CN104506354A - Data network risk evaluation method based on semi-physical simulation - Google Patents
Data network risk evaluation method based on semi-physical simulation Download PDFInfo
- Publication number
- CN104506354A CN104506354A CN201410814118.8A CN201410814118A CN104506354A CN 104506354 A CN104506354 A CN 104506354A CN 201410814118 A CN201410814118 A CN 201410814118A CN 104506354 A CN104506354 A CN 104506354A
- Authority
- CN
- China
- Prior art keywords
- event
- network
- node
- tree
- power telecom
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a data network risk evaluation method based on semi-physical simulation. The method comprises the following steps that the communication reliability is selected as an evaluation index of power telecommunication network failure; firstly, a fault tree and an event tree of the power telecommunication network failure are built, and the power telecommunication network failure reason is analyzed; then, a Bayesian network conversion algorithm is provided by respectively aiming at the fault tree and the event tree, and the power telecommunication network failure degree is judged by adopting a Bayesian network. The data network risk evaluation method has the advantages that the power telecommunication network failure is analyzed from the point of graph theory, the power telecommunication network failure reason is analyzed, and the communication reliability is selected as the evaluation index of the power telecommunication network failure.
Description
Technical field
The present invention relates to a kind of data network methods of risk assessment based on hardware-in-the-loop simulation.
Background technology
As one of the important attribute of power telecom network, failure degree receives the more and more closer concern of people, has penetrated into a lot of field to the research of complex network failure degree.In power telecom network field, along with the increase of communication service, people have progressively recognized the importance of power telecom network failure degree and have made great efforts power telecom network failure degree to be applied in power telecom network Construction and management.At present, power telecom network lost efficacy correlative study in, most scholar research emphasis is placed in power telecom network inefficacy assessment indicator system and countermeasure to the tolerance of power telecom network failure degree and study on evaluation way less.The general principle that the present invention was lost efficacy according to power telecom network, establish the assessment indicator system that power telecom network lost efficacy, the reason that application affairs tree was lost efficacy with fault tree analysis power telecom network, proposes the new method that application Bayesian network is passed judgment on power telecom network failure degree.And carry out instance analysis with this, form the data network methods of risk assessment based on hardware-in-the-loop simulation, prove that the method has practicality and application development prospect.
For understanding the state of development of prior art, existing paper and patent being carried out to retrieval, have compared and analyze, has filtered out the technical information that following degree related to the present invention is higher:
Technical scheme 1: the patent No. is " a kind of reaction type multistep network attack intelligent detecting method and device " patent of CN102638445A, relate to a kind of network information security technology, it is a kind of network multi-step attack with feedback mechanism rule intelligent detecting method, complete mainly through three steps: the first, utilize the product identification with multistep network attack detection function and prediction network attack, and record the regular situation (i.e. " regular utility information ") of playing effectiveness in real network of multistep network attack detection; The second, utilize the product detection network with Network Abnormal detecting function abnormal, as abnormal flow, virus, wooden horse, worm, cache overflow, illegal login etc.; Three, utilize the adjustment situation with the product surveillance network security policy of network security policy monitoring function, i.e. the situation of user and the system changeover precautionary measures, and review these adjustment early warning whether foundation multistep network attack detection instrument provides.
Technical scheme 2: the patent No. is " method for detecting wireless mesh network attack " patent of CN102547715A, relate to network detection technique field, specifically a kind of method for detecting wireless mesh network attack based on data mining, complete mainly through six steps: the first, detection node receives PREQ message, and statistics causes the quantity of the upper hop node of the RREQ message of RERR; The second, when the quantity of the upper hop node of the RREQ message of initiation RERR is more than or equal to 10, cluster is carried out to all PREQ messages that detection node receives; Three, Kmeans parameter is chosen; Four, according to Kmeans parameter, Kmeans cluster is carried out to the upper hop node ID of the RREQ message causing RERR, obtains malicious node set; Five, described malicious node set is added blacklist; Six, the RREQ of the transmission message number of the upper hop node of the RREQ message of all initiation RERR is set to 0.
Technical scheme 3: the patent No. is " the network attack trace back method of Abnormal network traffic and device " patent of CN102497362A, relate to network communication field, specifically, relate to a kind of network attack trace back method and device of Abnormal network traffic, complete mainly through two steps: the first: in the network node attacking link, select any one or more described network node as tracking starting point, wherein, described attack link is by the communication link between target of attack and attack source; The second, the upper level network node in described attack link is determined step by step according to described tracking starting point, until confirm final attack source.
