CN112766517B - Monitoring and early warning method for electric power operation and maintenance network security - Google Patents
Monitoring and early warning method for electric power operation and maintenance network security Download PDFInfo
- Publication number
- CN112766517B CN112766517B CN202110038782.8A CN202110038782A CN112766517B CN 112766517 B CN112766517 B CN 112766517B CN 202110038782 A CN202110038782 A CN 202110038782A CN 112766517 B CN112766517 B CN 112766517B
- Authority
- CN
- China
- Prior art keywords
- network
- maintenance
- data
- monitoring
- electric power
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012423 maintenance Methods 0.000 title claims abstract description 86
- 238000012544 monitoring process Methods 0.000 title claims abstract description 52
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000011156 evaluation Methods 0.000 claims abstract description 14
- 230000008859 change Effects 0.000 claims abstract description 12
- 238000007689 inspection Methods 0.000 claims abstract description 9
- 238000009826 distribution Methods 0.000 claims description 10
- 230000002159 abnormal effect Effects 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 5
- 238000004140 cleaning Methods 0.000 claims description 5
- 239000011159 matrix material Substances 0.000 claims description 5
- 230000011218 segmentation Effects 0.000 claims description 5
- 239000007858 starting material Substances 0.000 claims description 5
- 230000006399 behavior Effects 0.000 abstract description 38
- 238000012795 verification Methods 0.000 abstract description 3
- 238000012502 risk assessment Methods 0.000 abstract description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/20—Administration of product repair or maintenance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/06—Electricity, gas or water supply
Abstract
The invention discloses a monitoring and early warning method for electric power operation and maintenance network safety, which comprises the following steps: establishing a basic database, and collecting data such as a configuration item attribute management list, a configuration item relationship, a daily inspection record, an operation and maintenance overall change operation history, an operation and maintenance overall network topological graph, a related equipment change history, an operation and maintenance overall demand summary list, an operation and maintenance overall risk assessment report, each equipment level protection evaluation report, structured data, each equipment network security level protection evaluation report and the like of the power operation and maintenance. According to the monitoring and early warning method for the electric power operation and maintenance network safety, the safety of a user is ensured by carrying out identity verification on a network request object and carrying out risk index comparison on operation and access authority of the network request object; according to the monitoring and early warning method for the safety of the electric power operation and maintenance network, real-time monitoring is carried out through the hierarchical network data corresponding to each hierarchy in the electric power monitoring system, and threat warning is carried out in time aiming at illegal behaviors.
Description
Technical Field
The invention relates to the technical field of electric power operation and maintenance monitoring and early warning, in particular to a monitoring and early warning method for electric power operation and maintenance network safety.
Background
In recent years, IT service management systems and management means are greatly improved, and the latest management system and information operation and maintenance service system design achievement needs to be solidified in an information security operation monitoring and early warning system V1.0 (operation and maintenance flow management) to adapt to the development needs of business; the CSGII enterprise management information system of the company is comprehensively popularized and brought on line in 2015, company informatization works enter a large operation and maintenance large service stage from a large construction stage, and higher requirements and challenges are provided for operation and maintenance services; the system functions are finely adjusted in 2014-2015, the basic functions of dispatching, transportation and inspection and partial transverse cooperative functions are completed, the production operation mode of 'dispatching, transportation, inspection and clothing' in the power grid main industry and the information operation and maintenance service system of 'network province dispatching degree and three-line service' are not completely embodied, the configuration and maintenance database is self-defined and does not meet the international standard, the defects of difficult interaction, complex processing and the like exist in the aspects of data interaction and data sharing with other systems, the complete support for the seven-dimensional information function and the interface of the IT asset is lacked, the operation and maintenance cost collection function is not realized, and the service operation and maintenance index management is also to be perfected. Therefore, the functions of the related flow modules of the 'debugging, transportation and inspection' of the information security operation monitoring and early warning system V1.0 (operation and maintenance flow management) need to be deepened, and the functions of the seven-dimensional information adaptability transformation of the assets, the optimization, the lateral cooperation of the security operation and maintenance service supporting system and the like are performed for supporting the consistency of the asset full-life-cycle management account card.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a monitoring and early warning method for the safety of an electric power operation and maintenance network, and solves the problems.
