CN112615843B - Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost - Google Patents

Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost Download PDF

Info

Publication number
CN112615843B
CN112615843B CN202011461351.4A CN202011461351A CN112615843B CN 112615843 B CN112615843 B CN 112615843B CN 202011461351 A CN202011461351 A CN 202011461351A CN 112615843 B CN112615843 B CN 112615843B
Authority
CN
China
Prior art keywords
channel
network security
channels
dimensional
index
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011461351.4A
Other languages
Chinese (zh)
Other versions
CN112615843A (en
Inventor
刘萧
陈龙
吕磊
李静
黄昆
李嘉周
杨旭东
黄林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Sichuan Electric Power Co Ltd
Original Assignee
State Grid Sichuan Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Sichuan Electric Power Co Ltd filed Critical State Grid Sichuan Electric Power Co Ltd
Priority to CN202011461351.4A priority Critical patent/CN112615843B/en
Publication of CN112615843A publication Critical patent/CN112615843A/en
Application granted granted Critical
Publication of CN112615843B publication Critical patent/CN112615843B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S10/00Systems supporting electrical power generation, transmission or distribution
    • Y04S10/50Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications

Abstract

The invention relates to the field of evaluation of network security situation of an information system, provides a power internet of things network security situation evaluation method based on multi-channel SAE-AdaBoost, and aims to solve the problems of poor precision and large generalization error of the existing evaluation method. The main scheme comprises the following steps: network security situation index is divided into a plurality of channels T1,T2,Λ,Tn(ii) a Step 2: for each channel, SAE maps each unlabeled training sample k-dimensional vector x' to m-dimensional coding vector x through the hidden layerhTo obtain a low-dimensional representation x of the high-dimensional datah(ii) a And step 3: the AdaBoost algorithm continuously changes the weights of samples from training data, serially learns a series of weak learners, linearly combines the weak learners into a strong learner, and uses the strong learner to evaluate a corresponding channel; and 4, step 4: the AHP comprehensively considers the relative importance among the channels, and integrates the evaluation results of a plurality of channels to obtain the overall network security situation.

