CN111711608B - 一种电力数据网流量异常检测方法、系统及电子设备 - Google Patents
一种电力数据网流量异常检测方法、系统及电子设备 Download PDFInfo
- Publication number
- CN111711608B CN111711608B CN202010432272.4A CN202010432272A CN111711608B CN 111711608 B CN111711608 B CN 111711608B CN 202010432272 A CN202010432272 A CN 202010432272A CN 111711608 B CN111711608 B CN 111711608B
- Authority
- CN
- China
- Prior art keywords
- lightgbm model
- iteration
- lightgbm
- weak classifier
- model
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 230000002159 abnormal effect Effects 0.000 title claims abstract description 48
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 70
- 238000005457 optimization Methods 0.000 claims abstract description 46
- 238000001514 detection method Methods 0.000 claims abstract description 26
- 238000012549 training Methods 0.000 claims abstract description 25
- 238000013329 compounding Methods 0.000 claims abstract description 16
- 238000012360 testing method Methods 0.000 claims description 53
- 230000008569 process Effects 0.000 claims description 13
- 230000006870 function Effects 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 2
- 230000000694 effects Effects 0.000 abstract description 8
- 238000002474 experimental method Methods 0.000 description 14
- 238000004891 communication Methods 0.000 description 8
- 238000003860 storage Methods 0.000 description 8
- 238000004088 simulation Methods 0.000 description 6
- 230000005856 abnormality Effects 0.000 description 4
- 238000012804 iterative process Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 239000002131 composite material Substances 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 238000003064 k means clustering Methods 0.000 description 2
- 239000000203 mixture Substances 0.000 description 2
- 238000010606 normalization Methods 0.000 description 2
- 230000009466 transformation Effects 0.000 description 2
- 206010000117 Abnormal behaviour Diseases 0.000 description 1
- 102000011842 Serrate-Jagged Proteins Human genes 0.000 description 1
- 108010036039 Serrate-Jagged Proteins Proteins 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013145 classification model Methods 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 238000007418 data mining Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011056 performance test Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/25—Fusion techniques
- G06F18/254—Fusion techniques of classification results, e.g. of results related to same input data
- G06F18/256—Fusion techniques of classification results, e.g. of results related to same input data of results relating to different input data, e.g. multimodal recognition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
- G06F18/2415—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches based on parametric or probabilistic models, e.g. based on likelihood ratio or false acceptance rate versus a false rejection rate
- G06F18/24155—Bayesian classification
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Evolutionary Computation (AREA)
- Evolutionary Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Bioinformatics & Computational Biology (AREA)
- Artificial Intelligence (AREA)
- Life Sciences & Earth Sciences (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Normal | Attack | |
训练集 | 118976 | 31024 |
测试集 | 41026 | 8974 |
Claims (8)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010432272.4A CN111711608B (zh) | 2020-05-20 | 2020-05-20 | 一种电力数据网流量异常检测方法、系统及电子设备 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010432272.4A CN111711608B (zh) | 2020-05-20 | 2020-05-20 | 一种电力数据网流量异常检测方法、系统及电子设备 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111711608A CN111711608A (zh) | 2020-09-25 |
CN111711608B true CN111711608B (zh) | 2022-06-21 |
Family
ID=72537233
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010432272.4A Active CN111711608B (zh) | 2020-05-20 | 2020-05-20 | 一种电力数据网流量异常检测方法、系统及电子设备 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111711608B (zh) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112860303B (zh) * | 2021-02-07 | 2023-07-04 | 济南大学 | 一种模型增量更新的方法及系统 |
CN112925785A (zh) * | 2021-03-29 | 2021-06-08 | 中国建设银行股份有限公司 | 数据清洗方法和装置 |
CN113159218A (zh) * | 2021-05-12 | 2021-07-23 | 北京联合大学 | 一种基于改进cnn的雷达hrrp多目标识别方法及系统 |
CN113591909A (zh) * | 2021-06-23 | 2021-11-02 | 北京智芯微电子科技有限公司 | 电力系统的异常检测方法、异常检测装置以及存储介质 |
CN113761522A (zh) * | 2021-09-02 | 2021-12-07 | 恒安嘉新(北京)科技股份公司 | 一种webshell流量的检测方法、装置、设备和存储介质 |
CN116389108B (zh) * | 2023-04-03 | 2023-10-10 | 杭州诺禾网络科技有限公司 | Ab实验方法、系统与存储介质 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110138786A (zh) * | 2019-05-20 | 2019-08-16 | 福州大学 | 基于SMOTETomek和LightGBM的Web异常检测方法及系统 |
CN110413494A (zh) * | 2019-06-19 | 2019-11-05 | 浙江工业大学 | 一种改进贝叶斯优化的LightGBM故障诊断方法 |
CN110718910A (zh) * | 2019-10-29 | 2020-01-21 | 国网四川省电力公司经济技术研究院 | 贝叶斯优化LightGBM的暂态稳定评估方法 |
WO2020040880A1 (en) * | 2018-08-23 | 2020-02-27 | Microsoft Technology Licensing, Llc | Efficient configuration selection for automated machine learning |
-
2020
- 2020-05-20 CN CN202010432272.4A patent/CN111711608B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2020040880A1 (en) * | 2018-08-23 | 2020-02-27 | Microsoft Technology Licensing, Llc | Efficient configuration selection for automated machine learning |
CN110138786A (zh) * | 2019-05-20 | 2019-08-16 | 福州大学 | 基于SMOTETomek和LightGBM的Web异常检测方法及系统 |
CN110413494A (zh) * | 2019-06-19 | 2019-11-05 | 浙江工业大学 | 一种改进贝叶斯优化的LightGBM故障诊断方法 |
CN110718910A (zh) * | 2019-10-29 | 2020-01-21 | 国网四川省电力公司经济技术研究院 | 贝叶斯优化LightGBM的暂态稳定评估方法 |
Non-Patent Citations (3)
Title |
---|
A Novel Reject Inference Model Using Outlier Detection and Gradient Boosting Technique in Peer-to-Peer Lending;YUFEI XIA;《IEEE Access》;20190709;全文 * |
集成学习方法_研究综述;徐继伟;《云南大学学报(自然科学版)》;20180630(第6期);全文 * |
面向征信的企业画像研究;王镂;《中国优秀硕士学位论文全文数据库 信息科技辑》;20191215;第2.2-2.3节、5.1-5.3节 * |
Also Published As
Publication number | Publication date |
---|---|
CN111711608A (zh) | 2020-09-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111711608B (zh) | 一种电力数据网流量异常检测方法、系统及电子设备 | |
CN111782472B (zh) | 系统异常检测方法、装置、设备及存储介质 | |
CN109032829B (zh) | 数据异常检测方法、装置、计算机设备及存储介质 | |
CN111178523B (zh) | 一种行为检测方法、装置、电子设备及存储介质 | |
CN111031051B (zh) | 一种网络流量异常检测方法及装置、介质 | |
CN108737406B (zh) | 一种异常流量数据的检测方法及系统 | |
CN111914873A (zh) | 一种两阶段云服务器无监督异常预测方法 | |
CN111314331A (zh) | 一种基于条件变分自编码器的未知网络攻击检测方法 | |
CN112910859B (zh) | 基于c5.0决策树和时序分析的物联网设备监测预警方法 | |
Chang et al. | Anomaly detection for industrial control systems using k-means and convolutional autoencoder | |
CN109086291B (zh) | 一种基于MapReduce的并行异常检测方法及系统 | |
CN111431819A (zh) | 一种基于序列化的协议流特征的网络流量分类方法和装置 | |
CN113067798B (zh) | Ics入侵检测方法、装置、电子设备和存储介质 | |
CN112199670A (zh) | 一种基于深度学习改进iforest对行为异常检测的日志监控方法 | |
Liu et al. | Multi-step attack scenarios mining based on neural network and Bayesian network attack graph | |
CN115115019A (zh) | 基于神经网络的异常检测方法 | |
CN116743555A (zh) | 一种鲁棒多模态网络运维故障检测方法、系统及产品 | |
EP4266209A1 (en) | Anomaly detection method and apparatus for dynamic control system, and computer-readable medium | |
CN109063721A (zh) | 一种行为特征数据提取的方法及装置 | |
CN115081555A (zh) | 基于生成对抗和双向循环神经网络的异常检测方法及装置 | |
CN115175192A (zh) | 一种基于图神经网络的车联网入侵检测方法 | |
Wang et al. | A HMM-based method for anomaly detection | |