In order to achieve the purpose of solving the problems, the invention provides the following technical scheme: a monitoring and early warning method for electric power operation and maintenance network safety comprises the following steps:
1) Establishing a basic database, and collecting data such as a configuration item attribute management list, a configuration item relation, a daily inspection record, an operation and maintenance overall operation plan log, an operation and maintenance overall change operation history, an operation and maintenance overall network topological graph, a related equipment change history, an operation and maintenance overall demand summary list, an operation and maintenance overall risk evaluation report, each equipment level protection evaluation report, structured data, each equipment network security level protection evaluation report and the like of the power operation and maintenance;
2) Acquiring geographic distribution data corresponding to each hierarchy in the electric power operation and maintenance network system, and determining each IP address of each hierarchy according to the acquired geographic distribution data;
3) Carrying out data cleaning, word segmentation, part of speech tagging and word weight setting on the data obtained in the step 1 and the step 2, and then storing the processed data in a basic database;
4) Meanwhile, a cache sub-database is established, data such as electric power operation and maintenance network safety early warning information, a network safety problem list of each platform device, backlogs, a completion progress list and the like are collected in real time, and the obtained real-time data are dynamically stored in the cache sub-database;
5) Firstly, performing identity authentication on a network request object accessing a monitoring power application program, then identifying the identity provided by the network request object, describing the operation and access authority of the network request object according to a network request object identity authority management matrix, displaying a risk index comparison result for a user obtaining the access authority, and recording and storing the result into a cache sub-database;
6) Filling a network access control list for the network request object, and setting the authority configuration of the network request object;
7) When the power application program receives the network request, judging whether the network request object is in the network access control list, and if the network request object is in the access control list, allowing the network request; otherwise, judging that the network request is an illegal network request behavior, prohibiting the illegal network request behavior, recording the illegal network request behavior, and inputting the illegal network request behavior into the cache sub-database;
8) When the network request is judged to be allowed in the step 7, carrying out real-time monitoring on the network flow and validity check on the data collected by the network request object, carrying out logic check on the data, and judging the data to be illegal network behavior or normal network behavior;
9) If the network behavior is judged to be illegal in the step 8, adopting a threat traceability strategy to carry out network traceability on each hierarchy to obtain traceability analysis results, and generating a network threat alarm according to the traceability analysis results; generating a system topological graph of the electric power operation and maintenance system according to the hierarchy type information and the network connection information; and generating a threat alarm interface according to the obtained system topological graph, the source tracing analysis result and the network threat alarm, and displaying the threat alarm interface.
Further, the base database in step 1 includes an operation and maintenance knowledge base.
Further, the step 4 performs validity check on the collected data.
Further, in step 4, the data needs to be encrypted by the asymmetric data encryption module and then transmitted to the basic database through the data remote transmission module, and then decrypted by the asymmetric data decryption module, so as to realize the association between the cache sub-database and the basic database.
Further, in the step 8, an abnormal flow behavior is obtained by monitoring the use condition of the network flow of the power application program in a preset period based on the Android starter in combination with the obtained use condition of the network flow and a preset flow threshold.
Further, the source tracing analysis result in step 9 includes one of a network attack source, a network attack destination, and a network attack path.
Further, the buzzer control module is started while the threat warning interface is displayed in the step 9.
Compared with the prior art, the invention provides a monitoring and early warning method for the safety of an electric power operation and maintenance network, which has the following beneficial effects:
1. according to the monitoring and early warning method for the electric power operation and maintenance network safety, the safety of a user is ensured by carrying out identity verification on a network request object and carrying out risk index comparison on operation and access authority of the network request object.
