CN111953685A - Dynamic electric power monitoring network security analysis system - Google Patents

Dynamic electric power monitoring network security analysis system Download PDF

Info

Publication number
CN111953685A
CN111953685A CN202010806490.XA CN202010806490A CN111953685A CN 111953685 A CN111953685 A CN 111953685A CN 202010806490 A CN202010806490 A CN 202010806490A CN 111953685 A CN111953685 A CN 111953685A
Authority
CN
China
Prior art keywords
data
unit
power
monitoring
interaction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010806490.XA
Other languages
Chinese (zh)
Other versions
CN111953685B (en
Inventor
刘智勇
陈敏超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Hongrui Information Technology Co Ltd
Original Assignee
Zhuhai Hongrui Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai Hongrui Information Technology Co Ltd filed Critical Zhuhai Hongrui Information Technology Co Ltd
Priority to CN202010806490.XA priority Critical patent/CN111953685B/en
Publication of CN111953685A publication Critical patent/CN111953685A/en
Application granted granted Critical
Publication of CN111953685B publication Critical patent/CN111953685B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Abstract

The invention discloses a dynamic power monitoring network security analysis system which comprises a power monitoring network, a power network communication module, a power network real-time monitoring module, a power network security analysis module and a power network automatic control module. The invention realizes the dynamic monitoring and management of the monitoring system in the power monitoring system, improves the safety of the power monitoring system, provides an optimal monitoring network safety analysis system for people and provides a good reference for the personnel in the power monitoring field.