Technical scheme 1 can identify and predict network attack, and records the device of the information that multistep network attack detection rule is played effectiveness in real network; The device of detection network abnormal information; Can the adjustment situation of monitoring network security strategy, and review whether these adjustment provide early warning device according to multistep network attack detection instrument; Can judge whether network is attacked according to Network Abnormal information, the comprehensive of early warning is judged according to non-prediction policy adjustment information, and assess to determine the availability of existing multi-step attack recognition rule in real network in conjunction with the validity of information to rule that multistep network attack detection rule is played effectiveness, and the comprehensive device of current multi-step attack recognition rule.The method that this invention relates to is complicated, is difficult to be applied to reality.Technical scheme 2 can detect malicious node, has stronger adaptability, realizes the whole network and detects, and fast to data packet head deception snowslide attack-response speed especially, detection efficiency is high.But algorithm receives the restriction of K-means parameter, and malicious node can only be produced.Technical scheme 3, solves in correlation technique, Security Mechanism of Intra-Network, can only alleviate network attack, can not the problem in source (i.e. attack source) of seat offence, and then reach can the effect in backward tracing seat offence source.This algorithm simply easily realizes, but the efficiency of algorithm is very low.
Summary of the invention
The object of the invention is to inquire into the method transformed to Bayesian network model by event tree, fault tree, Bayesian network is because of its powerful inference function and the convenience calculated, when research has the power communication pessimistic concurrency control of a lot of uncertain variables, it is very strong instrument.
Be different from other complex networks and laod network, power communication pessimistic concurrency control possesses self uniqueness a lot, the extensive power telecom network possessed possesses any characteristic, they possess which correlated characteristic of complex network, how are their survivabilities when facing dissimilar attack? how are their survivabilities when facing cascading failure? these are all the problems that Bayesian network model can be utilized in future to carry out studying demonstration further.Gradually, after ripe, CROSS REFERENCE and data are necessarily accumulated in the BN modeling development for power telecom network, related software is utilized to carry out case study and data are trained and conveniently can be carried out BN modeling by large complicated power telecom network.
Based on a data network methods of risk assessment for hardware-in-the-loop simulation, the present invention is characterised in that, the evaluation index that this method selects connected sets to lose efficacy as power telecom network; First build fault tree and the event tree of power telecom network inefficacy, analyze the reason that power telecom network lost efficacy; Then respectively for fault tree and event tree, propose the algorithm transformed to Bayesian network, application Bayesian network is passed judgment on power telecom network failure degree;
The primary event of event tree is the failure event on limit, and the inefficacy on limit will cause the inefficacy of each OD Pair, thus causes connected sets to drop to different levels, corresponding different power telecom network failure degree; The link event of event tree is that cause power telecom network to lose efficacy direct affects event, the in this case failure event of OD pair; After the event tree establishing power telecom network inefficacy, the event tree of next losing efficacy according to power telecom network sets up the fault tree that power telecom network lost efficacy; Using link event each in event tree as top event, the reason that analysis of failure tree was lost efficacy, with leaf node display in fault tree, works out the fault tree that power telecom network lost efficacy respectively;
The method that event tree transforms to Bayesian network, its algorithm is as follows:
(1) to the primary event in event tree and each link event, in Bayesian network, set up a two condition node, and name according to this event, a node is only set up for repeated events;
(2) for consequence, only set up a node Outcome, determine the state space of this node according to the number of consequence, and determine the title of each state according to consequence;
(3) primary event and node corresponding to link event are connected to node Outcome;
(4) according to the conditional probability distribution of sequence of events determination leaf node Outcome corresponding to each consequence;
Fault tree is as follows to Bayesian network converting algorithm:
(1) to each bottom event in fault tree, in Bayesian network, set up a two condition node, and name according to this event, a node is only set up for repeated events;
(2) to the gate in fault tree, in Bayesian network, set up a corresponding two condition node, and name according to the outgoing event of this gate, a node is only set up for the outgoing event repeated;
(3) node corresponding for incoming event is connected to node corresponding to its place gate;
(4) according to the prior probability distribution of root node in the invalid cost determination Bayesian network of bottom event corresponding in fault tree;
(5) according to the conditional probability distribution of non-root node in logical relation determination Bayesian network in fault tree.
Application reliability theoretical definition power telecom network of the present invention lost efficacy, and selected connected sets to be the evaluation index of power telecom network: it is the decline that powerline network can keep the ability be communicated with under destruction that power telecom network lost efficacy.Power telecom network keeps the ability be communicated with to be also called survivability.