2. According to the monitoring and early warning method for the safety of the electric power operation and maintenance network, real-time monitoring is carried out through the hierarchical network data corresponding to each hierarchy in the electric power monitoring system, and threat warning is carried out in time aiming at illegal behaviors.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
a monitoring and early warning method for electric power operation and maintenance network safety is characterized by comprising the following steps:
1) Establishing a basic database, wherein the basic database comprises an operation and maintenance knowledge base, and collects a configuration item attribute management list, a configuration item relation, a daily inspection record, an operation and maintenance overall operation plan log, an operation and maintenance overall change operation history, an operation and maintenance overall network topological graph, a related equipment change history, an operation and maintenance overall demand summary list, an operation and maintenance overall risk evaluation report, each equipment level protection evaluation report and structural data, each equipment network security level protection evaluation report and the like, and the security of a user is ensured by verifying the identity of a network request object and comparing the risk indexes of the network request object for operation and access authority;
2) Acquiring geographic distribution data corresponding to each hierarchy in the electric power operation and maintenance network system, and determining each IP address of each hierarchy according to the acquired geographic distribution data;
3) Carrying out data cleaning, word segmentation, part of speech tagging and word weight setting on the data obtained in the step 1 and the step 2, and then storing the processed data in a basic database;
4) Meanwhile, a cache sub-database is established, data such as electric power operation and maintenance network safety early warning information, a network safety problem list, backlogs and a completion progress list of each platform device are collected in real time, the obtained real-time data are dynamic, effectiveness checking is carried out on the collected data, the collected data are stored in the cache sub-database, the data are encrypted by an asymmetric data encryption module and then transmitted to a basic database through a data remote transmission module, and then are decrypted by an asymmetric data decryption module, so that the association between the cache sub-database and the basic database is realized;
5) Firstly, performing identity authentication on a network request object accessing a monitoring power application program, then identifying the identity provided by the network request object, describing the operation and access authority of the network request object according to a network request object identity authority management matrix, displaying a risk index comparison result for a user obtaining the access authority, and recording and storing the result into a cache sub-database;
6) Filling a network access control list for the network request object, and setting the authority configuration of the network request object;
7) When the power application program receives the network request, judging whether the network request object is in the network access control list, and if the network request object is in the access control list, allowing the network request; otherwise, judging that the network request is an illegal network request behavior, prohibiting the illegal network request behavior, recording the illegal network request behavior, and inputting the illegal network request behavior into a cache sub-database;
8) When the network request is judged to be allowed in the step 7, monitoring the use condition of the network flow of the power application program in a preset period based on the Android starter, combining the obtained use condition of the network flow and a preset flow threshold value to obtain an abnormal flow behavior, carrying out real-time monitoring on the network flow and validity check on data collected by the network request object, carrying out logic check on the data, and judging that the data is an illegal network behavior or a normal network behavior;
9) If the network behavior is judged to be illegal in the step 8, performing network tracing on each hierarchy by adopting a threat tracing strategy to obtain a tracing analysis result, wherein the tracing analysis result is a network attack path, and generating a network threat alarm according to the tracing analysis result; generating a system topological graph of the electric power operation and maintenance system according to the hierarchy type information and the network connection information; and generating a threat alarm interface according to the obtained system topological graph, the traceability analysis result and the network threat alarm, displaying the threat alarm interface, starting the buzzer control module, performing real-time monitoring through the hierarchy network data corresponding to each hierarchy in the power monitoring system, and performing threat alarm aiming at illegal behaviors in time.