Description

Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost
Technical Field
The invention relates to the field of evaluation of network security situations of information systems, in particular to a method for comprehensively evaluating network security situations of an electric power internet of things based on a multi-channel architecture combined with a sparse self-encoder and an AdaBoost integrated learning algorithm.
Background
In recent years, with the continuous development of the power internet of things, the types of access devices are increasing, the structure of the power internet of things is becoming more complicated, so that the complexity and uncertainty of an information network in the power industry are increasing, and the information security protection of the power internet of things faces a huge challenge. Therefore, the supervision requirement on the overall network security situation of the system is continuously improved, and the traditional network security situation evaluation means cannot meet the efficient and accurate evaluation requirement of a complex system. In order to improve the network security guarantee capability of the power internet of things, accurately and objectively evaluate the network security situation of the power information and effectively guide the information system to operate safely, efficiently and economically, the method for evaluating the network security situation of the power internet of things is very important, and can integrate various network security indexes of the system and realize automatic evaluation.
In the aspect of analyzing each situation index of an object and carrying out comprehensive network security situation evaluation, the invention patent with the application number of CN201910432976.9 and the name of SAE + BPNN-based network security situation evaluation method discloses a comprehensive evaluation method of network security situation, which belongs to the field of network security situation evaluation, wherein the main thought of the comprehensive evaluation method is as follows: normalizing the extracted index data; inputting the normalized index data into a trained deep self-coding neural network to perform dimension reduction processing on the normalized index data; and inputting the index data subjected to the dimensionality reduction treatment into the trained BP neural network so as to evaluate the network security situation. According to the evaluation method, the sparse self-encoder and the BP neural network are combined, the problem that the evaluation data dimension is too large, so that the model construction complexity is high is solved, and a scheme with high evaluation efficiency is provided for network security situation evaluation.
Although the technical method considers the technical defects of the original BPNN method, the idea of network security situation evaluation by combining SAE (sparse self-encoder) and BPNN (back propagation neural network) is adopted, and the problem that the complexity of model construction is higher due to overlarge model evaluation data dimension is solved. However, in terms of a specific used technical method, the patent still uses the most traditional neural network algorithm, the method does not consider the corresponding relation between the indexes and the safety problem, neglects the difference of the network safety problems represented by different types of indexes, causes the characteristic of mixing different types of indexes, and causes interference to the whole characteristic. For enterprise-level information systems with more safety problem factors, such as the power internet of things, the traditional neural network algorithm has certain limitation in the aspect of overall system network safety situation evaluation; furthermore, the traditional neural network algorithm is easy to be over-fitted, thereby causing the accuracy of the model to be reduced.
Disclosure of Invention
The invention aims to solve the problems that the existing method does not consider the corresponding relation between indexes and security problems, ignores the difference of network security problems represented by different indexes, generates the mixed characteristics of different indexes and interferes the overall characteristics, so that the existing evaluation method has poor precision and large generalization error.
In order to solve the technical problem, the invention adopts the following technical scheme:
the invention provides a power Internet of things network security situation evaluation method based on multi-channel SAE-AdaBoost, which comprises the following steps:
step 1: network security situation index is divided into a plurality of channels T1,T2,…,Tn
