[1]吕云彤,厉建宾,葛云龙,等.源网荷实时交互异常检测技术研究[J].计算机技术与发展,2019,29(08):58-62.[doi:10. 3969 / j. issn. 1673-629X. 2019. 08. 011]
 LYU Yun-tong,LI Jian-bin,GE Yun-long,et al.Research on Anomaly Detection Technology of Source Grid Load System[J].,2019,29(08):58-62.[doi:10. 3969 / j. issn. 1673-629X. 2019. 08. 011]
点击复制

源网荷实时交互异常检测技术研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
29
期数:
2019年08期
页码:
58-62
栏目:
智能、算法、系统工程
出版日期:
2019-08-10

文章信息/Info

Title:
Research on Anomaly Detection Technology of Source Grid Load System
文章编号:
1673-629X(2019)08-0058-05
作者:
吕云彤1 ;?厉建宾1 ;?葛云龙2 ;?葛 维2 ;?黄秀丽3
1. 国网河北省电力有限公司 电力科学研究院,河北 石家庄 050021; 2. 国网河北省电力有限公司,河北 石家庄 050000; 3. 全球能源互联网研究院有限公司,江苏 南京 210003
Author(s):
LYU Yun-tong1 ;?LI Jian-bin1 ;?GE Yun-long2 ;?GE Wei2 ;?HUANG Xiu-li3
1. Electric Power Research Institute of State Grid Hebei Electric Power Supply Co.,Ltd,Shijiazhuang 050021,China; 2. State Grid Hebei Electric Power Supply Co.,Ltd,Shijiazhuang 050000,China; 3. Global Energy Interconnection Research Institute,Nanjing 2100
关键词:
源网荷系统;?异常检测;?OCSVM;?恶意攻击;?实时交互过程
Keywords:
Source-Grid-Load system;?anomaly detection;?OCSVM;?malicious attack;?real-time interaction
分类号:
TP311
DOI:
10. 3969 / j. issn. 1673-629X. 2019. 08. 011
摘要:
源网荷系统是涉及发电、输电和用电的互动系统,在管理薄弱的用户侧,出现了针对用户侧不可控的智能负荷控制终端设备的多种恶意攻击。为有效发现源网荷系统的交互异常,首先对源网荷系统的安全需求进行分析。 然后基于源网荷系统具有“状态有限冶和“行为有限冶的特点,借助单类支持向量机,提出了单类支持向量机 OCSVM 技术。 实现了源网荷实时交互过程的正常数据和异常数据进行二分类,同时识别出了源网荷系统中的未知攻击或异常。为了验证OCSVM 技术的可行性和有效性,在源网荷仿真实验系统上进行了验证。实验结果表明,在样本训练上 OCSVM 只需要一类样本就可以训练异常检测模型,对噪声样本数据具有鲁棒性,很好地满足了源网荷系统数据具有较明显的数据不平衡特点,相比 SVM 等算法具有更高的准确率。
Abstract:
The Source-Grid-Load system is an interactive system involving power generation,transmission and consumption. In the user side with weak management, a variety of malicious attacks have emerged for intelligent load control terminal devices that are uncontrollable on the user side. In order to discover the interaction anomalies of the Source-Grid-Load system effectively,firstly the security requirements of the Source-Grid-Load system is analyzed. Then,based on the characteristics of “limited state” and “limited behavior” of the Source-Grid-Load system,the OCSVM technology of single-class support vector machine is proposed with the help of single-class support vector machine,which realizes two classifications of normal data and abnormal data in the real-time interaction process of source network load,and identifies unknown attacks or abnormalities in Source-Grid-Load system at the same time. In order to verify the feasibility and validity of OCSVM technology,the simulation experiment system of Source-Grid-Load is validated. The experiment shows that OCSVM only needs one type of sample to train the anomaly detection model in sample training,which is robust to noise sample data. It satisfies the data unbalanced characteristics of the Source-Grid-Load system data,and has higher accuracy than other algorithms such as SVM.

相似文献/References:

[1]高峥 陈蜀宇 李国勇.混合入侵检测系统的研究[J].计算机技术与发展,2010,(06):148.
 GAO Zheng,CHEN Shu-yu,LI Guo-yong.Research of a Hybrid Intrusion Detection System[J].,2010,(08):148.
[2]李睿 肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,(06):168.
 LI Rui,XIAO Wei-min.Research on Anomaly Intrusion Detection Based on Outlier Mining[J].,2009,(08):168.
[3]汪慧敏.基于改进负选择算法的异常检测[J].计算机技术与发展,2009,(08):41.
 WANG Hui-min.Anomaly Detection Using Modified Negative Selection Algorithm[J].,2009,(08):41.
[4]赵辉 张鹏.网络异常的主动检测与特征分析[J].计算机技术与发展,2009,(08):159.
 ZHAO Hui,ZHANG Peng.Active Detection and Feature Analysis About Network Anomaly[J].,2009,(08):159.
[5]陈丹伟 黄秀丽 任勋益.基于人工神经网络入侵检测模型的探讨[J].计算机技术与发展,2009,(12):143.
 CHEN Dan-wei,HUANG Xiu-li,REN Xun-yi.An Approach to IDS Model Based on Artificial Neuron Network[J].,2009,(08):143.
[6]柏海滨 李俊.基于支持向量机的入侵检测系统的研究[J].计算机技术与发展,2008,(04):137.
 BAI Hai-bin,LI Jun.Research of Intrusion Detection System Based on Support Vector Machine[J].,2008,(08):137.
[7]宋连涛 庄卫华.基于异常的入侵检测技术在Snort系统中的应用[J].计算机技术与发展,2006,(06):136.
 SONG Lian-tao,ZHUANG Wei-hua.Application of Anomaly Detection Technology in Snort System[J].,2006,(08):136.
[8]陈平 宋玉蓉 蒋国平.基于多维聚类挖掘的异常检测方法研究[J].计算机技术与发展,2012,(07):136.
 CHEN Ping,SONG Yu-rong,JIANG Guo-ping.Multidimensional Clustering Based Anomaly Detection Research[J].,2012,(08):136.
[9]崔锡鑫,苏伟,刘颖.基于熵的流量分析和异常检测技术研究与实现[J].计算机技术与发展,2013,(05):120.
 CUI Xi-xin,SU Wei,LIU Ying.Research and Implementation of Traffic Analysis and Anomaly Detection Technology Based on Entropy[J].,2013,(08):120.
[10]翁鹤,皮德常. 混沌RBF神经网络异常检测算法[J].计算机技术与发展,2014,24(07):29.
 WENG He,PI De-chang. Chaotic RBF Neural Network Anomaly Detection Algorithm[J].,2014,24(08):29.

更新日期/Last Update: 2019-08-10