The second embodiment:
a monitoring and early warning method for electric power operation and maintenance network safety is characterized by comprising the following steps:
1) Establishing a basic database, wherein the basic database comprises an operation and maintenance knowledge base, and collects data such as a configuration item attribute management list, a configuration item relation, a daily inspection record, an operation and maintenance overall operation plan log, an operation and maintenance overall change operation history, an operation and maintenance overall network topological graph, a related equipment change history, an operation and maintenance overall demand summary list, an operation and maintenance overall risk assessment report, each equipment level protection assessment report, structured data, each equipment network security level protection assessment report and the like;
2) Acquiring geographic distribution data corresponding to each hierarchy in the electric power operation and maintenance network system, and determining each IP address of each hierarchy according to the acquired geographic distribution data;
3) Carrying out data cleaning, word segmentation, part of speech tagging and word weight setting on the data obtained in the step 1 and the step 2, and then storing the processed data in a basic database;
4) Meanwhile, a cache sub-database is established, data such as electric power operation and maintenance network safety early warning information, a network safety problem list, backlogs and a completion progress list of each platform device are collected in real time, the obtained real-time data are dynamic, effectiveness checking is carried out on the collected data, the collected data are stored in the cache sub-database, the data are encrypted by an asymmetric data encryption module and then transmitted to a basic database through a data remote transmission module, and then are decrypted by an asymmetric data decryption module, so that the association between the cache sub-database and the basic database is realized;
5) The method comprises the steps of firstly performing identity authentication on a network request object accessing a monitoring power application program, then identifying the identity provided by the network request object, describing the operation and access right of the network request object according to a network request object identity right management matrix, displaying a risk index comparison result for a user obtaining the access right, recording and storing the result into a cache sub-database, and performing identity authentication on the network request object, performing risk index comparison on the operation and access right of the network request object to ensure the safety of the user;
6) Filling a network access control list for the network request object, and setting the authority configuration of the network request object;
7) When the power application program receives the network request, judging whether the network request object is in the network access control list, and if the network request object is in the access control list, allowing the network request; otherwise, judging that the network request is an illegal network request behavior, prohibiting the illegal network request behavior, recording the illegal network request behavior, and inputting the illegal network request behavior into the cache sub-database;
8) When the network request is judged to be allowed in the step 7, monitoring the use condition of the network flow of the power application program in a preset period based on the Android starter, combining the obtained use condition of the network flow and a preset flow threshold value to obtain an abnormal flow behavior, carrying out real-time monitoring on the network flow and validity check on data collected by the network request object, carrying out logic check on the data, and judging that the data is an illegal network behavior or a normal network behavior;
9) If the network behavior is judged to be illegal in the step 8, performing network tracing on each hierarchy by adopting a threat tracing strategy to obtain a tracing analysis result, wherein the tracing analysis result is a network attack purpose, and generating a network threat alarm according to the tracing analysis result; generating a system topological graph of the electric power operation and maintenance system according to the hierarchy type information and the network connection information; and generating a threat alarm interface according to the obtained system topological graph, the traceability analysis result and the network threat alarm, displaying the threat alarm interface, starting the buzzer control module, performing real-time monitoring through the hierarchy network data corresponding to each hierarchy in the power monitoring system, and performing threat alarm aiming at illegal behaviors in time.
Example three:
a monitoring and early warning method for electric power operation and maintenance network safety is characterized by comprising the following steps:
1) Establishing a basic database, wherein the basic database comprises an operation and maintenance knowledge base, and collects data such as a configuration item attribute management list, a configuration item relation, a daily inspection record, an operation and maintenance overall operation plan log, an operation and maintenance overall change operation history, an operation and maintenance overall network topological graph, a related equipment change history, an operation and maintenance overall demand summary list, an operation and maintenance overall risk evaluation report, each equipment level protection evaluation report, structured data, each equipment network security level protection evaluation report and the like of power operation and maintenance;
2) Acquiring geographic distribution data corresponding to each hierarchy in the electric power operation and maintenance network system, and determining each IP address of each hierarchy according to the acquired geographic distribution data;
3) Carrying out data cleaning, word segmentation, part of speech tagging and word weight setting on the data obtained in the step 1 and the step 2, and then storing the processed data in a basic database;
4) Meanwhile, a cache sub-database is established, data such as electric power operation and maintenance network security early warning information, a network security problem list, backlog items, a completion progress list and the like of each platform device are collected in real time, the obtained real-time data are dynamic, effectiveness checking is carried out on the collected data, the collected data are stored in the cache sub-database, the data are encrypted by an asymmetric data encryption module and then transmitted to a basic database through a data remote transmission module, and then are decrypted by an asymmetric data decryption module, so that the association between the cache sub-database and the basic database is realized;
5) The method comprises the steps of firstly performing identity authentication on a network request object accessing a monitoring power application program, then identifying the identity provided by the network request object, describing the operation and access right of the network request object according to a network request object identity right management matrix, displaying a risk index comparison result for a user obtaining the access right, recording and storing the result into a cache sub-database, and performing identity authentication on the network request object, performing risk index comparison on the operation and access right of the network request object to ensure the safety of the user;
6) Filling a network access control list for the network request object, and setting authority configuration of the network request object;
7) When the power application program receives the network request, judging whether the network request object is in the network access control list, and if the network request object is in the access control list, allowing the network request; otherwise, judging that the network request is an illegal network request behavior, prohibiting the illegal network request behavior, recording the illegal network request behavior, and inputting the illegal network request behavior into the cache sub-database;
8) When the network request is judged to be allowed in the step 7, monitoring the use condition of the network flow of the power application program in a preset period based on the Android starter, combining the obtained use condition of the network flow and a preset flow threshold value to obtain an abnormal flow behavior, carrying out real-time monitoring on the network flow and validity check on data collected by the network request object, carrying out logic check on the data, and judging that the data is an illegal network behavior or a normal network behavior;
9) If the network behavior is judged to be illegal in the step 8, performing network tracing on each hierarchy by adopting a threat tracing strategy to obtain a tracing analysis result, wherein the tracing analysis result is a network attack source, and generating a network threat alarm according to the tracing analysis result; generating a system topological graph of the electric power operation and maintenance system according to the hierarchy type information and the network connection information; and generating a threat alarm interface according to the obtained system topological graph, the traceability analysis result and the network threat alarm, displaying the threat alarm interface, starting the buzzer control module, performing real-time monitoring through the hierarchy network data corresponding to each hierarchy in the power monitoring system, and performing threat alarm aiming at illegal behaviors in time.
The invention has the beneficial effects that: according to the monitoring and early warning method for the electric power operation and maintenance network safety, the safety of a user is ensured by carrying out identity verification on a network request object and carrying out risk index comparison on operation and access authority of the network request object; and real-time monitoring is carried out through the hierarchy network data corresponding to each hierarchy in the power monitoring system, and threat warning is carried out in time aiming at illegal behaviors.
Although embodiments of the present invention have been shown and described above, it will be understood that the above embodiments are exemplary and not to be construed as limiting the present invention, and that those skilled in the art may make variations, modifications, substitutions and alterations within the scope of the present invention without departing from the spirit and scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (7)
1. A monitoring and early warning method for electric power operation and maintenance network safety is characterized by comprising the following steps:
1) Establishing a basic database, and collecting data such as a configuration item attribute management list, a configuration item relationship, a daily inspection record, an operation and maintenance overall operation plan log, an operation and maintenance overall change operation history, an operation and maintenance overall network topological graph, a related equipment change history, an operation and maintenance overall demand summary list, an operation and maintenance overall risk evaluation report, each equipment level protection evaluation report, structured data, each equipment network security level protection evaluation report and the like of power operation and maintenance;
2) Acquiring geographic distribution data corresponding to each hierarchy in the electric power operation and maintenance network system, and determining each IP address of each hierarchy according to the acquired geographic distribution data;
3) Carrying out data cleaning, word segmentation, part of speech tagging and word weight setting on the data obtained in the step 1 and the step 2, and then storing the processed data in a basic database;
4) Meanwhile, a cache sub-database is established, data such as electric power operation and maintenance network safety early warning information, a network safety problem list of each platform device, backlogs, a completion progress list and the like are collected in real time, and the obtained real-time data are dynamically stored in the cache sub-database;
5) Firstly, performing identity authentication on a network request object accessing a monitoring power application program, then identifying the identity provided by the network request object, describing the operation and access authority of the network request object according to a network request object identity authority management matrix, displaying a risk index comparison result for a user obtaining the access authority, and recording and storing the result into a cache sub-database;
6) Filling a network access control list for the network request object, and setting the authority configuration of the network request object;
7) When the power application program receives the network request, judging whether the network request object is in the network access control list, and if the network request object is in the access control list, allowing the network request; otherwise, judging that the network request is an illegal network request behavior, prohibiting the illegal network request behavior, recording the illegal network request behavior, and inputting the illegal network request behavior into a cache sub-database;
8) When the network request is judged to be allowed in the step 7, carrying out real-time monitoring on the network flow and validity check on the data collected by the network request object, carrying out logic check on the data, and judging the data to be illegal network behavior or normal network behavior;
9) If the network behavior is judged to be illegal in the step 8, performing network tracing on each hierarchy by adopting a threat tracing strategy to obtain a tracing analysis result, and generating a network threat alarm according to the tracing analysis result; generating a system topological graph of the electric power operation and maintenance system according to the hierarchy type information and the network connection information; and generating a threat alarm interface according to the obtained system topological graph, the source tracing analysis result and the network threat alarm, and displaying the threat alarm interface.
2. The monitoring and early warning method for the safety of the electric power operation and maintenance network according to claim 1, wherein the basic database in the step 1 comprises an operation and maintenance knowledge base.
3. The monitoring and early warning method for the safety of the electric power operation and maintenance network according to claim 1, wherein the step 4 is used for performing validity check on the collected data.
4. The monitoring and early warning method for the safety of the electric power operation and maintenance network according to claim 3, wherein in the step 4, the data is encrypted by the asymmetric data encryption module and then transmitted to the basic database by the data remote transmission module, and then decrypted by the asymmetric data decryption module, so that the association between the cache sub-database and the basic database is realized.
5. The monitoring and early warning method for the electric power operation and maintenance network safety according to claim 1, wherein in the step 8, an abnormal flow behavior is obtained by combining the obtained network flow use condition and a preset flow threshold value based on the Android starter monitoring the use condition of the network flow of the electric power application program in a preset period.
6. The method for monitoring and warning the security of the electric power operation and maintenance network according to claim 1, wherein the source tracing analysis result in the step 9 includes one of a network attack source, a network attack destination and a network attack path.
7. The monitoring and early warning method for the safety of the electric power operation and maintenance network according to claim 1, wherein a buzzer control module is started while a threat warning interface is displayed in the step 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110038782.8A CN112766517B (en) | 2021-01-12 | 2021-01-12 | Monitoring and early warning method for electric power operation and maintenance network security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110038782.8A CN112766517B (en) | 2021-01-12 | 2021-01-12 | Monitoring and early warning method for electric power operation and maintenance network security |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112766517A CN112766517A (en) | 2021-05-07 |
| CN112766517B true CN112766517B (en) | 2023-02-03 |
Family
ID=75701675
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110038782.8A Active CN112766517B (en) | 2021-01-12 | 2021-01-12 | Monitoring and early warning method for electric power operation and maintenance network security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112766517B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114363057A (en) * | 2021-12-31 | 2022-04-15 | 南方电网数字电网研究院有限公司 | Intelligent network security analysis method and system |
| CN114397842B (en) * | 2022-01-04 | 2023-05-23 | 中国南方电网有限责任公司超高压输电公司南宁监控中心 | Intelligent inspection reinforcement method for safety of power monitoring network |
| CN115664695B (en) * | 2022-08-26 | 2023-11-17 | 南方电网数字电网研究院有限公司 | Comprehensive evaluation method for network space security situation based on two-dimensional code reflection |
| CN115423127B (en) * | 2022-08-30 | 2023-08-01 | 南方电网调峰调频发电有限公司西部检修试验分公司 | Power equipment on-site operation and maintenance method and system based on artificial intelligence |
| CN116095683B (en) * | 2023-04-11 | 2023-06-13 | 微网优联科技(成都)有限公司 | Network security protection method and device for wireless router |
| CN116595578B (en) * | 2023-04-26 | 2024-01-19 | 国网河南省电力公司信息通信分公司 | Power network self-checking attack and defense safety data system |
| CN116866069B (en) * | 2023-08-08 | 2024-03-29 | 深圳市众志天成科技有限公司 | Network risk behavior recognition method based on big data |
| CN117201188B (en) * | 2023-11-03 | 2024-01-09 | 北京绿色苹果技术有限公司 | IT safe operation risk prediction method, system and medium based on big data |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110149327A (en) * | 2019-05-20 | 2019-08-20 | 中国南方电网有限责任公司 | Alarm method, device, computer equipment and the storage medium of network security threats |
| CN111815132A (en) * | 2020-06-28 | 2020-10-23 | 云南电网有限责任公司电力科学研究院 | Network security management information publishing method and system for power monitoring system |
-
2021
- 2021-01-12 CN CN202110038782.8A patent/CN112766517B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110149327A (en) * | 2019-05-20 | 2019-08-20 | 中国南方电网有限责任公司 | Alarm method, device, computer equipment and the storage medium of network security threats |
| CN111815132A (en) * | 2020-06-28 | 2020-10-23 | 云南电网有限责任公司电力科学研究院 | Network security management information publishing method and system for power monitoring system |
Non-Patent Citations (2)
| Title |
|---|
| 广电网络安全运营预警平台的设计研究;王庆丰;《中国有线电视》;20180515(第05期);全文 * |
| 电视台信息系统网络安全监测业务实践探讨;琚宏伟等;《广播与电视技术》;20190515(第05期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112766517A (en) | 2021-05-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112766517B (en) | Monitoring and early warning method for electric power operation and maintenance network security | |
| CN111881452B (en) | Safety test system for industrial control equipment and working method thereof | |
| KR20180013998A (en) | Account theft risk identification method, identification device, prevention and control system | |
| CN108537243B (en) | Violation warning method and device | |
| CN116680756A (en) | Sports enterprise financial data safety system based on blockchain | |
| CN116861446A (en) | Data security assessment method and system | |
| CN116227918A (en) | Supervision method and system for medicine safety | |
| CN107483410A (en) | Network safety managing method and device | |
| CN105450660A (en) | Business resource security control system | |
| CN106407836B (en) | A kind of method and device that the behavior of data illegal modifications detects automatically | |
| CN116934357A (en) | Industrial product tracing method based on block chain and distributed technology | |
| CN116502209A (en) | Intelligent authority dynamic management method, system and terminal for weather service system | |
| KR20060058186A (en) | Information technology risk management system and method the same | |
| CN116401688A (en) | Data security risk prediction method, device, computer equipment and medium | |
| CN110225047B (en) | Work monitoring method and device, computer equipment and storage medium | |
| CN111597525A (en) | Resource management system security platform | |
| CN116522095B (en) | Main data management method based on data center | |
| CN112583812B (en) | Account security determination method, device, equipment and medium | |
| CN116150262A (en) | Penetration type supervision system and method | |
| CN116596311A (en) | Block chain-based gold jewelry industry wind control method and system | |
| CN117768143A (en) | Method for effectively protecting safe operation of remote product issuing system in non-trusted environment | |
| CN115906027A (en) | Data management method, device, computer equipment and storage medium thereof | |
| CN117235059A (en) | Data management platform | |
| CN116506145A (en) | Information technology analysis system based on cloud computing | |
| CN115809950A (en) | Machine room operation and maintenance management platform and management method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: Room 1301, Chengtou building, No. 106, Fengze East Road, Nansha District, Guangzhou City, Guangdong Province Patentee after: Southern Power Grid Digital Grid Research Institute Co.,Ltd. Country or region after: China Patentee after: CHINA SOUTHERN POWER GRID Co.,Ltd. Address before: Room 1301, Chengtou building, No. 106, Fengze East Road, Nansha District, Guangzhou City, Guangdong Province Patentee before: Southern Power Grid Digital Grid Research Institute Co.,Ltd. Country or region before: China Patentee before: CHINA SOUTHERN POWER GRID Co.,Ltd. |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20240326 Address after: 510000 No. 11 Kexiang Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee after: CHINA SOUTHERN POWER GRID Co.,Ltd. Country or region after: China Patentee after: China Southern Power Grid Digital Power Grid Group Information Communication Technology Co.,Ltd. Address before: Room 1301, Chengtou building, No. 106, Fengze East Road, Nansha District, Guangzhou City, Guangdong Province Patentee before: Southern Power Grid Digital Grid Research Institute Co.,Ltd. Country or region before: China Patentee before: CHINA SOUTHERN POWER GRID Co.,Ltd. |