Step 2: for each channel, SAE maps each unlabeled training sample k-dimensional vector x' to m-dimensional coding vector x through the hidden layerhTo obtain a low-dimensional representation x of the high-dimensional datah
And step 3: for channel TiTraining data set
Figure GDA0003663778560000021
Wherein
Figure GDA0003663778560000022
Represents the sample point after the dimension reduction of step 2, xhThe data after dimensionality reduction, x refers to index data after channel division, and yiRepresenting the category corresponding to the sample, taking the value as { -1, 1}, and representing that the security event corresponding to the channel occurs when the value is '1', wherein an AdaBoost algorithm continuously changes the weight of the sample from training data, serially learns a series of weak learners, linearly combines the weak learners into a strong learner, and uses the strong learner to evaluate the channel corresponding to the weak learner;
and 4, step 4: the AHP comprehensively considers the relative importance among the channels, and integrates the evaluation results of the multiple channels to obtain the overall network security situation.
In the above technical solution, step 1 includes the following steps:
network security issues that affect the network security environment are divided into n channels: t is1,T2,…,Tn
And dividing the overall situation index into the n channels according to the corresponding relation between each index and the safety problem.
In the above technical solution, step 2 includes the following steps:
s2.1: for each channel TiIndex data X ofTi={x1,x2,…,xnNormalizing, and adopting a minimum-maximum value standard method to convert the channel T into a channel TiThe size range of the index data is narrowed to [0,1 ]]The method comprises the following steps:
Figure GDA0003663778560000031
wherein x represents index data;
s2.2: to channel TiAnd (3) encoding index data: mapping each unlabeled training sample k-dimensional vector x' into m-dimensional coded vector x through the hidden layerhTo obtain a low-dimensional representation x of the high-dimensional datah
In the above technical solution, step 3 specifically includes:
step 3.1: Dm=(wm1,wm2,…,wmN) Representing the weight of the mth weak classifier sample, the weight of the initialized sample point is: d1=(w11,w12,…,w1N),
Figure GDA0003663778560000032
Step 3.2 use with weight D for M ═ 1,2, …, MmTraining a weak learner Gm(x);
Step 3.3 computing the Weak learner Gm(x) Classification error of (2):
Figure GDA0003663778560000033
step 3.4, forward step algorithm, weak classifier Gm(x) The coefficients of (c) are:
Figure GDA0003663778560000034
and 3.5, updating the weight distribution of the m +1 th weak learner sample:
Dm+1=(wm+1,1,wm+1,2,…,wm+1,N)
wherein, the first and the second end of the pipe are connected with each other,
Figure GDA0003663778560000035
wherein the content of the first and second substances,
Figure GDA0003663778560000036
wherein Z ismIs a normalization factor, and the main function is to convert wmiNormalized to between 0 and 1, such that
Figure GDA0003663778560000037
Step 3.6, the coefficient weighting of each weak classifier is used for carrying out linear combination on all the weak classifiers to obtain the maximumFinal strong classifier:
Figure GDA0003663778560000041
in the above technical solution, step 4 specifically includes the following steps:
step 4.1: a risk event influence value evaluation table is formulated based on a universal vulnerability scoring system (CVSS):
index (es) Degree of influence Influence value
Confidentiality (C) None (N)/Low (L)/high (H) 0/0.22/0.56
Integrity (I) None (N)/Low (L)/high (H) 0/0.22/0.56
Availability (A) None (N)/Low (L)/high (H) 0/0.22/0.56
Step 4.2: determining each channel T by combining the table in S1iC, I, A values of corresponding security events, and calculating a channel TiInfluence value of
Figure GDA0003663778560000042
Figure GDA0003663778560000043
Step 4.3: and combining the table in the S1, and constructing a paired comparison matrix of the channel by using a paired comparison method from three dimensions of confidentiality, integrity and availability:
Figure GDA0003663778560000044
wherein a isijRepresents a channel TiRelative to the channel TjThe degree of importance of;
step 4.4: calculating a characteristic root lambda, and carrying out consistency check: aw ═ λ w
Defining a consistency index:
Figure GDA0003663778560000045
n represents the number of channels;
defining a consistency ratio:
Figure GDA0003663778560000046
wherein RI is random consistency index, when the consistency ratio CR is less than 0.1, the inconsistency degree of A is in the allowable range, and has satisfactory consistency, through consistency test, the normalized characteristic vector is used as weight vector, otherwise, the comparison matrix A is reconstructed;
step 4.5: calculating a weight vector w by using the inspected characteristic root lambda, and weighting and fusing all channels to obtain the overall network security situation:
Figure GDA0003663778560000051
wherein, I (t) is a general function, when the parameter t is true, the output is 1; when the parameter t is false, the output is 0,
Figure GDA0003663778560000052
the meaning of (A) is that Ti corresponds to strongAnd (4) a classifier.
Because the invention adopts the technical scheme, the invention has the following beneficial effects:
1. the invention divides the whole index into a plurality of channels, not only fully considers the different network safety problems represented by different types of indexes, but also ensures the independence and the purity of the characteristics in the same channel. A plurality of channels are divided according to the safety problem, and when the network safety situation of the power internet of things is rapidly reduced, the positioning, tracking and tracing of the safety problem are facilitated.
2. Aiming at the problem that the accuracy of the model is reduced due to overfitting of the traditional neural network algorithm, an AdaBoost integrated learning algorithm is introduced, a plurality of weak learners are linearly weighted, the generalization error is reduced, and the accuracy of the model is improved.
3. Based on the CVSS risk event influence value evaluation table, the AHP is used for fusing all the channels to obtain the overall network security situation, and the relative importance among all the channels is comprehensively considered, so that the evaluation result is more dependent and persuasive.
Drawings
Fig. 1 is a schematic diagram of channel division.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the preferred embodiment of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
The network security situation indexes are divided into a plurality of channels:
considering that the network security environment is usually affected by a plurality of aspects, the network security problem that can affect the network security environment is divided into n channels: t is1,T2,…,Tn
And dividing the overall situation index into the n channels according to the corresponding relation between each index and the safety problem.
The specific steps of the SAE-AdaBoost for respectively evaluating the multiple channels are as follows:
s1: for each channel TiIndex data X ofTi={x1,x2,…,xnNormalizing, and adopting a minimum-maximum value standard method to convert the channel T into a channel TiThe size range of the index data is narrowed to [0,1 ]]The method comprises the following steps:
Figure GDA0003663778560000061
s2: to channel TiThe process of coding the index data is to map each unlabeled training sample k-dimensional vector x' into an m-dimensional coding vector x through the hidden layerhTo obtain a low-dimensional representation x of the high-dimensional datah. The method comprises the following specific steps:
(1) normalizing data x '═ x'1,x′2,…,x′kMapping to a hidden layer through a linear function and a sigmoid activation function to obtain a coding result
Figure GDA0003663778560000062
Namely:
Figure GDA0003663778560000063
mapping the encoding result y to a reconstruction layer through a linear function and a sigmoid activation function to obtain a decoding result x ″ { x ″)1,x″2,…,x″kThe dimension of x "is consistent with the dimension of the original data x', i.e.:
Figure GDA0003663778560000064
wherein x ishFor the encoded data, x 'is the characteristic expression of the original data, x' is the decoded data, w1、w2、b1、b2Weights and biases for input layer to hidden layer, hidden layer to reconstructed layer, respectively.
(2) When the output value of a certain neuron of the hidden layer is close to 1, the unit is in an active state, and conversely, the unit is in an inactive state. For the purpose of "sparseness", a by suppressing most neurons of the hidden layer and leaving them in an "inactive" statej(k) Representing the activation of the jth cell, then the average activation of the ith neuron in the hidden layer is:
Figure GDA0003663778560000065
(3) using KL divergence as PN expression to penalize
Figure GDA0003663778560000066
Deviating by a constant p close to 0, so that most neurons are suppressed for sparseness:
Figure GDA0003663778560000071
Figure GDA0003663778560000072
wherein sh represents the number of neurons in the hidden layer,
Figure GDA0003663778560000073
is composed of
Figure GDA0003663778560000074
And p, relative entropy, which measures the difference between the two distributions. Since the relative entropy is a convex function, when
Figure GDA0003663778560000075
When KL reaches a minimum value. To achieve sparsity limitation, a loss function is defined as:
Figure GDA0003663778560000076
wherein n is the number of samples, λ is the regularization coefficient, x ″iAnd beta is the coefficient of the sparsity limiting penalty term for the output value of the ith group of samples. The above formula consists of three parts, which are a mean square error term, a regularization term and a penalty term.
(4) Optimizing a cost loss function and a parameter w, b through a gradient descent algorithm:
Figure GDA0003663778560000077
Figure GDA0003663778560000078
Figure GDA0003663778560000079
Figure GDA00036637785600000710
wi,bithe weight and the offset of the ith data are respectively expressed, and alpha represents the learning rate. When a certain number of iterations is reached, the hidden layer neuron obtains the learning characteristics of high-dimensional data, meanwhile, the sparse self-coding deep neural network has trained corresponding weight vectors w and bias vectors b, and the data x after dimension reduction is obtained by substituting w and b into the formula (1)h
S3: is the data x after the dimension reductionhAdding tag data y to obtain channel TiTraining data set
Figure GDA00036637785600000711
Wherein
Figure GDA00036637785600000712
Representing the sample points, y, after S2 dimensionality reductioniAnd representing the category corresponding to the sample, taking the value of { -1, 1}, and representing that the security event corresponding to the channel occurs when the value is '1'. The AdaBoost algorithm continuously changes the weights of samples from training data, serially learns a series of weak learners, and linearly combines the weak learners into a strong learner. The method comprises the following specific steps:
(1)Dm=(wm1,wm2,…,wmN) Representing the weight of the mth weak classifier sample, the weight of the initialized sample point is:
D1=(w11,w12,…,w1N),
Figure GDA0003663778560000081
(2) for M1, 2, …, M, with weight D is usedmTraining a weak learner Gm(x) Here, the weak learners may be neural networks, decision trees, etc., and the principles and training processes of these weak learners are not described in detail.
(3) Weak learner G for calculationm(x) Classification error of (2):
Figure GDA0003663778560000082
i (t) is a general function, and when the parameter t is true, the output is 1; when the parameter t is false, the output is 0.
(4) By forward stepwise algorithm, weak classifiers Gm(x) The coefficients of (a) are:
Figure GDA0003663778560000083
(5) updating the weight distribution D of the m +1 th weak learner samplem+1=(wm+1,1,wm+1,2,…,wm+1,N):
Figure GDA0003663778560000084
Figure GDA0003663778560000085
Wherein Z ismIs a normalization factor, and the main function is to convert wmiNormalized to between 0 and 1, such that
Figure GDA0003663778560000086
(6) And (3) carrying out linear combination on all weak classifiers by using the coefficient weighting of each weak classifier to obtain a final strong classifier:
Figure GDA0003663778560000091
the specific steps of the AHP fusing the evaluation results of the plurality of channels to obtain the overall network security situation are as follows:
s1: a risk event influence value evaluation table is formulated based on a universal vulnerability scoring system (CVSS):
index (I) Degree of influence Influence value
Confidentiality (C) None (N)/Low (L)/high (H) 0/0.22/0.56
Integrity (I) None (N)/Low (L)) High (H) 0/0.22/0.56
Availability (A) None (N)/Low (L)/high (H) 0/0.22/0.56
S2: determining each channel T by combining the tables in S1iC, I, A values of corresponding security events, and calculating a channel TiInfluence value of (2):
Figure GDA0003663778560000092
s3: and combining the table in the S1, and constructing a paired comparison matrix of the channel by using a paired comparison method from three dimensions of confidentiality, integrity and availability:
Figure GDA0003663778560000093
wherein a isijRepresents a channel TiRelative to the channel TjThe degree of importance of.
S4: calculating a characteristic root lambda, and carrying out consistency check: aw ═ λ w
Defining a consistency index:
Figure GDA0003663778560000094
defining a consistency ratio:
Figure GDA0003663778560000095
wherein RI is a random consistency index, and when the consistency ratio CR is generally considered to be less than 0.1, the inconsistency degree of A is considered to be within an allowable range, and the A has satisfactory consistency and passes consistency check. Its normalized eigenvector can be used as the weight vector, otherwise it is reconstructed into the comparison matrix a.
S5: calculating a weight vector w by using the inspected characteristic root lambda, and weighting and fusing all channels to obtain the overall network security situation:
Figure GDA0003663778560000101

Claims (1)

1. a multi-channel SAE-AdaBoost-based power Internet of things network security situation assessment method is characterized by comprising the following steps:
step 1: network security situation index is divided into a plurality of channels T1,T2,...,Tn
Step 2: for each channel, SAE maps each unlabeled training sample k-dimensional vector x' to m-dimensional coding vector x through the hidden layerhTo obtain a low-dimensional representation x of the high-dimensional datah
And 3, step 3: for channel TiTraining data set
Figure FDA0003663778550000011
Wherein
Figure FDA0003663778550000012
Representing the sample points, x, after the dimension reduction of step 2hThe data after dimensionality reduction, x refers to index data after channel division, and yiRepresenting the category corresponding to the sample, taking the value as { -1, 1}, representing that a security event corresponding to the channel occurs when the value is '1', continuously changing the weight of the sample from training data by an AdaBoost algorithm, serially learning a series of weak learners, linearly combining the weak learners into a strong learner, and evaluating the corresponding channel by using the strong learner;
and 4, step 4: the AHP comprehensively considers the relative importance among the channels, and integrates the evaluation results of a plurality of channels to obtain the overall network security situation;
the step 1 comprises the following steps:
to network security ringNetwork security issues affected by environmental impact are divided into n channels: t is1,T2,...,Tn
Dividing the overall situation index into the n channels according to the corresponding relation between each index and the safety problem;
the step 2 comprises the following steps:
s2.1: for each channel TiIndex data X ofTi={x1,x2,...,xnNormalizing, and adopting a minimum-maximum value standard method to convert the channel T into a channel TiThe size range of the index data is narrowed to [0,1 ]]The method comprises the following steps:
Figure FDA0003663778550000013
wherein x represents index data;
s2.2: to channel TiAnd (3) encoding index data: mapping each unlabeled training sample k-dimensional vector x' into m-dimensional coded vector x through the hidden layerhTo obtain a low-dimensional representation x of the high-dimensional datah
The step 3 specifically comprises:
step 3.1: Dm=(wm1,wm2,...,wmN) Representing the weight of the mth weak classifier sample, the weight of the initialized sample point is: d1=(w11,w12,...,w1N),
Figure FDA0003663778550000021
Step 3.2, for M1, 2mTraining a weak learner Gm(x);
Step 3.3 computing the Weak learner Gm(x) Classification error of (2):
Figure FDA0003663778550000022
step 3.4, forward step algorithm, weak classifier Gm(x) The coefficients of (a) are:
Figure FDA0003663778550000023
and 3.5, updating the weight distribution of the m +1 th weak learner sample:
Dm+1=(wm+1,1,wm+1,2,...,wm+1,N)
wherein the content of the first and second substances,
Figure FDA0003663778550000024
wherein the content of the first and second substances,
Figure FDA0003663778550000025
wherein, ZmIs a normalization factor, and the main function is to convert wmiNormalized to between 0 and 1, such that
Figure FDA0003663778550000026
And 3.6, carrying out linear combination on all weak classifiers by using the coefficient weighting of each weak classifier to obtain a final strong classifier:
Figure FDA0003663778550000027
the step 4 specifically comprises the following steps:
step 4.1: a risk event influence value evaluation table is formulated based on a universal vulnerability scoring system (CVSS):
Figure FDA0003663778550000028
Figure FDA0003663778550000031
and 4.2: determining each channel T by combining the table in S1iCorresponding securityC, I, A values of the event, and calculates the channel TiInfluence value of
Figure FDA0003663778550000032
Figure FDA0003663778550000033
Step 4.3: combining the table in S1, constructing a paired comparison matrix of the channel by using a paired comparison method from three dimensions of confidentiality, integrity and availability:
Figure FDA0003663778550000034
wherein a isijRepresents a channel TiRelative to the channel TjThe degree of importance of;
step 4.4: calculating a characteristic root lambda, and carrying out consistency check: aw ═ λ w
Defining a consistency index:
Figure FDA0003663778550000035
n represents the number of channels;
defining a consistency ratio:
Figure FDA0003663778550000036
wherein RI is a random consistency index, when the consistency ratio CR is less than 0.1, the inconsistency degree of A is within an allowable range and has satisfactory consistency, and the normalized characteristic vector is used as a weight vector through consistency test, otherwise, a comparison matrix A is reconstructed;
step 4.5: calculating a weight vector w by using the inspected characteristic root lambda, and weighting and fusing all channels to obtain the overall network security situation:
Figure FDA0003663778550000037
wherein, I (t) is a general function, when the parameter t is true, the output is 1; when the parameter t is false, the output is 0, GTi(xh) Meaning that Ti corresponds to a strong classifier.
CN202011461351.4A 2020-12-08 2020-12-08 Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost Active CN112615843B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011461351.4A CN112615843B (en) 2020-12-08 2020-12-08 Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011461351.4A CN112615843B (en) 2020-12-08 2020-12-08 Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost

Publications (2)

Publication Number Publication Date
CN112615843A CN112615843A (en) 2021-04-06
CN112615843B true CN112615843B (en) 2022-07-08

Family

ID=75234468

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011461351.4A Active CN112615843B (en) 2020-12-08 2020-12-08 Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost

Country Status (1)

Country Link
CN (1) CN112615843B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114374561B (en) * 2022-01-13 2023-10-24 潍坊学院 Network security state evaluation method, device and storable medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104794534A (en) * 2015-04-16 2015-07-22 国网山东省电力公司临沂供电公司 Power grid security situation predicting method based on improved deep learning model
CN109492751A (en) * 2018-11-02 2019-03-19 重庆邮电大学 Network safety situation element securing mechanism based on BN-DBN
CN109547431A (en) * 2018-11-19 2019-03-29 国网河南省电力公司信息通信公司 A kind of network security situation evaluating method based on CS and improved BP
CN110149333A (en) * 2019-05-23 2019-08-20 桂林电子科技大学 A kind of network security situation evaluating method based on SAE+BPNN
CN110865625A (en) * 2018-08-28 2020-03-06 中国科学院沈阳自动化研究所 Process data anomaly detection method based on time series
CN111404919A (en) * 2020-03-12 2020-07-10 东南大学 Method for sensing diversity of network security states of nuclear power control system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018085857A1 (en) * 2016-11-07 2018-05-11 Eero Inc. Systems and methods for enhanced mesh networking
CN110647900B (en) * 2019-04-12 2022-04-22 中国人民解放军战略支援部队信息工程大学 Intelligent safety situation prediction method, device and system based on deep neural network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104794534A (en) * 2015-04-16 2015-07-22 国网山东省电力公司临沂供电公司 Power grid security situation predicting method based on improved deep learning model
CN110865625A (en) * 2018-08-28 2020-03-06 中国科学院沈阳自动化研究所 Process data anomaly detection method based on time series
CN109492751A (en) * 2018-11-02 2019-03-19 重庆邮电大学 Network safety situation element securing mechanism based on BN-DBN
CN109547431A (en) * 2018-11-19 2019-03-29 国网河南省电力公司信息通信公司 A kind of network security situation evaluating method based on CS and improved BP
CN110149333A (en) * 2019-05-23 2019-08-20 桂林电子科技大学 A kind of network security situation evaluating method based on SAE+BPNN
CN111404919A (en) * 2020-03-12 2020-07-10 东南大学 Method for sensing diversity of network security states of nuclear power control system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Remote Sensing Image Classification Based on Ensemble Extreme Learning Machine With Stacked Autoencoder;Fei Lv;《IEEE Access 》;20170523;全文 *
军用信息系统智能化的挑战与趋势;郭圣明等;《控制理论与应用》;20161215(第12期);全文 *
基于BP神经网络的网络安全态势评估研究;黄焱;《佳木斯大学学报(自然科学版)》;20200715(第04期);全文 *

Also Published As

Publication number Publication date
CN112615843A (en) 2021-04-06

Similar Documents

Publication Publication Date Title
CN112101426B (en) Unsupervised learning image anomaly detection method based on self-encoder
CN109389171B (en) Medical image classification method based on multi-granularity convolution noise reduction automatic encoder technology
CN112070128A (en) Transformer fault diagnosis method based on deep learning
CN112966667B (en) Method for identifying one-dimensional distance image noise reduction convolution neural network of sea surface target
CN115688024B (en) Network abnormal user prediction method based on user content characteristics and behavior characteristics
CN112147432A (en) BiLSTM module based on attention mechanism, transformer state diagnosis method and system
CN112732921B (en) False user comment detection method and system
CN113052271B (en) Biological fermentation data prediction method based on deep neural network
CN102142082A (en) Virtual sample based kernel discrimination method for face recognition
CN112615843B (en) Power Internet of things network security situation assessment method based on multi-channel SAE-AdaBoost
CN108520201A (en) A kind of robust human face recognition methods returned based on weighted blend norm
CN112541530B (en) Data preprocessing method and device for clustering model
CN113344589B (en) Intelligent identification method for collusion behavior of power generation enterprise based on VAEGMM model
CN108388918B (en) Data feature selection method with structure retention characteristics
CN117236330B (en) Mutual information and antagonistic neural network based method for enhancing theme diversity
CN114239384A (en) Rolling bearing fault diagnosis method based on nonlinear measurement prototype network
CN114580262A (en) Lithium ion battery health state estimation method
CN114200245A (en) Construction method of line loss abnormity identification model of power distribution network
CN111275109A (en) Power equipment state data characteristic optimization method and system based on self-encoder
CN113177587B (en) Generalized zero sample target classification method based on active learning and variational self-encoder
CN113128615A (en) Detection system, method and application of BP neural network to information security based on PCA
CN111832942A (en) Criminal transformation quality assessment system based on machine learning
Haiyang et al. An improved Canopy-FFCM clustering algorithm for ocean data analysis
Li et al. Robustness-aware 2-bit quantization with real-time performance for neural network
CN112541554B (en) Multi-mode process monitoring method and system based on time constraint and nuclear sparse representation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant