CN108632266A - A kind of power distribution communication network security situational awareness method - Google Patents
A kind of power distribution communication network security situational awareness method Download PDFInfo
- Publication number
- CN108632266A CN108632266A CN201810394951.XA CN201810394951A CN108632266A CN 108632266 A CN108632266 A CN 108632266A CN 201810394951 A CN201810394951 A CN 201810394951A CN 108632266 A CN108632266 A CN 108632266A
- Authority
- CN
- China
- Prior art keywords
- data
- power distribution
- security
- distribution communication
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Abstract
The invention belongs to technical field of network information more particularly to a kind of power distribution communication network security situational awareness methods, including:The data of power distribution communication net are divided into real time data and historical data and event triggering and period acquisition two ways is respectively adopted and is acquired and uploads;Duplicate removal is carried out using fingerprint extraction algorithm and simhash dimensionality reductions to the collected data of institute, then after carrying out denoising using nearest neighbor algorithm, the different characteristic of data is organized into vector form, real time data and historical data are distinguished with mode bit;The ball vector machine classifier model for optimizing training parameter using Bayesian network security postures sensor model and quantum genetic algorithm to real time data and historical data respectively carries out data fusion and Situation Assessment;Safe prediction is carried out to power distribution communication net and visualizes security situation, including the prediction of real security postures, real-time situation displaying, history displaying and other information displaying.
Description
Technical field
The invention belongs to technical field of network information more particularly to a kind of power distribution communication network security situational awareness methods.
Background technology
Power distribution communication network is the important component of power telecom network, and distribution network communication system assumes responsibility for much being located at electricity
The transmission of the business datum of net tip.As new energy electric power accesses extensively, after distribution connects renewable power supply, micro-grid system
Data necessary to the business such as scheduling, control, management are inevitably needed by matching network communication system transmission.As entire intelligence
The damage of the power distribution communication system of energy network system " nerve endings " will lead to the paralysis of entire intelligent grid.
However as the fast development of network technology, attack means also become more diversified, various network attacks, sensitive information
Leakage etc. security incidents be significantly increased, in the communication system of power distribution network, due to its broad covered area, device node is more the features such as,
Power distribution communication net safety problem is still major issue, there is no being well solved because of its importance, is mainly manifested in:
(1) range of traditional safety product gathered data and depth are insufficient, and prediction is caused to have deviation, and
And can not effectively monitor, prevent the operation of internal system user, many enterprise security events are just because of the violation of its internal user
Caused by operation.
(2) traditional safety product can only resist specific security threat, cause the situation of " fighting separately ", Wu Fayou
The mutual information of utilization of effect cannot efficiently merge the information security data of various dimensions.
(3) traditional safety product constantly generates a large amount of security log and event in the process of running, can cause to operate
The inconvenience that personnel use, the interface for lacking unified fusion multi-product are operated, and the work of staff is greatly reduced
Make efficiency.
Invention content
In order to solve the above-mentioned conventional security system of defense existing deficiency online in power distribution communication, the present invention proposes one
Kind power distribution communication network security situational awareness method, including:
The data of power distribution communication net are divided into real time data and historical data and event triggering and week are respectively adopted by step 1
Phase acquisition two ways is acquired;
Step 2 carries out duplicate removal to the collected data of institute using fingerprint extraction algorithm and simhash dimensionality reductions, then using neighbour
After nearly algorithm carries out denoising, the different characteristic of data is organized into vector form, real time data is distinguished with mode bit and is gone through
History data;
Step 3 is respectively lost real time data and historical data using Bayesian network security postures sensor model and quantum
The ball vector machine classifier model that propagation algorithm optimizes training parameter carries out data fusion and Situation Assessment;
Step 4 carries out safe prediction to power distribution communication net and visualizes security situation, including security postures prediction,
Real-time situation displaying, history displaying and other information displaying.
The real time data includes:Equipment operating data, real-time alarm data, operation behavior data, network insertion data,
Equipment accesses data.
The historical data includes:Security risk data, security audit data, safety analysis data, safe internet data.