Description

Dynamic electric power monitoring network security analysis system
Technical Field
The invention relates to the field of electric power safety monitoring, in particular to a dynamic electric power monitoring network safety analysis system.
Background
In the field of power communication, with the increasing of network security events in recent years, the field of power communication is also affected to a certain extent, and a power communication system, as an indispensable infrastructure in daily life of people, can cause much inconvenience to the life of people when being attacked. At present, people have certain research in the aspect of safety protection of an electric power system, the existing method for carrying out safety protection on the electric power system mainly carries out safety evaluation on the electric power system, and an electric power monitoring network mainly carries out monitoring protection on each working link in the electric power system, but the existing electric power monitoring network has the following problems:
1. the existing power monitoring system has poor safety and is easy to attack, meanwhile, when the existing power monitoring system is attacked, the adverse effect of the power monitoring system on the attack is difficult to process in time, the data interaction process is forced to be interrupted, and the working efficiency of the system is reduced;
2. the power monitoring system may have problems such as power equipment failure in the working process, when the power monitoring system finds a problem, the power monitoring system cannot repair the problem equipment in time, and the monitoring system is broken down;
3. when a new device is accessed into the power monitoring system, technicians are usually required to re-plan the communication line, and if the communication line is not planned properly, the power monitoring network may be complicated, and the data interaction time and the system consumption are increased.
Therefore, a dynamic power monitoring network security analysis system is needed to solve the above problems.
Disclosure of Invention
The invention aims to provide a dynamic power monitoring network security analysis system to solve the problems in the prior art.
In order to achieve the purpose, the invention provides the following technical scheme:
a dynamic power monitoring network security analysis system comprises a power monitoring network, a power network communication module, a power network real-time monitoring module, a power network security analysis module and a power network automatic control module;
the power network communication module is used for establishing a communication link for communication of the monitoring circuit in the power monitoring network, managing the communication link and finishing data interaction in the power monitoring network;
the power network real-time monitoring module is used for monitoring the communication link in real time, monitoring the whole data interaction process of the communication link and capturing the abnormity in the data interaction process;
the electric power network safety analysis module is used for carrying out dynamic analysis on the electric power monitoring network in the communication process and carrying out safety analysis on the abnormity captured in the electric power network real-time monitoring module;
and the power network automatic control module is used for automatically expanding and maintaining a communication link of the power monitoring network after monitoring and analyzing the power monitoring network.
Further, the power network communication module comprises a communication link establishing unit, a communication link managing unit and a data interaction unit;
the communication link establishing unit is used for carrying out communication connection between each power distribution device and the control terminal in the power monitoring network;
the communication link management unit is used for adding, deleting and modifying communication links between the power equipment and the control terminal, or adding or deleting the power distribution equipment and the control terminal in the communication links;
the data interaction unit is used for completing data interaction of different communication links or different communication devices in the power monitoring network, wherein the data interaction comprises data sharing, data exchange and data synchronization, and meanwhile, when the data interaction is started, the data is safely encrypted once.
Preferably, the data is subjected to one-time security encryption, when data starts to interact, a data sending end performs one-time security encryption on data that needs to be interacted before data sending, where the one-time security encryption is according to a formula:
Figure BDA0002629310890000031
c is data subjected to one-time security encryption, P is original data, key is a one-time security encryption key, d is random encryption data, and e is the length of the original data, wherein (P + ═ key) takes the original data subjected to the one-time security encryption key as the original data subjected to calculation to perform mod operation, the mod operation performs mod operation on the original data and any random encryption data or random original data length, and the one-time security encryption performs security encryption on the interactive data, so that the possibility of data leakage in the interactive process is reduced;
and carrying out digital signature on the data subjected to the one-time security encryption and starting to carry out data interaction.
Furthermore, the power network real-time monitoring module comprises a real-time monitoring unit, an exception grabbing unit and an exception sending unit;
