. Beijing: Science Press, 2018: 8-17. |
| [9] | MUKKAMALA S, SUNG A, ABRAHAM A. Cyber security challenges: Designing efficient intrusion detection systems and antivirus tools[J]. Enhancing Computer Security with Smart Technology, 2005, 3(2): 125-163. |
| [10] | 王洪勉, 孙慧, 郑利斌, 等. 泛在电力物联网智联单元设计与实现[J]. 供用电, 2019, 36(6): 5-9. |
| [10] | WANG Hongmian, SUN Hui, ZHENG Libin, et al. Design and implementation of wisdom unit in the ubiquitous Internet of Things in electricity[J]. Distribution & Utilization, 2019, 36(6): 5-9. |
/
| 〈 |
|
〉 |
