工业变电站运维系统异常数据入侵检测互信息实现
王子杰,潘啸天 2024/10/3 8:25:50
国网江苏省电力有限公司句容市供电分公司,江苏句容 212400
摘要:工业变电站运维系统在运行的过程中经常受到不同类型的数据侵入,严重影响到变电站的安全,进而造成很大的经济损失。为了进一步提高运维系统的安全,设计了一种面向互信息技术的工业变电站运维系统异常数据入侵检测方法,并开展测试分析,证明了本文方法的准确性。研究结果表明:相对于PCA算法,互信息(MI)算法获得更高的特征提取精度,检测率也明显提升,降低了误报率。当数据量快速增加后,分布式模型表现出了更短的入侵检测时间。。该研究对提高运维系统异常数据入侵检测稳定性具有一定的实践指导意义,但在小概率攻击类型中该算法存在导致检测率为零结果,期待后续进一步的加强。
关键词:工业变电站;运维系统;互信息法;入侵检测
中图分类号:TH17 文献标志码: A
Implementation of mutual information of abnormal data intrusion detection in intelligent substation operation and maintenance system
Wang Zijie, Pan Xiaotian
Jurong Power Supply Branch of State Grid Jiangsu Electric Power Co., LTD., Jurong 212400, China
Abstract: The operation and maintenance system of industrial substation is often subjected to different types of data intrusion during operation, which seriously affects the safety of substation and causes great economic losses. In order to further improve the security of operation and maintenance system, a mutual information technology-oriented abnormal data intrusion detection method for industrial substation operation and maintenance system is designed and tested, and the accuracy of this method is proved. The results show that the mutual information (MI) algorithm achieves higher feature extraction accuracy, significantly improves detection rate and reduces false positive rate compared with PCA algorithm. When the amount of data increases rapidly, the distributed model shows a shorter intrusion detection time. This research has a certain practical guiding significance for improving the stability of abnormal data intrusion detection in operation and maintenance systems. However, in small-probability attack types, the detection rate of this algorithm is zero, and further strengthening is expected.
Key words: industrial substation; Operation and maintenance system; Mutual information method; Intrusion detection
0 引言
当前,网络应用技术与数据传输技术都获得了快速发展,人们逐渐进入大数据时代,尤其是随着工业变电站运维系统的不断(未完,下一页)
附件下载:工业变电站运维系统异常数据入侵检测互信息实现
|