the real-time monitoring unit is used for monitoring the communication link in real time and monitoring whether the interaction process is successfully completed when data interaction is carried out on each power distribution device and the control terminal;
the abnormal capturing unit is used for performing abnormal capturing on data with abnormal problems in the interaction process when the real-time monitoring unit monitors that data interaction cannot be completed, wherein the abnormal problems comprise interaction interruption, data loss, data leakage and data tampering;
and the abnormity sending unit is used for sending the abnormity problems captured by the abnormity capturing unit to the power network safety analysis module.
Further, the power network security analysis module comprises a dynamic analysis unit, an abnormality receiving unit and an abnormality analysis unit;
the dynamic analysis unit carries out safety detection and safety analysis on a communication link which carries out data interaction according to the monitoring information of the real-time monitoring unit, carries out flow analysis and data integrity analysis on data which is interacted during the interaction process, and simultaneously analyzes a communication protocol which is interacted;
the abnormity receiving unit is used for receiving the data of the abnormity problem sent by the abnormity sending unit;
and the abnormity analysis unit judges the abnormity type of the abnormal problem data received by the abnormity receiving unit.
Preferably, the data being interacted with is subjected to flow analysis, and the flow of the interacted data is according to the formula:
Figure BDA0002629310890000051
wherein, the L is the data flow in the communication link, and the X iszFor the number of communication links, X, used for data interactionz(MTU) is the maximum amount of data transfer that the communication link allows for data interaction,
Figure BDA0002629310890000052
n original data for data interaction, and e is the length of the original data P;
the data flow analysis is carried out on the communication link, so that the system can better master the maximum transmission quantity of the data link, link distribution can be dynamically carried out during data interaction, and the efficiency of data interaction is improved.
When data interaction is carried out, the original data are according to Xz(MTU) is divided into transmission slices, and a set of raw data transmission slices AC={AC1,AC2,…,ACj}, randomly selecting a set ACRespectively carrying out data integrity calculation on any j-1/2 elements in the data, and selecting any element set
Figure BDA0002629310890000053
The integrity calculation is performed according to the formula:
Figure BDA0002629310890000054
the ST is data receiving time for data interaction of the original data transmission fragments, SF is data sending time for data interaction of the original data transmission fragments, and W is original data sending integrity;
the data integrity is judged, whether the power monitoring network has a safety problem or not can be reflected according to the data integrity, and the higher the value of the data integrity W is, the higher the safety of the power monitoring network is;
before data interaction, selecting a corresponding communication protocol according to the characteristics of the data and a transmission mode, extracting the communication protocol of the data in the transmission process, analyzing the communication protocol, and determining the communication protocol selected in the data interaction process.
Preferably, the abnormality analysis unit judges the abnormality type of the abnormal problem data, and includes an abnormality classification unit and an abnormality judgment unit;
the exception classification unit classifies exception problems into interactive interruption, data loss, data leakage and data tampering;
the abnormal judging unit calculates the abnormal length of the data through the data integrity calculation and the original data length of the dynamic analysis unit, and according to a formula:
Y=e-W*e;
wherein Y is the abnormal length of the interactive data, e is the length of the interactive original data, and W is the data integrity of the data interaction process;
when Y is equal to e, the abnormal problem is data interruption;
when Y is 0, the abnormal problem type is data loss;
when Y is less than e, the abnormal problem type is data leakage;
when the V-shaped V is larger than e and smaller than e, the abnormal problem is that the data is tampered;
the abnormal problem type is judged, the abnormal data can be processed by the abnormal processing unit in a targeted manner, the data processing efficiency is improved, and the communication link is prevented from being blocked due to overlong data abnormal time.
Further, the power network automatic control module comprises an exception handling unit and a link scheduling control unit;
the abnormal processing unit modifies the data with the abnormal problems according to the abnormal types according to the judgment of the abnormal problems by the abnormal analysis unit, restores the data, performs secondary security encryption on the restored data on the basis of primary security encryption, and continues to adopt the communication protocol analyzed by the dynamic analysis unit to complete data interaction;
the link scheduling control unit is used for monitoring external equipment or other equipment newly accessed to the communication link in real time according to the interaction requirements of data in different power monitoring networks, and subdividing the communication link of the accessed external equipment of the communication link by combining the actual power condition, so that the optimization of the power monitoring network is realized, the complexity and the safety of the power monitoring network are improved, and the effective management of all equipment in the network is realized under the condition that the normal work of the power monitoring network is not influenced.