Computational methods about power telecom network connected sets:
Section reliability: Q
a=E (Y
a)
Path reliability: Q
jcs=Π Q
jam
OD is to the reliability of rs: Q
rs=1-Π (1-Q
jam)
The reliability approximate representation of whole power telecom network is:
Q=(1/n)Σ[Q
rs]=(1/n)Σ[1-Π(1-Q
jam)]
The reason that power telecom network lost efficacy mainly artificially or is naturally attacked owing to receiving.The concrete reason that power telecom network lost efficacy may be because flow increases the node overload caused, and is also likely because accident causes the removal of node and the network segment.Mainly be divided three classes: analyze from the angle of graph theory, the reason of network failure is the attack to the attack of putting and opposite side; From the angle analysis of experience, the urban electric power communication network that power telecom network lost efficacy is subject to human factor (malicious attack, data blocking etc.) and non-artificial factor (natural calamity) causes; From the angle analysis of power telecom network planning with management, it is because the irrational planning of power telecom network and inappropriate management and control (Trafficmanagement and control) strategy cause that power telecom network lost efficacy.The analytical method that this several power telecom network lost efficacy has dissected the reason that power telecom network lost efficacy from different perspectives, to analyze obtain quantitative standard by being difficult to from the angle of empirical angle or power telecom network planning and management to power telecom network failure degree.So the present invention selects to analyze power telecom network inefficacy with the angle of graph theory, and analyze the origin cause of formation that power telecom network lost efficacy, the evaluation index selecting connected sets to lose efficacy as power telecom network, obtains genetic analysis figure as shown in Figure 1.
The present invention, from reliability theory, was lost efficacy using connected sets as evaluation criterion research power telecom network.The primary event of event tree is the failure event on limit.The inefficacy on limit will cause the inefficacy of each OD Pair, thus causes connected sets to drop to different levels, corresponding different power telecom network failure degree.The link event of event tree is that cause power telecom network to lose efficacy direct affects event, the in this case failure event of OD pair.After the event tree establishing power telecom network inefficacy, the event tree next just can lost efficacy according to power telecom network set up the fault tree that power telecom network lost efficacy.Using link event each in event tree as top event, the reason (path, section) that analysis of failure tree was lost efficacy, with leaf node display in fault tree, works out the fault tree that power telecom network lost efficacy respectively.
Lost efficacy as top event for OD Pair and the method setting up the fault tree that power telecom network lost efficacy be described:
Consider an OD Pair S be made up of n paths, claim " OD Pair lost efficacy " as top event, to be denoted as OPS.Each path failure is leaf node event, loses efficacy for bottom event in section.Determine that top event OD pair lost efficacy, leaf node function: path failure, bottom event: lost efficacy in section.
The structure of the fault tree that OD pair lost efficacy as shown in Figure 2.
Top event OD pair inefficacy respective path inefficacy Y1, Y2 ..., the corresponding relation of Yn is and gate.
The section inefficacy X1 that path failure Yr is corresponding, X2 ..., the corresponding relation of Xm is or gate.
We are in this research two status fault tree, and namely OD pair and link event can only get normal or fault two states, therefore can describe the state of bottom event with 0,1 variable xi, so have:
State due to top event is the function of bottom event state, as with
the state of description entry event, then have:
About the method that event tree transforms to Bayesian network, its algorithm is as follows:
(1) to the primary event in event tree and each link event, in Bayesian network, set up a two condition node, and name according to this event, a node is only set up for repeated events;
(2) for consequence, only set up a node Outcome, determine the state space of this node according to the number of consequence, and determine the title of each state according to consequence;
(3) primary event and node corresponding to link event are connected to node Outcome;
(4) according to the conditional probability distribution of sequence of events determination leaf node Outcome corresponding to each consequence.
About the method that fault tree transforms to Bayesian network, comprise the mapping relations of event, gate and node, mapping relations between logical relation ("AND", "or", " voting ") and conditional probability distribution.
Assuming that E=0 presentation of events E does not occur; E=1 presentation of events E occurs.Fig. 3 corresponding to distance, " forbidding ", NAND logical relation gives at Bayesian network.
Fault tree is as follows to Bayesian network converting algorithm:
(1) to each bottom event in fault tree, in Bayesian network, set up a two condition node, and name according to this event, a node is only set up for repeated events;
(2) to the gate in fault tree, in Bayesian network, set up a corresponding two condition node, and name according to the outgoing event of this gate, a node is only set up for the outgoing event repeated;
(3) node corresponding for incoming event is connected to node corresponding to its place gate;
(4) according to the prior probability distribution of root node in the invalid cost determination Bayesian network of bottom event corresponding in fault tree;
(5) according to the conditional probability distribution of non-root node in logical relation determination Bayesian network in fault tree.
Key problem in technology point of the present invention is:
According to the general principle that power telecom network lost efficacy, establish the assessment indicator system that power telecom network lost efficacy, the reason that application affairs tree was lost efficacy with fault tree analysis power telecom network;
Application Bayesian network is passed judgment on power telecom network failure degree.