It is described to be specifically included using Bayesian network security postures sensor model:
Step 301, the master variable for determining weighting Bayesian network, that is, construct the topological structure of initial Bayesian network;
Step 302 constructs bayesian network structure based on score function, and score function is as the mark for finding network structure
Standard calculates the mutual information between two nodes by transinformation amount theory, and final topology structure is obtained by correcting;
Step 303, the local probability distribution for providing each node, probability distribution are divided into prior probability table PPT and non-leaf
The probability tables CPT of node, nodal information is improved, and each nodal information includes two parts:Node probability tables and institute are right
Vector information is answered, and acquires risk probability;
Step 304 is obtained by network and classifies and assessed.
The ball vector machine classifier model of the quantum genetic algorithm optimization training parameter is made using ball vector machine classifier
For grader, and it is dynamically that ball vector machine classifier looks for optimal training parameter using quantum genetic algorithm.
The beneficial effects of the present invention are:The characteristic for combining power distribution communication net divides not the data of power distribution communication net
Same Situation Awareness module is handled.Wherein real time data carries out security postures perception using Bayesian network, not only can be with
Expert knowledge library is adequately utilized, and efficiently timely its security postures can be perceived.Historical data is used based on improvement
Quantum genetic algorithm optimization training parameter ball vector machine classifier, when training sample set be extensive sample set when, use
This method training speed is fast, and training parameter is also more accurate.Improvement proposed by the present invention weights Bayesian network, fully combines and matches
The weight of telecommunication net equipment, the probability for coordinating it to occur can threaten business risk and provide relatively objective assessment.
Description of the drawings
Fig. 1 is overall flow figure of the present invention
Fig. 2 is real time data Situation Awareness flow chart of the present invention
Fig. 3 is historical data Situation Awareness flow chart of the present invention
Fig. 4 is quantum genetic algorithm flow chart of the present invention
Fig. 5 is initial bayesian network structure figure
Specific implementation mode
Below in conjunction with the accompanying drawings, it elaborates to embodiment.
The invention discloses a kind of power distribution communication network security situational awareness methods.This method is mainly by logical to distribution
The data of letter net are acquired, assess and predict, the security risk of power distribution communication net is reduced with this, as shown in Figure 1, including such as
Lower step:
The data of power distribution communication net are divided into real time data and historical data and event triggering and week are respectively adopted by step 1
Phase acquisition two ways is acquired;
Step 2 carries out duplicate removal to the collected data of institute using fingerprint extraction algorithm and simhash dimensionality reductions, then using neighbour
After nearly algorithm carries out denoising, the different characteristic of data is organized into vector form, real time data is distinguished with mode bit and is gone through
History data;
Step 3 is respectively lost real time data and historical data using Bayesian network security postures sensor model and quantum
The ball vector machine classifier model that propagation algorithm optimizes training parameter carries out data fusion and Situation Assessment;
Step 4 carries out safe prediction to power distribution communication net and visualizes security situation, including real security postures are pre-
It surveys, real-time situation displaying, history is shown and other information displaying.
The method disclosed in the present relates generally to following three nucleus modules:Power distribution communication network data Extraction specification mould
Block, power distribution communication net safety situation evaluation module and power distribution communication net security postures prediction module.
Power distribution communication network data Extraction specification module.Data Extraction specification module disclosed in this invention is mainly to distribution
The data of communication network are acquired and carry out standardization processing to the data after acquisition.
In power distribution communication net, conventional Network security factor data such as static configuration information is relied solely on, dynamic is believed
Breath and network traffic information cannot effectively reflect the safe condition of power distribution communication net.The present invention is special according to power distribution communication net
Property, in conjunction with the security postures cognitive method of network, the data safety-related with power distribution communication net are divided into real time data and history
Data.Assessment and prediction to different classes of data use different security postures cognitive methods.
The data of acquisition include following two major classes:
(1) real time data:Including equipment operating data, real-time alarm data, operation behavior data, network insertion data,
Equipment accesses data.Wherein
1) equipment operating data:The operation data of equipment includes the operation log, running log, configuration information of all kinds of devices
Deng.Wherein equipment include longitudinal equipment, xegregating unit, firewall box, intruding detection system, Anti-Virus, the network equipment,
Database, host equipment (server, work station).
2) real-time alarm data:The real-time alarm data of equipment includes violating being caused to communication network for security strategy generation
The security event data of influence.Wherein equipment includes longitudinal equipment, xegregating unit, firewall box, intruding detection system, diseases prevention
Malicious system, the network equipment, database, host equipment (server, work station).
3) operation behavior data:The operation relevant information that the user of equipment logs in and user is carried out.Wherein equipment includes
Longitudinal equipment, xegregating unit, firewall box, intruding detection system, Anti-Virus, the network equipment, database, host equipment
(server, work station).
4) network insertion data:The network equipment accesses relevant information.
5) equipment accesses data:Hardware device accesses relevant information.
(2) historical data:Including security risk data, security audit data, safety analysis data, safe internet data.
Wherein
1) security risk data:The relevant information of security risk that the method disclosed in this patent obtains.
2) security audit data:The relevant information of operation, alarm, safety analysis that the method disclosed in this patent obtains.
3) safety analysis data:The relevant information of security incident, security postures that the method disclosed in this patent obtains.
The frequency of gathered data includes following two major classes:
(1) event triggers:Gathered data is started by the warning information of equipment.
(2) period acquires:Setting collection period, timing acquiring data are carried out by operating personnel.
Gathered data pre-processes:
(1) data deduplication:Using fingerprint extraction algorithm, after simhash dimensionality reductions, obtain the two of a length 64 into
Character string processed, to efficiently remove hash.
(2) data de-noising:Using KNN algorithms (closing on algorithm), isolated point is found.
The form of gathered data specification:
By the data of acquisition, after removing redundancy, it is organized into the form of vector.Wherein vector is in addition to the different feature of each index
Outside, also real time data also historical data should be distinguished comprising a mode bit.It is as follows:
Power distribution communication net Situation Assessment, prediction module.The present invention uses based on Bayesian network and is based on neural network
Network security situation awareness model.The present invention is used the real time data of acquisition and is perceived based on Bayesian network security postures
Model.Expert knowledge library can be effectively utilized using based on Bayesian network security postures cognitive method, and with preferable
Real-time.
The Situation Assessment and situation Tendency Prediction module of real time data.It is compared based on weighting Bayesian network correlating method
Machine learning correlation method popular at this stage is more efficient, can carry out event correlation analysis in real time, compare and be suitble to match
The assessment of the service security situation of telecommunication net.It weights Bayesian network and is also known as " belief network ", be a kind of acyclic graph, wherein
Figure interior joint represents stochastic variable, and a node probability is calculated with the conditional probability of a bit.
As shown in Fig. 2, specific steps include:
(1) master variable for determining weighting Bayesian network, that is, construct the topological structure of initial Bayesian network.The present invention adopts
Use four Dimensional levels as the Bayesian network of a certain component of power distribution communication network.And all components of power distribution communication net constitute
Network topology structure such as Fig. 5.
(2) present invention uses the method construct network structure based on scoring.Bayesian network method is constructed based on score function
It is to be made of two parts:Score function and corresponding searching algorithm.A score function can be provided based on point system, as seeking
Look for the standard of network structure.Topological structure by obtained Bayesian network calculates two sections by transinformation amount theory
Mutual information between point obtains final topology structure by correcting.
The score function that the present invention uses for:
In the case of given topological structure G, P (G) indicates the priori about structure G, data set D=(d1, d2...
dm) it is about n variable (x1, x2... xn) observation.ai,j,kIndicate the hyper parameter value in the distribution of Di Li Crays, aij=∑
ai,j,k, mijkIndicate variable xiK-th of value.
The searching algorithm that the present invention uses is greedy algorithm:
[1] expert knowledge library is borrowed, an initial weighting bayesian network structure is set.
[2] it selects a line i that network is added from candidate edge set E, calculates the changing value Δ (e of score functioni), if
Δ(ei)>Δ(ei'), and Δ (ei)>0, if Candidate Set does not have such side, execute step 3.
[3] weighting Bayesian network is added in qualified side, and is deleted from Candidate Set, repeat step 2.
(3) the local probability distribution of each node is provided.It is discrete sample space that Bayesian network master is to be processed.Its
Middle probability distribution is divided into prior probability table PPT and the probability tables CPT of non-leaf nodes.If leaf node obeys the distribution of Di Li Crays
D[α1,α2,…αn], n indicates the number of node.Θ indicates that stochastic variable may obtained value
The construction of prior probability table PPT:
Wherein
After sample learning, next sample is
The probability tables CPT of non-leaf nodes:
Wherein αijkFor prior information, mijkFor data set D
Observation
P(Dm+1| D)=∫ θiP(θ|D)dθ
Herein due to the particularity of power distribution communication network, therefore its nodal information is improved.Each nodal information packet
Include two parts:Node probability tables and corresponding vector information.By the risk index information a in vector, in conjunction with its probability P,
Middle a is to assess gained by expert.Acquire risk probability:Pa=p × a.If not risky index information in knot vector,
Pa=p.
(4) it can be obtained by network and classify and assessed.The present invention is predicted using time series method.
The Situation Assessment and situation Tendency Prediction module of historical data.As shown in figure 3, specifically including:
Use the ball vector machine classifier for optimizing training parameter based on quantum genetic algorithm.Tendency Prediction module can root
According to existing information, power distribution information net is effectively predicted.To make it in secure context, switch to lead from Passive Defence
Dynamic defence.The present invention when BVM trains grader, utilizes quantum using BVM (ball vector machine classifier) as grader
Genetic algorithm is dynamically that BVM looks for optimal training parameter.
When BVM training parameters, the selection of training parameter directly determines the precision of grader.Wherein 3 training
Parameter is even more important, respectively:
(1) C penalty factors determine the complexity of ball vector machine classifier and the punishment for the fitting difference more than ε
Degree.
(2) σ kernel functions and wide parameter, illustrate the precision architecture in high-dimensional feature space, and control ball vector machine point
The complexity of class device convex quadratic programming optimal solution.
(3) ε indicates the expectation of the error to estimation function in sample data.
Quantum genetic algorithm is used for the selection present invention of C, σ, ε.As shown in figure 4, in quantum genetic algorithm, gene
No longer it is that only there are 0,1 two states, both may be 1 is also likely to be 0 but for a kind of quantum state, so providing each base
The 0 of cause, the probability of 1 two states, probability demands summation are 1.If fruit gene represents an information (variable, feature), root is needed
According to variable (attribute) can value quantity gene position (bit) quantity is described.If 2 different values of discrete case are with 1,4 are not
With value with 2.To determine that the quantity of gene in a chromosome, each feature need corresponding one according to the quantity of feature simultaneously
A gene.Chromosome is the combination of gene.So having following formula:
Wherein CiExpression state SiProbability amplitude is the compound letter of the quantum behavior for describing particle
Number.ψ indicates state vector.
The evolutionary process of quantum genetic algorithm is to be rotated by quantum door and chiasma is coefficient.It is wherein hereditary
The rotation angle formula of algorithm quantum door is:
The more new formula of genetic algorithm quantum bit is:
Δ θ ∈ [0.001 π, 0.005 π] are chosen, which determine the convergence rates of genetic algorithm.
The safety situation evaluation and prediction steps of Network security factor:
(1) sample set is constructed, and provides anticipation and decision
(2) number of training.
(3) it is input in BVM, carries out provisional classifications.
(4) anticipation and decision is carried out, such as if not satisfied, carrying out relying on quantum genetic algorithm, transmission training parameter is carried out, repeats
It executes step 3 and obtains security postures sensor model.
Power distribution communication net security situation visualizes, wherein the prediction of packet security postures, real-time situation displaying, history displaying
And other information displaying.
This embodiment is merely preferred embodiments of the present invention, but scope of protection of the present invention is not limited thereto,
Any one skilled in the art in the technical scope disclosed by the present invention, the change or replacement that can be readily occurred in,
It should be covered by the protection scope of the present invention.Therefore, protection scope of the present invention should be with scope of the claims
Subject to.
Claims (5)
1. a kind of power distribution communication network security situational awareness method, which is characterized in that including:
The data of power distribution communication net are divided into real time data and historical data by step 1, and event triggering is respectively adopted and is adopted with the period
Collection two ways is acquired;
Step 2 is carried out duplicate removal using fingerprint extraction algorithm and simhash dimensionality reductions to the collected data of institute, then is calculated using neighbouring
After method carries out denoising, the different characteristic of data is organized into vector form, real time data and history number are distinguished with mode bit
According to;
Step 3 is respectively calculated real time data and historical data using Bayesian network security postures sensor model and quantum genetic
The ball vector machine classifier model that method optimizes training parameter carries out data fusion and Situation Assessment;
Step 4 carries out security postures prediction to power distribution communication net and visualizes security situation, including security postures prediction,
Real-time situation displaying, history displaying and other information displaying.
2. power distribution communication network security situational awareness method according to claim 1, which is characterized in that the real time data packet
It includes:Equipment operating data, real-time alarm data, operation behavior data, network insertion data, equipment access data.
3. power distribution communication network security situational awareness method according to claim 1, which is characterized in that the historical data packet
It includes:Security risk data, security audit data, safety analysis data, safe internet data.
4. power distribution communication network security situational awareness method according to claim 1, which is characterized in that described to use Bayes
Network security situation awareness model specifically includes:
Step 301, the master variable for determining weighting Bayesian network, that is, construct the topological structure of initial Bayesian network;
Step 302 constructs bayesian network structure based on score function, and score function leads to as the standard for finding network structure
Transinformation amount theory is crossed to calculate the mutual information between two nodes, final topology structure is obtained by correcting;
Step 303, the local probability distribution for providing each node, probability distribution are divided into prior probability table PPT and non-leaf nodes
Probability tables CPT, nodal information is improved, each nodal information includes two parts:Node probability tables and it is corresponding to
Information is measured, and acquires risk probability;
Step 304 is obtained by network and classifies and assessed.
5. according to claims 1 or 2 or the 3 or 4 power distribution communication network security situational awareness methods, which is characterized in that described
Quantum genetic algorithm optimizes the ball vector machine classifier model of training parameter using ball vector machine classifier as grader, and sharp
It is dynamically that ball vector machine classifier looks for optimal training parameter with quantum genetic algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810394951.XA CN108632266A (en) | 2018-04-27 | 2018-04-27 | A kind of power distribution communication network security situational awareness method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810394951.XA CN108632266A (en) | 2018-04-27 | 2018-04-27 | A kind of power distribution communication network security situational awareness method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108632266A true CN108632266A (en) | 2018-10-09 |
Family
ID=63694777
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810394951.XA Pending CN108632266A (en) | 2018-04-27 | 2018-04-27 | A kind of power distribution communication network security situational awareness method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108632266A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110445807A (en) * | 2019-08-23 | 2019-11-12 | 瑞森网安(福建)信息科技有限公司 | Network security situation sensing system and method |
| CN110460459A (en) * | 2019-07-03 | 2019-11-15 | 中国南方电网有限责任公司 | Electric power monitoring system network security situational awareness method |
| CN110610293A (en) * | 2019-08-13 | 2019-12-24 | 中国人民解放军国防科技大学 | Marine environment risk assessment method based on improved Bayesian network |
| CN110826617A (en) * | 2019-10-31 | 2020-02-21 | 中国人民公安大学 | Situation element classification method and training method and device of model thereof, and server |
| CN112688365A (en) * | 2020-12-26 | 2021-04-20 | 四川大川云能科技有限公司 | Power distribution network topology robust identification method based on mutual information-Bayesian network |
| CN112764852A (en) * | 2021-01-18 | 2021-05-07 | 深圳供电局有限公司 | Operation and maintenance safety monitoring method and system for intelligent wave recording master station and computer readable storage medium |
| CN112929222A (en) * | 2021-03-04 | 2021-06-08 | 睿石网云(杭州)科技有限公司 | Complex application system operation situation sensing method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20170142072A1 (en) * | 2015-09-10 | 2017-05-18 | Bae Systems Information And Electronic Systems Integration Inc. | Safe security proxy |
| US20180025157A1 (en) * | 2011-09-16 | 2018-01-25 | Veracode, Inc. | Automated behavioral and static analysis using an instrumented sandbox and machine learning classification for mobile security |
-
2018
- 2018-04-27 CN CN201810394951.XA patent/CN108632266A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180025157A1 (en) * | 2011-09-16 | 2018-01-25 | Veracode, Inc. | Automated behavioral and static analysis using an instrumented sandbox and machine learning classification for mobile security |
| US20170142072A1 (en) * | 2015-09-10 | 2017-05-18 | Bae Systems Information And Electronic Systems Integration Inc. | Safe security proxy |
Non-Patent Citations (2)
| Title |
|---|
| 叶健健: ""基于贝叶斯方法的网络安全态势感知方法研究"", 《中国优秀硕士学位论文全文数据库》 * |
| 徐茹枝等: ""面向电力信息网络的安全态势感知研究"", 《电网技术》 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110460459A (en) * | 2019-07-03 | 2019-11-15 | 中国南方电网有限责任公司 | Electric power monitoring system network security situational awareness method |
| CN110610293A (en) * | 2019-08-13 | 2019-12-24 | 中国人民解放军国防科技大学 | Marine environment risk assessment method based on improved Bayesian network |
| CN110445807A (en) * | 2019-08-23 | 2019-11-12 | 瑞森网安(福建)信息科技有限公司 | Network security situation sensing system and method |
| CN110826617A (en) * | 2019-10-31 | 2020-02-21 | 中国人民公安大学 | Situation element classification method and training method and device of model thereof, and server |
| CN112688365A (en) * | 2020-12-26 | 2021-04-20 | 四川大川云能科技有限公司 | Power distribution network topology robust identification method based on mutual information-Bayesian network |
| CN112688365B (en) * | 2020-12-26 | 2023-07-04 | 四川大川云能科技有限公司 | Mutual information-Bayesian network-based power distribution network topology robust identification method |
| CN112764852A (en) * | 2021-01-18 | 2021-05-07 | 深圳供电局有限公司 | Operation and maintenance safety monitoring method and system for intelligent wave recording master station and computer readable storage medium |
| CN112929222A (en) * | 2021-03-04 | 2021-06-08 | 睿石网云(杭州)科技有限公司 | Complex application system operation situation sensing method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108632266A (en) | A kind of power distribution communication network security situational awareness method | |
| CN106341414B (en) | A kind of multi-step attack safety situation evaluation method based on Bayesian network | |
| Cao et al. | A novel false data injection attack detection model of the cyber-physical power system | |
| Kayacik et al. | A hierarchical SOM-based intrusion detection system | |
| Lee et al. | Self-adaptive and dynamic clustering for online anomaly detection | |
| Otoum et al. | A comparative study of ai-based intrusion detection techniques in critical infrastructures | |
| CN107517216A (en) | A kind of network safety event correlating method | |
| CN108076060A (en) | Neutral net Tendency Prediction method based on dynamic k-means clusters | |
| CN108540329A (en) | Network security inference method based on two-layer Bayesian network model | |
| CN105471623A (en) | Key IP address safety alarm association analysis method based on fuzzy scene | |
| Chen et al. | Multi-level adaptive coupled method for industrial control networks safety based on machine learning | |
| Zuo et al. | Power information network intrusion detection based on data mining algorithm | |
| Naderi et al. | Toward detecting cyberattacks targeting modern power grids: A deep learning framework | |
| Xiang et al. | Applying Semi-supervised cluster algorithm for anomaly detection | |
| Nagaraj et al. | Glass: A graph learning approach for software defined network based smart grid ddos security | |
| Chang et al. | Internet of things security detection technology based on grey association decision algorithm | |
| Alkuwari et al. | Anomaly detection in smart grids: a survey from cybersecurity perspective | |
| CN115883213B (en) | APT detection method and system based on continuous time dynamic heterogeneous graph neural network | |
| Zhao | Research on network security defence based on big data clustering algorithms | |
| Sheikhan et al. | Fast neural intrusion detection system based on hidden weight optimization algorithm and feature selection | |
| Wei et al. | Comprehensive analysis of network security situational awareness methods and models | |
| Khaleefah et al. | Detection of iot botnet cyber attacks using machine learning | |
| Jia et al. | A hierarchical framework of security situation assessment for information system | |
| Yang et al. | A Hybrid Anomaly Detection Model Based on GANomaly in Cloud Environment | |
| Seredynski et al. | Some issues in solving the anomaly detection problem using immunological approach |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181009 |