Preferably, the exception handling unit restores the exception problem data, decrypts the exception data according to the secret key when receiving the exception data, searches the position of the data with exception, and modifies the data according to the exception type;
and carrying out secondary security encryption on the modified data, wherein the encryption method is as follows according to a formula:
Figure BDA0002629310890000071
wherein, ChFor the twice-safe encrypted data, PhThe modified data is transmitted after being subjected to secondary security encryption, so that the data is prevented from being attacked again when the interaction is carried out again, and the security of the data is improved.
Compared with the prior art, the invention has the beneficial effects that:
1. the invention carries out encryption transmission on the data which are interacted on the basis of the existing power monitoring network, ensures the safety of the data, simultaneously, avoids the consequence of data loss caused by the attack of the data, reduces and re-encrypts the data which are attacked, ensures the normal interaction of the data, and improves the safety and the working efficiency of the system.
2. When a new device is connected into the power monitoring network, the system automatically plans a communication link for the new device, reasonably plans all devices in the power monitoring network, achieves the optimal effect, and ensures that the power monitoring network can finish work with the highest efficiency under the condition of minimum consumption.
3. The invention can monitor the power monitoring network in real time, find the safety problem of the communication link in time and solve the problem in time, and ensure the normal operation of the system.
Drawings
In order that the present invention may be more readily and clearly understood, a more particular description of the invention briefly described above will be rendered by reference to specific embodiments that are illustrated in the appended drawings.
FIG. 1 is a schematic block diagram of a dynamic power monitoring network security analysis system according to the present invention;
fig. 2 is a flowchart of a working process of the dynamic power monitoring network security analysis system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, in an embodiment of the present invention, a dynamic power monitoring network security analysis system includes a power monitoring network, a power network communication module, a power network real-time monitoring module, a power network security analysis module, and a power network automatic control module;
the power network communication module is used for establishing a communication link for communication of the monitoring circuit in the power monitoring network, managing the communication link and finishing data interaction in the power monitoring network;
the power network real-time monitoring module is used for monitoring the communication link in real time, monitoring the whole data interaction process of the communication link and capturing the abnormity in the data interaction process;
the power network safety analysis module is used for carrying out dynamic analysis on the power monitoring network in the communication process and carrying out safety analysis on the abnormity captured in the power network real-time monitoring module;
and the power network automatic control module is used for automatically expanding and maintaining a communication link of the power monitoring network after monitoring and analyzing the power monitoring network.
The power network communication module comprises a communication link establishing unit, a communication link management unit and a data interaction unit;
the communication link establishing unit is used for carrying out communication connection between each power distribution device and the control terminal in the power monitoring network;
the communication link management unit is used for adding, deleting and modifying communication links between the power equipment and the control terminal, or adding or deleting the power distribution equipment and the control terminal in the communication links;
and the data interaction unit is used for finishing data interaction of different communication links or different communication devices in the power monitoring network, wherein the data interaction comprises data sharing, data exchange and data synchronization, and meanwhile, when the data interaction is started, the data is safely encrypted once.
The data are encrypted in one security, when the data start to interact, the data sending end carries out one security encryption on the data needing to interact before the data are sent, and the one security encryption is according to a formula:
Figure BDA0002629310890000101
c is data subjected to primary security encryption, P is original data, key is a key subjected to primary security encryption, d is random encryption data, and e is the length of the original data, wherein (P + ═ key) the original data subjected to the primary security encryption key is taken as the original data subjected to calculation to be subjected to mod operation, and the mod operation is performed on the original data and any random encryption data or random original data length;
and carrying out digital signature on the data subjected to the one-time security encryption and starting to carry out data interaction.
The power network real-time monitoring module comprises a real-time monitoring unit, an exception grabbing unit and an exception sending unit;