The present invention proposes a kind of data network methods of risk assessment based on hardware-in-the-loop simulation, and its advantage is:
This technology is analyzed from the angle of graph theory power telecom network inefficacy, analyzes, select the evaluation index that connected sets lost efficacy as power telecom network to the origin cause of formation that power telecom network lost efficacy.First build fault tree and the event tree of power telecom network inefficacy, then respectively for fault tree and event tree, propose the algorithm transformed to Bayesian network.Instance analysis shows, Bayesian network, because of its powerful inference function and the convenience calculated, when research has the power communication pessimistic concurrency control of a lot of uncertain variables, is very strong instrument.For the BN modeling of power communication pessimistic concurrency control, owing to lacking the support of corresponding case library or rule base, the model needed cannot be generated from the method for reasoning by cases or rule-based reasoning, the method transformed to Bayesian network model by event tree, fault tree that the present invention inquires into, can attempt as the one of research initial stage knowledge accumulation.For BN modeling, the method also has certain extending space, and such as when considering cascading failure, needs wheel turns timeslice and sets up dynamic Bayesian network model to simulate the time of day of power telecom network.The algorithm that Dynamic fault tree transforms to dynamic bayesian network can be adopted in this case.Gradually, after ripe, CROSS REFERENCE and data are necessarily accumulated in the BN modeling development for power telecom network, related software is utilized to carry out case study and data are trained and conveniently can be carried out BN modeling by large complicated power telecom network.
Accompanying drawing explanation
Fig. 1 is power telecom network inefficacy genetic analysis figure;
Fig. 2 is power telecom network failure of removal tree exemplary plot;
Fig. 3 is that fault tree is to Bayesian network transformation rule;
Fig. 4 is exemplary power communication network schematic diagram;
Fig. 5 is power telecom network failure event tree schematic diagram;
Fig. 6 is the fault tree schematic diagram that OD Pair1 is corresponding;
Fig. 7 is the Bayesian network schematic diagram that power telecom network failure event tree is corresponding;
Fig. 8 is the Bayesian network schematic diagram of OD Pa ir 1 correspondence;
Fig. 9 is that the attack be subject to when limit is obeyed when being uniformly distributed and attacked probability graph at random;
Figure 10 is that emphasis attack probability graph when being uniformly distributed is obeyed in the attack be subject to when limit;
Figure 11 attacks probability graph when being the attack Normal Distribution when limit is subject at random;
When Figure 12 is the attack Normal Distribution when limit is subject to, emphasis attacks probability graph.
Embodiment
Based on a data network methods of risk assessment for hardware-in-the-loop simulation, the present invention is characterised in that, the evaluation index that this method selects connected sets to lose efficacy as power telecom network; First build fault tree and the event tree of power telecom network inefficacy, analyze the reason that power telecom network lost efficacy; Then respectively for fault tree and event tree, propose the algorithm transformed to Bayesian network, application Bayesian network is passed judgment on power telecom network failure degree;
The primary event of event tree is the failure event on limit, and the inefficacy on limit will cause the inefficacy of each OD Pair, thus causes connected sets to drop to different levels, corresponding different power telecom network failure degree; The link event of event tree is that cause power telecom network to lose efficacy direct affects event, the in this case failure event of OD pair; After the event tree establishing power telecom network inefficacy, the event tree of next losing efficacy according to power telecom network sets up the fault tree that power telecom network lost efficacy; Using link event each in event tree as top event, the reason that analysis of failure tree was lost efficacy, with leaf node display in fault tree, works out the fault tree that power telecom network lost efficacy respectively;
The method that event tree transforms to Bayesian network, its algorithm is as follows:
(1) to the primary event in event tree and each link event, in Bayesian network, set up a two condition node, and name according to this event, a node is only set up for repeated events;
(2) for consequence, only set up a node Outcome, determine the state space of this node according to the number of consequence, and determine the title of each state according to consequence;
(3) primary event and node corresponding to link event are connected to node Outcome;
(4) according to the conditional probability distribution of sequence of events determination leaf node Outcome corresponding to each consequence;
Fault tree is as follows to Bayesian network converting algorithm:
(1) to each bottom event in fault tree, in Bayesian network, set up a two condition node, and name according to this event, a node is only set up for repeated events;
(2) to the gate in fault tree, in Bayesian network, set up a corresponding two condition node, and name according to the outgoing event of this gate, a node is only set up for the outgoing event repeated;
(3) node corresponding for incoming event is connected to node corresponding to its place gate;
(4) according to the prior probability distribution of root node in the invalid cost determination Bayesian network of bottom event corresponding in fault tree;
(5) according to the conditional probability distribution of non-root node in logical relation determination Bayesian network in fault tree.
