Journal of Shanghai Jiaotong University >
Research and Application of Key Technologies of Network Security Situation Awareness for Smart Grid Power Control Systems
Received date: 2021-10-20
Online published: 2022-01-24
The network security situational awareness (NSSA) technology, which can perceive the potential network security risks globally and dynamically, is receiving more and more attention.With the help of machine learning, artificial intelligence, big data, and the other technologies, the network security situation awareness solution of power control system can learn from the process of the long-term and massive network security situation data, gain insight into the internal logical relationship implied in the data, and realize the abnormal behavior identification, intrusion intention understanding, and impact assessment of various activities in the power business network. First, the basic concept and the logical block diagram of NSSA are introduced. Then, the current situation and the risk of network security of power control system are summarized. Next, aimed at these risks and deficiencies, the key technologies involved in the network security situation awareness platform from the perspective of practice are expounded, which include the multidimensional security event correlation analysis model,the abnormal traffic and abnormal behavior detection method based on “baseline learning”,the attack chain recognition model based on attack scenario,and the power remote control security technology based on “address self verification”. Finally, the situation awareness solution and its application in power monitoring systems are stated and prospected.
ZHANG Liang, QU Gang, LI Huixing, JIN Haochun . Research and Application of Key Technologies of Network Security Situation Awareness for Smart Grid Power Control Systems[J]. Journal of Shanghai Jiaotong University, 2021 , 55(S2) : 103 -109 . DOI: 10.16183/j.cnki.jsjtu.2021.S2.017
| [1] | 柯宗贵, 杨育斌, 麦思文. 基于大数据的网络安全态势感知解决方案[J]. 信息技术与标准化, 2019(9): 21-22. |
| [1] | KE Zonggui, YANG Yubin, MAI Siwen. Network security situational awareness solution based on big data[J]. Information Technology & Standardization, 2019(9): 21-22. |
| [2] | 龚正虎, 卓莹. 网络态势感知研究[J]. 软件学报, 2010, 21(7): 1605-1619. |
| [2] | GONG Zhenghu, ZHUO Ying. Research on cyberspace situational awareness[J]. Journal of Software, 2010, 21(7): 1605-1619. |
| [3] | BRADSHAW J M, CARVALHO M, BUNCH L, et al. Sol: An agent-based framework for cyber situation awareness[J]. KI-Künstliche Intelligenz, 2012, 26(2): 127-140. |
| [4] | LIU N, WANG D G, HUANG X M, et al. Research on network security situation awareness technology based on artificial immunity system[C]// 2009 International Forum on Information Technology and Applications. Chengdu, China: IEEE, 2009: 472-475. |
| [5] | ZOU F T, LI L S, WU Y, et al. Detecting domain-flux malware using DNS failure traffic[J]. International Journal of Software Engineering and Knowledge Engineering, 2018, 28(2): 151-173. |
| [6] | ZOU F T, ZHANG S Y, LI L S, et al. Detecting malware based on expired command-and-control traffic[J]. International Journal of Distributed Sensor Networks, 2017, 13(7): 155014771772079. |
| [7] | ZOU F T, ZHANG S Y, RAO W X, et al. Detecting malware based on DNS graph mining[J]. International Journal of Distributed Sensor Networks, 2015, 2015:1-12. |
/
| 〈 |
|
〉 |