the real-time monitoring unit is used for monitoring the communication link in real time and monitoring whether the interaction process is successfully completed when data interaction is carried out on each power distribution device and the control terminal;
the abnormal capturing unit is used for performing abnormal capturing on data with abnormal problems in the interaction process when the real-time monitoring unit monitors that the data interaction is not completed, wherein the abnormal problems comprise interaction interruption, data loss, data leakage and data tampering;
and the abnormity sending unit is used for sending the abnormity problems captured by the abnormity capturing unit to the power network safety analysis module.
The power network safety analysis module comprises a dynamic analysis unit, an abnormality receiving unit and an abnormality analysis unit;
the dynamic analysis unit carries out safety detection and safety analysis on a communication link which carries out data interaction according to the monitoring information of the real-time monitoring unit, carries out flow analysis and data integrity analysis on data which is interacted during the interaction process, and simultaneously analyzes a communication protocol which is interacted;
the abnormity receiving unit is used for receiving the data of the abnormity problem sent by the abnormity sending unit;
the abnormality analysis unit judges the abnormality type of the abnormal problem data received by the abnormality receiving unit.
Carrying out flow analysis on the data being interacted, wherein the flow of the interacted data is according to a formula:
Figure BDA0002629310890000111
where L is the data traffic in the communication link, XzFor the number of communication links, X, used for data interactionz(MTU) is the maximum amount of data transfer that the communication link allows for data interaction,
Figure BDA0002629310890000112
n original data for data interaction, and e is the length of the original data P;
when data interaction is carried out, the original data are according to Xz(MTU) is divided into transmission slices, and a set of raw data transmission slices AC={AC1,AC2,…,ACj}, randomly selecting a set ACRespectively carrying out data integrity calculation on any j-1/2 elements in the data, and selecting any element set
Figure BDA0002629310890000121
And (3) calculating the integrity according to the formula:
Figure BDA0002629310890000122
wherein, ST is the data receiving time of the original data transmission fragment for data interaction, SF is the data sending time of the original data transmission fragment for data interaction, and W is the original data sending integrity;
before data interaction, selecting a corresponding communication protocol according to the characteristics of the data and a transmission mode, extracting the communication protocol of the data in the transmission process, analyzing the communication protocol, and determining the communication protocol selected in the data interaction process.
The abnormality analysis unit judges the abnormality type of the abnormal problem data and comprises an abnormality classification unit and an abnormality judgment unit;
the abnormal classification unit classifies abnormal problems into interactive interruption, data loss, data leakage and data tampering;
the abnormal judging unit calculates the abnormal length of the data through the data integrity calculation and the original data length of the dynamic analysis unit according to a formula:
Y=e-W*e;
wherein Y is the abnormal length of the interactive data, e is the length of the interactive original data, and W is the data integrity of the data interaction process;
when Y is equal to e, the abnormal problem is data interruption;
when Y is 0, the abnormal problem type is data loss;
when Y is less than e, the abnormal problem type is data leakage;
when the V-shaped V is more than e and the Y is less than e, the abnormal problem type is that the data is tampered.
The power network automatic control module comprises an exception handling unit and a link scheduling control unit;
the abnormal processing unit modifies the data with the abnormal problems according to the abnormal types according to the judgment of the abnormal problems by the abnormal analysis unit, restores the data, performs secondary security encryption on the restored data on the basis of primary security encryption, and continues to adopt the communication protocol analyzed by the dynamic analysis unit to complete data interaction;
the link scheduling control unit is used for monitoring the external equipment or other equipment newly accessed to the communication link in real time according to the interaction requirements of data in different power monitoring networks, and carrying out the repartition of the communication link on the external equipment accessed to the communication link by combining the actual power condition so as to realize the optimization of the power monitoring network.
The abnormal processing unit restores the abnormal problem data, decrypts the abnormal data according to the secret key when receiving the abnormal data, searches the position of the abnormal data and modifies the abnormal data according to the abnormal type;
and carrying out secondary security encryption on the modified data, wherein the encryption method is as follows according to a formula:
Figure BDA0002629310890000131
wherein, ChAfter encryption for secondary securityData, PhThe interactive data after exception processing is S is a random number algorithm for generating a secondary security encryption key, S (key) is the secondary security encryption key, d is random encryption data, and e is the length of original data.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.

Claims (9)

1. A dynamic power monitoring network security analysis system is characterized by comprising a power monitoring network, a power network communication module, a power network real-time monitoring module, a power network security analysis module and a power network automatic control module;
the power network communication module is used for establishing a communication link for communication of the monitoring circuit in the power monitoring network, managing the communication link and finishing data interaction in the power monitoring network;
the power network real-time monitoring module is used for monitoring the communication link in real time, monitoring the whole data interaction process of the communication link and capturing the abnormity in the data interaction process;
the electric power network safety analysis module is used for carrying out dynamic analysis on the electric power monitoring network in the communication process and carrying out safety analysis on the abnormity captured in the electric power network real-time monitoring module;
and the power network automatic control module is used for automatically expanding and maintaining a communication link of the power monitoring network after monitoring and analyzing the power monitoring network.
2. The dynamic power monitoring network security analysis system of claim 1, wherein the power network communication module comprises a communication link establishing unit, a communication link managing unit and a data interaction unit;
the communication link establishing unit is used for carrying out communication connection between each power distribution device and the control terminal in the power monitoring network;
the communication link management unit is used for adding, deleting and modifying communication links between the power equipment and the control terminal, or adding or deleting the power distribution equipment and the control terminal in the communication links;
the data interaction unit is used for completing data interaction of different communication links or different communication devices in the power monitoring network, wherein the data interaction comprises data sharing, data exchange and data synchronization, and meanwhile, when the data interaction is started, the data is safely encrypted once.
3. The dynamic power monitoring network security analysis system according to claim 2, wherein the data is encrypted once, and when data starts to interact, a data sending end encrypts data to be interacted once before sending the data, and the once security encryption is according to a formula:
Figure FDA0002629310880000021
c is data subjected to primary security encryption, P is original data, key is a key subjected to primary security encryption, d is random encryption data, and e is the length of the original data, wherein (P + ═ key) the original data subjected to the primary security encryption key is taken as the original data subjected to calculation to be subjected to mod operation, and the mod operation is performed on the original data and any random encryption data or random original data length;
and carrying out digital signature on the data subjected to the one-time security encryption and starting to carry out data interaction.
4. The dynamic power monitoring network security analysis system of claim 3, wherein the power network real-time monitoring module comprises a real-time monitoring unit, an exception grabbing unit and an exception sending unit;
the real-time monitoring unit is used for monitoring the communication link in real time and monitoring whether the interaction process is successfully completed when data interaction is carried out on each power distribution device and the control terminal;
the abnormal capturing unit is used for performing abnormal capturing on data with abnormal problems in the interaction process when the real-time monitoring unit monitors that data interaction cannot be completed, wherein the abnormal problems comprise interaction interruption, data loss, data leakage and data tampering;
and the abnormity sending unit is used for sending the abnormity problems captured by the abnormity capturing unit to the power network safety analysis module.
5. The dynamic power monitoring network security analysis system of claim 4, wherein the power network security analysis module comprises a dynamic analysis unit, an anomaly receiving unit and an anomaly analysis unit;
the dynamic analysis unit carries out safety detection and safety analysis on a communication link which carries out data interaction according to the monitoring information of the real-time monitoring unit, carries out flow analysis and data integrity analysis on data which is interacted during the interaction process, and simultaneously analyzes a communication protocol which is interacted;
the abnormity receiving unit is used for receiving the data of the abnormity problem sent by the abnormity sending unit;
and the abnormity analysis unit judges the abnormity type of the abnormal problem data received by the abnormity receiving unit.
6. The dynamic power monitoring network security analysis system of claim 5, wherein the traffic analysis is performed on the data being interacted, and the flow of the interacted data is according to the formula:
Figure FDA0002629310880000031
wherein, the L is the data flow in the communication link, and the X iszFor the number of communication links, X, used for data interactionz(MTU) is the maximum amount of data transfer that the communication link allows for data interaction,
Figure FDA0002629310880000041
n original data for data interaction, and e is the length of the original data P;
when data interaction is carried out, the original data are according to Xz(MTU) is divided into transmission slices, and a set of raw data transmission slices AC={AC1,AC2,…,ACj}, randomly selecting a set ACRespectively carrying out data integrity calculation on any j-1/2 elements in the data, and selecting any element set
Figure FDA0002629310880000042
The integrity calculation is performed according to the formula:
Figure FDA0002629310880000043
the ST is data receiving time for data interaction of the original data transmission fragments, SF is data sending time for data interaction of the original data transmission fragments, and W is original data sending integrity;
before data interaction, selecting a corresponding communication protocol according to the characteristics of the data and a transmission mode, extracting the communication protocol of the data in the transmission process, analyzing the communication protocol, and determining the communication protocol selected in the data interaction process.
7. The dynamic power monitoring network security analysis system of claim 5, wherein the anomaly analysis unit performs anomaly type judgment on the anomaly problem data, and comprises an anomaly classification unit and an anomaly judgment unit;
the exception classification unit classifies exception problems into interactive interruption, data loss, data leakage and data tampering;
the abnormal judging unit calculates the abnormal length of the data through the data integrity calculation and the original data length of the dynamic analysis unit, and according to a formula:
Y=e-W*e;
wherein Y is the abnormal length of the interactive data, e is the length of the interactive original data, and W is the data integrity of the data interaction process;
when Y is equal to e, the abnormal problem is data interruption;
when Y is 0, the abnormal problem type is data loss;
when Y is less than e, the abnormal problem type is data leakage;
when the V-shaped V is more than e and the Y is less than e, the abnormal problem type is that the data is tampered.
8. The dynamic power monitoring network security analysis system of claim 7, wherein the power network automatic control module comprises an exception handling unit and a link scheduling control unit;
the abnormal processing unit modifies the data with the abnormal problems according to the abnormal types according to the judgment of the abnormal problems by the abnormal analysis unit, restores the data, performs secondary security encryption on the restored data on the basis of primary security encryption, and continues to adopt the communication protocol analyzed by the dynamic analysis unit to complete data interaction;
the link scheduling control unit is used for monitoring the external equipment or other equipment newly accessed to the communication link in real time according to the interaction requirements of data in different power monitoring networks, and subdividing the communication link of the accessed external equipment of the communication link according to the actual power condition to realize the optimization of the power monitoring network.
9. The dynamic power monitoring network security analysis system of claim 8, wherein the exception handling unit restores the exception problem data, decrypts the exception data according to the key when the exception handling unit receives the exception data, searches the location of the data where the exception exists, and modifies the location according to the type of the exception;
and carrying out secondary security encryption on the modified data, wherein the encryption method is as follows according to a formula:
Figure FDA0002629310880000061
wherein, ChFor the twice-safe encrypted data, PhThe interactive data after exception processing is S is a random number algorithm for generating a secondary security encryption key, S (key) is the secondary security encryption key, d is random encryption data, and e is the length of original data.
CN202010806490.XA 2020-08-12 2020-08-12 Dynamic electric power monitoring network security analysis system Active CN111953685B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010806490.XA CN111953685B (en) 2020-08-12 2020-08-12 Dynamic electric power monitoring network security analysis system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010806490.XA CN111953685B (en) 2020-08-12 2020-08-12 Dynamic electric power monitoring network security analysis system