Assuming that a power telecom network as shown in Figure 4.Circle represents node, the numeral on arrow from arrow tail to the link overhead of head node, 5 OD pair (1 → 5), (2 → 5), (8 → 5), (2 → 4), (8 → 6).
OD1:{1,2,3,4},{5,6,7,8},{1,9,12,4},{1,9,10,8},{5,11,12,4},{5,11,10,8};
OD2:{2,3,4},{9,10,8},{9,12,4};
OD3:{11,12,4},{6,7,8},{11,10,8};
OD4:{2,3},{9,12};
OD5:{6,7},{11,10}。
Problem describes:
In the process that power telecom network is under attack, likely there is this primary event of node failure, if therefore cause the inefficacy of ODpair, serious power telecom network may be caused to lose efficacy, thus be necessary that each consequence to node failure causes is analyzed, to determine power telecom network failure degree, for contingency management provides necessary support.Fig. 5 gives a power telecom network failure event tree example simplified, wherein primary event lost efficacy in limit, the state considering ODpair 1, OD pair 2, OD pair 3, OD pair 4 and OD pair 5 is successively needed in event tree analysis, and the validity of each OD pair can be described by corresponding fault tree, as shown in Figure 6.If each OD pair statistical iteration, fault tree only need be utilized to calculate the probability of each OD pair inefficacy generation, by in sequence of events the probability multiplication that event occurs obtain the probability that this sequence occurs, then the probability that the sequence of events of identical consequence occurs is carried out the cumulative probability that can obtain this consequence and occur.But clearly, can find out that link event comprises identical bottom event by Fig. 4-6, not meet statistical independence hypothesis, therefore need to set up Bayesian network and power telecom network failure degree is estimated.
Bayesian network is set up when not considering cascading failure (cascading failure) in the present invention, under the primary event that power telecom network is under attack, consider the failure conditions of each OD pair respectively, to draw the influence degree that they lost efficacy to whole power telecom network.The power telecom network failure event tree of setting up as shown in Figure 5.
Fault tree corresponding to each link as shown in Figure 6 (for OD pair1).
Power telecom network meets with Bayesian network corresponding to attack tree as shown in Figure 7, node Outcome corresponds to the consequence in event tree, have 4 states: consequence 1 (power telecom network is normal), consequence 2 (power telecom network inefficacy level 1), consequence 3 (power telecom network inefficacy level 2), consequence 4 (power telecom network inefficacy level 3), its conditional probability distribution obtains by following methods.In Bayesian network, the probability distribution of root node temporarily refuses assignment, waits until the Bayesian network that the fault tree corresponding with this node change into and integrates.
Power telecom network lost efficacy Bayesian network corresponding to the fault tree of each OD Pair as shown in Figure 8, and corresponding conditional probability distribution obtains by the method in Fig. 8, for OD Pair 1:
The node of same names is had in the fault tree graph that each OD Pair is corresponding, integrate time be superimposed as a node when Bayesian network model set up complete after, below we with simple example analog computation once given power telecom network face for limit dissimilar attack time failure degree.
First the significance level of limit in Bayesian network model in power telecom network is added up.
Link overhead in table 1 power telecom network
| Link | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| Degree | 3 | 3 | 3 | 5 | 3 | 3 | 3 | 6 | 5 | 5 | 5 | 5 |
Because be only how citing demonstration studies the difference of power telecom network failure degree in varied situations, therefore to enumerate two kinds of situations be example:
(1) meet with the attack of terrorism, spend higher limit and meet with the orientation destruction meeting same distribution.
(2) meet with natural calamity, all limits meet with the random disruptions meeting same distribution.
The network that the present invention provides possesses certain small world effects, should show specific surface and attack better survivability to random when facing directional attack.Using Bayesian network in literary composition to carry out calculating checking can the validity of method of proof.
When meeting with random disruptions, the solving result following (using the MSBNX software developed by Microsoft to calculate) that Bayesian network lost efficacy for power telecom network:
When the attack be subject to when limit is obeyed and is uniformly distributed
Table 2 is attacked at random
| Outcomeu | Failurelevel1 | Failurelevel2 | Failurelevel3 | Normal |
| 0.1 | 0.0691 | 0.0421 | 0.0050 | 0.8838 |
| 0.2 | 0.1936 | 0.1287 | 0.0429 | 0.6348 |
| 0.3 | 0.2794 | 0.2019 | 0.1402 | 0.3785 |
| 0.4 | 0.2884 | 0.2262 | 0.2996 | 0.1858 |
| 0.5 | 0.2326 | 0.1975 | 0.4975 | 0.0725 |
| 0.6 | 0.1484 | 0.1358 | 0.6948 | 0.0210 |
| 0.7 | 0.0720 | 0.0703 | 0.8538 | 0.0039 |
| 0.8 | 0.0231 | 0.0237 | 0.9529 | 0.0003 |
| 0.9 | 0.0030 | 0.0032 | 0.9938 | 0.0000 |
Table 3 emphasis is attacked
| Outcomeu | Failurelevel1 | Failurelevel2 | Failurelevel3 | Failurelevel4 |
| 0.5 | 0.1875 | 0.4375 | 0.0000 | 0.3750 |
| 0.6 | 0.2016 | 0.5616 | 0.0000 | 0.2368 |
| 0.7 | 0.1911 | 0.6811 | 0.0000 | 0.1278 |
| 0.8 | 0.1536 | 0.7936 | 0.0000 | 0.0528 |
| 0.9 | 0.0891 | 0.8891 | 0.0000 | 0.0118 |
Observed can be drawn by Figure 10, faced by the power communication pessimistic concurrency control provided in example, the random survivability attacked is more weak, this is because this simple power communication pessimistic concurrency control possesses the feature of to a certain degree small-world network.And king-sized injury can't be brought to power telecom network for the attack of certain edges thereof, this represents this power telecom network in the face of having better survivability when deliberately attacking.And the failure probability 0.4 on limit becomes the flex point of whole power telecom network failure state, when the limit in power communication pessimistic concurrency control because when failure probability under attack is greater than 40%, the probability that whole power telecom network lost efficacy will sharply raise.
(2) when the attack Normal Distribution that limit is subject to
Visual basic is used to generate normal distribution random number.
Table 4 is attacked at random
| Outcomeu | Failurelevel1 | Failurelevel2 | Failurelevel3 | Failurelevel4 |
| 0.1 | 0.0850 | 0.0854 | 0.0101 | 0.8195 |
| 0.2 | 0.1739 | 0.1352 | 0.0306 | 0.6603 |
| 0.3 | 0.2455 | 0.1466 | 0.0632 | 0.5447 |
| 0.4 | 0.2524 | 0.2267 | 0.2830 | 0.2379 |
| 0.5 | 0.2399 | 0.1875 | 0.5079 | 0.0647 |
| 0.6 | 0.1696 | 0.1395 | 0.6609 | 0.0301 |
| 0.7 | 0.0622 | 0.0603 | 0.8729 | 0.0047 |
| 0.8 | 0.0258 | 0.0224 | 0.9514 | 0.0003 |
| 0.9 | 0.0037 | 0.0046 | 0.9916 | 0.0000 |
Table 5 emphasis is attacked
| Outcomeu | Failurelevel1 | Failurelevel2 | Failurelevel3 | Nomal |
| 0.5 | 0.2133 | 0.4047 | 0.0000 | 0.3821 |
| 0.6 | 0.1984 | 0.5176 | 0.0000 | 0.2840 |
| 0.7 | 0.1357 | 0.7708 | 0.0000 | 0.0936 |
| 0.8 | 0.1903 | 0.7363 | 0.0000 | 0.0734 |
| 0.9 | 0.0535 | 0.9435 | 0.0000 | 0.0029 |
When the power communication pessimistic concurrency control example that the present invention provides faces the random attack of Normal Distribution, we can find that it shows some different characteristics, namely, when limit failure probability under attack is lower, show and attack better survivability than being subject to being uniformly distributed.This further demonstrates the small world effects feature of example power telecom network, when global failure probability is not high, make up mutually or select the possibility of alternative circuit to make power telecom network possess better stability.That is, when facing the attack of same intensity, the force distribution of attack is unbalanced, and the power telecom network that example provides possesses better survivability.
Claims (1)
1. based on a data network methods of risk assessment for hardware-in-the-loop simulation, it is characterized in that, the evaluation index that this method selects connected sets to lose efficacy as power telecom network; First build fault tree and the event tree of power telecom network inefficacy, analyze the reason that power telecom network lost efficacy; Then respectively for fault tree and event tree, propose the algorithm transformed to Bayesian network, application Bayesian network is passed judgment on power telecom network failure degree;
The primary event of event tree is the failure event on limit, and the inefficacy on limit will cause the inefficacy of each OD Pair, thus causes connected sets to drop to different levels, corresponding different power telecom network failure degree; The link event of event tree is that cause power telecom network to lose efficacy direct affects event, the in this case failure event of OD pair; After the event tree establishing power telecom network inefficacy, the event tree of next losing efficacy according to power telecom network sets up the fault tree that power telecom network lost efficacy; Using link event each in event tree as top event, the reason that analysis of failure tree was lost efficacy, with leaf node display in fault tree, works out the fault tree that power telecom network lost efficacy respectively;
The method that event tree transforms to Bayesian network, its algorithm is as follows:
(1) to the primary event in event tree and each link event, in Bayesian network, set up a two condition node, and name according to this event, a node is only set up for repeated events;
(2) for consequence, only set up a node Outcome, determine the state space of this node according to the number of consequence, and determine the title of each state according to consequence;
(3) primary event and node corresponding to link event are connected to node Outcome;
(4) according to the conditional probability distribution of sequence of events determination leaf node Outcome corresponding to each consequence;
Fault tree is as follows to Bayesian network converting algorithm:
(1) to each bottom event in fault tree, in Bayesian network, set up a two condition node, and name according to this event, a node is only set up for repeated events;
(2) to the gate in fault tree, in Bayesian network, set up a corresponding two condition node, and name according to the outgoing event of this gate, a node is only set up for the outgoing event repeated;
(3) node corresponding for incoming event is connected to node corresponding to its place gate;
(4) according to the prior probability distribution of root node in the invalid cost determination Bayesian network of bottom event corresponding in fault tree;
(5) according to the conditional probability distribution of non-root node in logical relation determination Bayesian network in fault tree.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410814118.8A CN104506354A (en) | 2014-12-24 | 2014-12-24 | Data network risk evaluation method based on semi-physical simulation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410814118.8A CN104506354A (en) | 2014-12-24 | 2014-12-24 | Data network risk evaluation method based on semi-physical simulation |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104506354A true CN104506354A (en) | 2015-04-08 |
Family
ID=52948069
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410814118.8A Pending CN104506354A (en) | 2014-12-24 | 2014-12-24 | Data network risk evaluation method based on semi-physical simulation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104506354A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105006119A (en) * | 2015-06-30 | 2015-10-28 | 中国寰球工程公司 | Alarm system optimization method based on bayesian network |
| CN105005697A (en) * | 2015-07-16 | 2015-10-28 | 西安电子科技大学 | Dynamic fault tree analysis method of system with time restraint on repair |
| CN105490836A (en) * | 2015-11-19 | 2016-04-13 | 湘南学院 | Monte Carlo evaluation method for reliability of complex network |
| CN105893697A (en) * | 2016-04-22 | 2016-08-24 | 北京交通大学 | System reliability assessment method based on Bayesian network reasoning |
| CN107748701A (en) * | 2017-10-16 | 2018-03-02 | 云南电网有限责任公司电力科学研究院 | A kind of analysis method for reliability of electric energy measurement automation system |
| CN111680882A (en) * | 2020-05-15 | 2020-09-18 | 北京航空航天大学 | Multi-level risk assessment method for unmanned aerial vehicle system under probability coupling relation |
| CN115459965A (en) * | 2022-08-23 | 2022-12-09 | 广州大学 | Multistep attack detection method for network security of power system |
| CN115859630A (en) * | 2022-12-07 | 2023-03-28 | 南京师范大学 | Electric power traffic coupling network vulnerability assessment method based on probability map |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102117450A (en) * | 2011-03-03 | 2011-07-06 | 苏州热工研究院有限公司 | Experience-feedback-based nuclear power equipment preventive replacement cycle optimizing method |
| US20120239320A1 (en) * | 2009-09-25 | 2012-09-20 | Abb Research Ltd | Reliability calculation for substation automation systems |
| CN103441869A (en) * | 2013-08-19 | 2013-12-11 | 广东电网公司电力调度控制中心 | Vulnerable main machine recognition method and device of power system |
| CN103840967A (en) * | 2013-12-23 | 2014-06-04 | 北京邮电大学 | Method for locating faults in power communication network |
-
2014
- 2014-12-24 CN CN201410814118.8A patent/CN104506354A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20120239320A1 (en) * | 2009-09-25 | 2012-09-20 | Abb Research Ltd | Reliability calculation for substation automation systems |
| CN102117450A (en) * | 2011-03-03 | 2011-07-06 | 苏州热工研究院有限公司 | Experience-feedback-based nuclear power equipment preventive replacement cycle optimizing method |
| CN103441869A (en) * | 2013-08-19 | 2013-12-11 | 广东电网公司电力调度控制中心 | Vulnerable main machine recognition method and device of power system |
| CN103840967A (en) * | 2013-12-23 | 2014-06-04 | 北京邮电大学 | Method for locating faults in power communication network |
Non-Patent Citations (2)
| Title |
|---|
| 周忠宝: "基于贝叶斯网络的概率安全评估方法及应用研究", 《中国博士学位论文全文数据库》 * |
| 黄晶,徐丽群: "基于贝叶斯网络的路网失效程度评估方法研究", 《科学技术与工程》 * |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105006119A (en) * | 2015-06-30 | 2015-10-28 | 中国寰球工程公司 | Alarm system optimization method based on bayesian network |
| CN105005697A (en) * | 2015-07-16 | 2015-10-28 | 西安电子科技大学 | Dynamic fault tree analysis method of system with time restraint on repair |
| CN105005697B (en) * | 2015-07-16 | 2017-08-25 | 西安电子科技大学 | It is a kind of to have the system Dynamic fault tree analysis method of time-constrain to reparation |
| CN105490836B (en) * | 2015-11-19 | 2019-04-19 | 湘南学院 | A kind of Monte Carlo appraisal procedure of complex network reliability |
| CN105490836A (en) * | 2015-11-19 | 2016-04-13 | 湘南学院 | Monte Carlo evaluation method for reliability of complex network |
| CN105893697A (en) * | 2016-04-22 | 2016-08-24 | 北京交通大学 | System reliability assessment method based on Bayesian network reasoning |
| CN107748701A (en) * | 2017-10-16 | 2018-03-02 | 云南电网有限责任公司电力科学研究院 | A kind of analysis method for reliability of electric energy measurement automation system |
| CN107748701B (en) * | 2017-10-16 | 2021-04-27 | 云南电网有限责任公司电力科学研究院 | Reliability analysis method for electric energy metering automation system |
| CN111680882A (en) * | 2020-05-15 | 2020-09-18 | 北京航空航天大学 | Multi-level risk assessment method for unmanned aerial vehicle system under probability coupling relation |
| CN111680882B (en) * | 2020-05-15 | 2022-08-02 | 北京航空航天大学 | Multi-level risk assessment method for unmanned aerial vehicle system under probability coupling relation |
| CN115459965A (en) * | 2022-08-23 | 2022-12-09 | 广州大学 | Multistep attack detection method for network security of power system |
| CN115859630A (en) * | 2022-12-07 | 2023-03-28 | 南京师范大学 | Electric power traffic coupling network vulnerability assessment method based on probability map |
| CN115859630B (en) * | 2022-12-07 | 2023-06-16 | 南京师范大学 | Electric traffic coupling network vulnerability assessment method based on probability map |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104506354A (en) | Data network risk evaluation method based on semi-physical simulation | |
| Ghiasi et al. | A comprehensive review of cyber-attacks and defense mechanisms for improving security in smart grid energy systems: Past, present and future | |
| Wu et al. | Big data analysis-based security situational awareness for smart grid | |
| Ouyang | Critical location identification and vulnerability analysis of interdependent infrastructure systems under spatially localized attacks | |
| US20160308725A1 (en) | Integrated Community And Role Discovery In Enterprise Networks | |
| Niazi et al. | Verification & validation of an agent-based forest fire simulation model | |
| Yang et al. | Towards a snowdrift game optimization to vertex cover of networks | |
| Yu et al. | Crime forecasting using spatio-temporal pattern with ensemble learning | |
| Madireddy et al. | Leveraging social networks for efficient hurricane evacuation | |
| CN103607388A (en) | APT threat prediction method and system | |
| Ullah et al. | A framework for anomaly detection in IoT networks using conditional generative adversarial networks | |
| Bensaber et al. | Design and modeling an Adaptive Neuro-Fuzzy Inference System (ANFIS) for the prediction of a security index in VANET | |
| CN103401625A (en) | Particle swarm optimization algorithm based cooperative spectrum sensing optimization method | |
| Halabi et al. | Protecting the Internet of vehicles against advanced persistent threats: A bayesian Stackelberg game | |
| Laszka et al. | Detection and mitigation of attacks on transportation networks as a multi-stage security game | |
| CN109861825B (en) | Internal attack detection method based on weighting rule and consistency in CPS system | |
| Peng et al. | Reliability analysis in interdependent smart grid systems | |
| CN105991517A (en) | Vulnerability discovery method and device | |
| KR102152403B1 (en) | Apparatus and method for detecting abnormal behavior using data pattern analysis | |
| Yasin et al. | Feature Selection for Black Hole Attacks. | |
| Bokhari et al. | Cybersecurity strategy under uncertainties for an IoE environment | |
| Dinc et al. | Smart home security with the use of wsns on future intelligent cities | |
| CN103401626A (en) | Genetic algorithm based cooperative spectrum sensing optimization method | |
| Chen et al. | Model alignment of anthrax attack simulations | |
| CN102448066A (en) | WSN (Wireless Sensor Network)-oriented lightweight intrusion detection method on basis of artificial immunization and mobile agent |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150408 |
|
| RJ01 | Rejection of invention patent application after publication |