CN113254485A (zh) | 实时数据流异常检测方法及系统 | |
Deng et al. | Numerical sensitive data recognition based on hybrid gene expression programming for active distribution networks | |
CN113132414A (zh) | 一种多步攻击模式挖掘方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230831 Address after: Room 1503, No. 858, Lianhua Avenue West, Donghuan Street, Panyu District, Guangzhou, Guangdong 510000 Patentee after: Southern Power Grid Energy Storage Co.,Ltd. Information and Communication Branch Address before: 511400 Room 601, building 1, Tian'an headquarters center, inner street, Panyu energy saving technology park, 555 Panyu Avenue North, Donghuan street, Panyu District, Guangzhou City, Guangdong Province Patentee before: INFORMATION COMMUNICATION BRANCH, SOUTHERN POWER GRID PEAKING FM POWER GENERATION Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20200925 Assignee: Guangzhou Liteqi Network Technology Co.,Ltd. Assignor: China Southern power grid peak shaving and frequency modulation (Guangdong) energy storage technology Co.,Ltd. Contract record no.: X2024980000127 Denomination of invention: A method, system, and electronic device for detecting abnormal flow in power data networks Granted publication date: 20220621 License type: Common License Record date: 20240105 Application publication date: 20200925 Assignee: Guangdong Lexin Technology Co.,Ltd. Assignor: China Southern power grid peak shaving and frequency modulation (Guangdong) energy storage technology Co.,Ltd. Contract record no.: X2024980000125 Denomination of invention: A method, system, and electronic device for detecting abnormal flow in power data networks Granted publication date: 20220621 License type: Common License Record date: 20240105 Application publication date: 20200925 Assignee: Guangdong Dingtai Century Technology Engineering Co.,Ltd. Assignor: China Southern power grid peak shaving and frequency modulation (Guangdong) energy storage technology Co.,Ltd. Contract record no.: X2024980000124 Denomination of invention: A method, system, and electronic device for detecting abnormal flow in power data networks Granted publication date: 20220621 License type: Common License Record date: 20240105 |
|
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20200925 Assignee: Guangzhou zhongdiantong Technology Co.,Ltd. Assignor: China Southern power grid peak shaving and frequency modulation (Guangdong) energy storage technology Co.,Ltd. Contract record no.: X2024980000129 Denomination of invention: A method, system, and electronic device for detecting abnormal flow in power data networks Granted publication date: 20220621 License type: Common License Record date: 20240105 Application publication date: 20200925 Assignee: GUANGZHOU JOYSIM TECHNOLOGY CO.,LTD. Assignor: China Southern power grid peak shaving and frequency modulation (Guangdong) energy storage technology Co.,Ltd. Contract record no.: X2024980000128 Denomination of invention: A method, system, and electronic device for detecting abnormal flow in power data networks Granted publication date: 20220621 License type: Common License Record date: 20240105 Application publication date: 20200925 Assignee: Jiuyuanyun (Guangzhou) Intelligent Technology Co.,Ltd. Assignor: China Southern power grid peak shaving and frequency modulation (Guangdong) energy storage technology Co.,Ltd. Contract record no.: X2024980000130 Denomination of invention: A method, system, and electronic device for detecting abnormal flow in power data networks Granted publication date: 20220621 License type: Common License Record date: 20240105 |
|
EE01 | Entry into force of recordation of patent licensing contract |