Publications (2)

Publication Number Publication Date
CN111953685A true CN111953685A (en) 2020-11-17
CN111953685B CN111953685B (en) 2022-12-13

Family

ID=73332350

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010806490.XA Active CN111953685B (en) 2020-08-12 2020-08-12 Dynamic electric power monitoring network security analysis system

Country Status (1)

Country Link
CN (1) CN111953685B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115913970A (en) * 2021-11-04 2023-04-04 贵州电网有限责任公司 Monitoring flow centralized management system based on software defined network

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060269066A1 (en) * 2005-05-06 2006-11-30 Schweitzer Engineering Laboratories, Inc. System and method for converting serial data into secure data packets configured for wireless transmission in a power system
CN102122374A (en) * 2011-03-03 2011-07-13 江苏方天电力技术有限公司 Intelligent analysis system for flow abnormity of power automation system
CN104579784A (en) * 2015-01-15 2015-04-29 珠海市鸿瑞信息技术有限公司 Electric power industry control system network management method based on multi-dimensional virtual link
US20150199530A1 (en) * 2014-01-10 2015-07-16 General Electric Company Systems and Methods With Cryptography and Tamper Resistance Software Security
CN105100116A (en) * 2015-08-31 2015-11-25 云南电网有限责任公司电力科学研究院 Efficient and safe power data interaction method in wireless communication mode
CN110365505A (en) * 2018-04-09 2019-10-22 中国电力科学研究院有限公司 A kind of general network shape of the mouth as one speaks power dispatching data communication device and control method
CN110365103A (en) * 2018-04-09 2019-10-22 中国电力科学研究院有限公司 A kind of wireless universal type low-power consumption power dispatching data transmitting device and control method
CN110784476A (en) * 2019-10-31 2020-02-11 国网河南省电力公司电力科学研究院 Power monitoring active defense method and system based on virtualization dynamic deployment

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060269066A1 (en) * 2005-05-06 2006-11-30 Schweitzer Engineering Laboratories, Inc. System and method for converting serial data into secure data packets configured for wireless transmission in a power system
CN102122374A (en) * 2011-03-03 2011-07-13 江苏方天电力技术有限公司 Intelligent analysis system for flow abnormity of power automation system
US20150199530A1 (en) * 2014-01-10 2015-07-16 General Electric Company Systems and Methods With Cryptography and Tamper Resistance Software Security
CN104579784A (en) * 2015-01-15 2015-04-29 珠海市鸿瑞信息技术有限公司 Electric power industry control system network management method based on multi-dimensional virtual link
CN105100116A (en) * 2015-08-31 2015-11-25 云南电网有限责任公司电力科学研究院 Efficient and safe power data interaction method in wireless communication mode
CN110365505A (en) * 2018-04-09 2019-10-22 中国电力科学研究院有限公司 A kind of general network shape of the mouth as one speaks power dispatching data communication device and control method
CN110365103A (en) * 2018-04-09 2019-10-22 中国电力科学研究院有限公司 A kind of wireless universal type low-power consumption power dispatching data transmitting device and control method
CN110784476A (en) * 2019-10-31 2020-02-11 国网河南省电力公司电力科学研究院 Power monitoring active defense method and system based on virtualization dynamic deployment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
黄国伦: "电网调度数据网网络安全管理探讨", 《广西电力》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115913970A (en) * 2021-11-04 2023-04-04 贵州电网有限责任公司 Monitoring flow centralized management system based on software defined network

Also Published As

Publication number Publication date
CN111953685B (en) 2022-12-13

Similar Documents

Publication Publication Date Title
CN112600892B (en) Block chain equipment and system for Internet of things and working method
CN108645450B (en) Smart city environmental protection system
CN106656960B (en) hilscher-based credible data acquisition system and method
CN111953685B (en) Dynamic electric power monitoring network security analysis system
CN112270020A (en) Terminal equipment safety encryption device based on safety chip
CN114123487B (en) Distributed power supply online centralized monitoring system and method based on electric power Internet of things
CN109753009A (en) A kind of level monitoring online data management system
CN109459972A (en) The belt conveyor programmable logic controller (PLC) tele-diagnostic device of Virtual Private Network
CN116192704B (en) Monitoring system and method for network cipher machine
CN112087301A (en) Gas meter safety certification system based on state cryptographic algorithm
CN115102701B (en) Multi-chip data encryption and decryption processing method and device
CN114785874B (en) Method for providing high-availability transmission channel based on multi-network protocol
CN106411559A (en) Low voltage transformer area anti-electricity-stealing diagnosis system
CN111818051B (en) Distribution network encryption system and method based on low energy consumption
CN113993075B (en) Information monitoring system and method based on distribution network encryption
CN113961432A (en) Method and device for generating data report, electronic equipment and storage medium
CN113518347A (en) Safety protection system
CN111935120A (en) Universal encryption and decryption device for power system protocol and encryption and decryption method thereof
CN114244719B (en) Centralized control power station communication topological structure suitable for public network and application method thereof
CN217116411U (en) Safety protection system
CN117896379B (en) Data transmission method and device for energy storage equipment
CN113572847B (en) Block chain network system, bank terminal equipment monitoring method and server
CN115118449B (en) Energy internet-oriented safe and efficient interactive edge proxy server
CN108235798A (en) A kind of public private key pair acquisition methods, system and POS terminal
CN111800293B (en) Edge calculation control gateway of intelligent micro-grid

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant