CN115001740A - Attack path visualization system inside power system - Google Patents
Attack path visualization system inside power system Download PDFInfo
- Publication number
- CN115001740A CN115001740A CN202210413686.1A CN202210413686A CN115001740A CN 115001740 A CN115001740 A CN 115001740A CN 202210413686 A CN202210413686 A CN 202210413686A CN 115001740 A CN115001740 A CN 115001740A
- Authority
- CN
- China
- Prior art keywords
- attack
- malicious
- power system
- malicious attack
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012800 visualization Methods 0.000 title claims abstract description 25
- 230000006399 behavior Effects 0.000 claims abstract description 65
- 238000005094 computer simulation Methods 0.000 claims abstract description 17
- 238000011002 quantification Methods 0.000 claims abstract description 14
- 230000000007 visual effect Effects 0.000 claims abstract description 13
- 238000012544 monitoring process Methods 0.000 claims abstract description 11
- 238000010276 construction Methods 0.000 claims abstract description 4
- 238000003062 neural network model Methods 0.000 claims description 7
- 230000002159 abnormal effect Effects 0.000 claims description 6
- 238000013139 quantization Methods 0.000 claims description 6
- 238000012937 correction Methods 0.000 claims description 5
- 238000004891 communication Methods 0.000 claims description 4
- 238000000034 method Methods 0.000 claims description 4
- 238000004088 simulation Methods 0.000 claims description 3
- 238000000605 extraction Methods 0.000 claims description 2
- 238000013461 design Methods 0.000 description 8
- 238000011161 development Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000007794 visualization technique Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/22—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Business, Economics & Management (AREA)
- General Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- Economics (AREA)
- Computer Hardware Design (AREA)
- Marketing (AREA)
- General Physics & Mathematics (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Theoretical Computer Science (AREA)
- Water Supply & Treatment (AREA)
- Public Health (AREA)
- Medical Informatics (AREA)
- Human Computer Interaction (AREA)
- Small-Scale Networks (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to the field of information security of a power system, in particular to an attack path visualization system in the power system, which comprises: the visual model building module is used for building a visual three-dimensional model of the electric power system based on the construction drawing of the electric power system; the malicious attack behavior monitoring module is used for realizing the identification and quantification of malicious attack behaviors; the malicious attack path positioning module is used for positioning the malicious attack behavior path; and the visualization module is used for calling the corresponding attack path dynamic simulation icon mark to the power system visualization three-dimensional model according to the identification result, the quantification result and the positioning result of the malicious behavior path to realize the visualization of the attack path.
Description
Technical Field
The invention relates to the field of information security of a power system, in particular to an attack path visualization system in the power system.
Background
The power system provides important support for national economic development while ensuring daily life of people, and the power grid is an important component of the power system. The rapid development of electrical grids presents a number of safety risks and challenges. At present, in a power grid scene, a digital (such as current real-time flow) mode is generally adopted for feedback of power grid attack behaviors, management personnel is required to manually acquire and analyze relevant parameters, a comprehensive and effective network attack visualization method is not available, and the complete analysis of an attack occurrence process by the management personnel is not facilitated.
Disclosure of Invention
In order to solve the problems, the invention provides an attack path visualization system in a power system, which can realize the identification, quantification, positioning and visual display of malicious attack behaviors.
In order to realize the purpose, the invention adopts the technical scheme that:
an attack path visualization system inside a power system, comprising:
the visual model building module is used for building a visual three-dimensional model of the electric power system based on the construction drawing of the electric power system;
the malicious attack behavior monitoring module is used for realizing the identification and quantification of malicious attack behaviors;
the malicious attack path positioning module is used for positioning the malicious attack behavior path;
and the visualization module is used for calling the corresponding attack path dynamic simulation icon mark to the power system visualization three-dimensional model according to the identification result, the quantification result and the positioning result of the malicious behavior path to realize the visualization of the attack path.
As a further design of the scheme, when the real-time flow of the power system falls into a preset abnormal threshold value, the malicious attack behavior monitoring module is started, the type of the malicious attack behavior is identified based on the wireless deep neural network model, and then the malicious attack behavior is quantized by extracting the characteristic parameters of the malicious attack behavior.
As a further design of the scheme, the malicious attack path positioning module is used for positioning the coordinates of the node where the malicious attack action occurs, and the coordinates of the node where the malicious attack action occurs include the coordinates of the node where the malicious attack path occurs and the coordinates of the attack node.
As a further design of the scheme, an attack path dynamic simulation icon is configured for each malicious attack behavior, when the malicious attack behavior occurs, the attack path dynamic simulation icon automatically completes the correction of the shape, and then the attack path dynamic simulation icon is filled in a position corresponding to a visual three-dimensional model of the power system to realize the simulation of the malicious attack behavior.
As a further design of the scheme, an icon actuation module for driving the attack path dynamic simulation icon to work is loaded in the visualization module, and the icon actuation module has an association relation with the malicious attack behavior monitoring module and the malicious attack path positioning module.
As a further design of the scheme, each attack path dynamic simulation icon is provided with a virtual parameter module for displaying the quantification result of the malicious attack behavior.
As a further design of the scheme, the wireless deep neural network model further comprises a GSM communication module, which is started when the real-time flow of the power system falls into a preset abnormal threshold and the wireless deep neural network model identifies the corresponding malicious attack behavior type, and sends the feature data of the current malicious attack path, the sending node coordinate, the attack node coordinate and the corresponding real-time flow to the user to remind the user of artificially completing the identification of the malicious attack behavior.
As a further design of this solution, the method further includes:
the model fine-tuning module is used for realizing fine tuning of the wireless deep network model according to the result of the artificial malicious behavior recognition and the real-time flow;
and the quantization algorithm configuration module is used for realizing the configuration of the quantization algorithm based on the result of the artificial malicious behavior identification and the characteristic data of the malicious attack path.
The invention can realize the identification, quantification, positioning and visual display of the malicious attack behavior, and is beneficial to the process of completely analyzing the attack behavior by managers.
The invention can avoid the monitoring blind area of malicious behaviors as much as possible and provides guarantee for the safe operation of the power system.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
fig. 1 is a system block diagram of an attack path visualization system in an electric power system according to embodiment 1 of the present invention;
fig. 2 is a system block diagram of an attack path visualization system in an electric power system according to embodiment 2 of the present invention.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the invention, but are not intended to limit the invention in any way. It should be noted that variations and modifications can be made by persons skilled in the art without departing from the spirit of the invention. All falling within the scope of the present invention.
Example 1
As shown in fig. 1, an attack path visualization system inside a power system includes: the visual model building module is used for building a visual three-dimensional model of the electric power system based on the construction drawing of the electric power system; specifically, a three-dimensional model with a certain size proportion is completely the same as an actually constructed power system in structure and is marked with parameters of corresponding models, sizes and the like on each power device, power line and electronic element of the three-dimensional model in a hyperlink mode, so that the power system visual three-dimensional model is obtained; the malicious attack behavior monitoring module is used for realizing the identification and quantification of malicious attack behaviors; specifically, when the real-time flow of the power system falls into a preset abnormal threshold, the malicious attack behavior monitoring module is started, the type of the malicious attack behavior is identified based on the wireless deep neural network model, and then quantification of the malicious attack behavior is achieved through extraction of characteristic parameters of the malicious attack behavior.
The malicious attack path positioning module is used for positioning the malicious attack behavior path; specifically, the malicious attack path positioning module is used for positioning a malicious attack behavior generation node coordinate, wherein the generation node coordinate comprises a sending node coordinate of a malicious attack path and an attack node coordinate; and the visualization module is used for calling the corresponding attack path dynamic simulation icon mark to the power system visualization three-dimensional model according to the recognition result, the quantification result and the positioning result of the malicious behavior path to realize the visualization of the attack path.
In the embodiment, an attack path dynamic simulation icon is configured for each malicious attack behavior, when the malicious attack behavior occurs, the attack path dynamic simulation icon automatically completes the correction of the shape (the correction is performed by taking a sending node coordinate capable of connecting the malicious attack path and an attack node coordinate as targets), and then the correction is filled in a position corresponding to a visual three-dimensional model of the power system to realize the simulation of the malicious attack behavior; and each attack path dynamic simulation icon is provided with a virtual parameter module for displaying the quantitative result of the malicious attack behavior.
In this embodiment, an icon actuation module for driving the attack path to dynamically simulate the icon to work is loaded in the visualization module, and the icon actuation module has an association relationship with the malicious attack behavior monitoring module and the malicious attack path positioning module.
Example 2
In order to adapt to malicious attack behaviors which may not be in the record, the scheme further designs that:
and the GSM communication module is started when the real-time flow of the power system falls into a preset abnormal threshold value and the wireless deep neural network model identifies the corresponding malicious attack behavior type, and sends the characteristic data of the current malicious attack path, the sending node coordinate, the attack node coordinate and the corresponding real-time flow to the user to remind the user of artificially finishing the identification of the malicious attack behavior.
The model fine-tuning module is used for realizing fine tuning of the wireless deep network model according to the result of the artificial malicious behavior recognition and the real-time flow;
and the quantization algorithm configuration module is used for realizing the configuration of the quantization algorithm based on the result of the artificial malicious behavior identification and the characteristic data of the malicious attack path.
In order to avoid the situation that a user cannot find the malicious attack behavior in time when the malicious attack behavior occurs, the GSM communication module starts early warning once when the attack path dynamic simulation icon is called once, and the user is reminded of processing the malicious attack behavior in time.
The foregoing description of specific embodiments of the present invention has been presented. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes and modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention.
Claims (8)
1. An attack path visualization system inside a power system, characterized in that: the method comprises the following steps:
the visual model building module is used for building a visual three-dimensional model of the electric power system based on the construction drawing of the electric power system;
the malicious attack behavior monitoring module is used for realizing the identification and quantification of malicious attack behaviors;
the malicious attack path positioning module is used for positioning the malicious attack behavior path;
and the visualization module is used for calling the corresponding attack path dynamic simulation icon mark to the power system visualization three-dimensional model according to the identification result, the quantification result and the positioning result of the malicious behavior path to realize the visualization of the attack path.
2. The system for visualizing the attack path inside a power system according to claim 1, wherein: when the real-time flow of the power system falls into a preset abnormal threshold value, the malicious attack behavior monitoring module is started, the type of the malicious attack behavior is identified based on the wireless deep neural network model, and then the quantification of the malicious attack behavior is realized through the extraction of the characteristic parameters of the malicious attack behavior.
3. The system for visualizing the attack path inside a power system according to claim 1, wherein: and the malicious attack path positioning module is used for positioning the coordinates of the node where the malicious attack action occurs, wherein the coordinates of the node where the malicious attack action occurs comprise the coordinates of the node where the malicious attack path occurs and the coordinates of the attack node.
4. The system for visualizing the attack path inside a power system as set forth in claim 1, wherein: and configuring an attack path dynamic simulation icon for each malicious attack behavior, wherein when the malicious attack behavior occurs, the attack path dynamic simulation icon automatically completes the correction of the shape, and then is filled in the position corresponding to the visualized three-dimensional model of the power system to realize the simulation of the malicious attack behavior.
5. The system for visualizing the attack path inside a power system as set forth in claim 1, wherein: an icon actuation module used for driving the attack path dynamic simulation icon to work is loaded in the visualization module, and the icon actuation module has an association relation with the malicious attack behavior monitoring module and the malicious attack path positioning module.
6. The system for visualizing the attack path inside a power system as set forth in claim 1, wherein: each attack path dynamic simulation icon is provided with a virtual parameter module used for displaying the quantification result of the malicious attack behavior.
7. The system for visualizing the attack path inside a power system as set forth in claim 1, wherein: the system is characterized by further comprising a GSM communication module which is started when the real-time flow of the power system falls into a preset abnormal threshold and the wireless deep neural network model identifies the corresponding malicious attack behavior type, and sends the feature data of the current malicious attack path, the sending node coordinate, the attack node coordinate and the corresponding real-time flow to a user to remind the user of artificially finishing the identification of the malicious attack behavior.
8. The system for visualizing the attack path inside a power system as set forth in claim 1, wherein: further comprising:
the model fine-tuning module is used for realizing fine tuning of the wireless deep network model according to the result of artificial malicious behavior recognition and real-time flow;
and the quantization algorithm configuration module is used for realizing the configuration of the quantization algorithm based on the result of the artificial malicious behavior identification and the characteristic data of the malicious attack path.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210413686.1A CN115001740B (en) | 2022-04-20 | 2022-04-20 | Attack path visualization system in power system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210413686.1A CN115001740B (en) | 2022-04-20 | 2022-04-20 | Attack path visualization system in power system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115001740A true CN115001740A (en) | 2022-09-02 |
| CN115001740B CN115001740B (en) | 2023-08-15 |
Family
ID=83026031
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210413686.1A Active CN115001740B (en) | 2022-04-20 | 2022-04-20 | Attack path visualization system in power system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115001740B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109670584A (en) * | 2018-12-27 | 2019-04-23 | 张婧 | A kind of fault diagnosis method and system based on big data |
| CN112395335A (en) * | 2020-12-23 | 2021-02-23 | 河南应用技术职业学院 | Hadoop-based power transmission network node data analysis system and method |
| CN112953966A (en) * | 2021-03-20 | 2021-06-11 | 中原工学院 | Computer network safety intrusion detection system |
| CN113572787A (en) * | 2021-08-05 | 2021-10-29 | 信阳农林学院 | Computer network intelligent monitoring system |
-
2022
- 2022-04-20 CN CN202210413686.1A patent/CN115001740B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109670584A (en) * | 2018-12-27 | 2019-04-23 | 张婧 | A kind of fault diagnosis method and system based on big data |
| CN112395335A (en) * | 2020-12-23 | 2021-02-23 | 河南应用技术职业学院 | Hadoop-based power transmission network node data analysis system and method |
| CN112953966A (en) * | 2021-03-20 | 2021-06-11 | 中原工学院 | Computer network safety intrusion detection system |
| CN113572787A (en) * | 2021-08-05 | 2021-10-29 | 信阳农林学院 | Computer network intelligent monitoring system |
Non-Patent Citations (2)
| Title |
|---|
| MING-XI WANG, YANG QU: "Approximation capabilities of neural networks on unbounded domains", 《NEURAL NETWORKS》 * |
| 马天男: "基于大数据的电网覆冰灾害预测与风险管理研究", 《中国优秀硕士学位论文全文数据库(电子期刊) 工程科技Ⅱ辑》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115001740B (en) | 2023-08-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114003771A (en) | Special operation field abnormity early warning analysis system and method based on Internet of things | |
| CN112347916B (en) | Video image analysis-based power field operation safety monitoring method and device | |
| CN112507945B (en) | Method and device for managing and controlling behavior of operator, electronic equipment and storage medium | |
| CN116090605A (en) | Pipe network early warning method and device, electronic equipment and storage medium | |
| CN112364008A (en) | Equipment portrait construction method for intelligent terminal of power internet of things | |
| CN111860187A (en) | High-precision worn mask identification method and system | |
| CN113744890A (en) | Reworking and production-resuming analysis method, system and storage medium | |
| CN115001740A (en) | Attack path visualization system inside power system | |
| CN116505738B (en) | Control method and system for energy-saving consumption-reducing power supply | |
| CN110647086B (en) | Intelligent operation and maintenance monitoring system based on operation big data analysis | |
| CN108107807A (en) | A kind of remote automation electrical control equipment | |
| WO2024001253A1 (en) | Fault detection method and apparatus for air conditioner, air conditioner and electronic device | |
| CN111308217A (en) | Method and device for intelligently monitoring grounding resistance, storage medium and computer equipment | |
| CN113359519B (en) | Experiment table | |
| CN115457211A (en) | Transformer substation management method and system based on digital twins | |
| CN115238428A (en) | Transformer substation secondary drawing visual editing digital configuration device, method and application | |
| CN209373599U (en) | Engineering construction scene hidden troubles removing efficient identification instrument | |
| CN113297979A (en) | Method and device for identifying heating state of power transmission wire connector | |
| CN113835950A (en) | Interface display stuck identification method and device, storage medium and electronic equipment | |
| CN110704508A (en) | Intelligent production line abnormal data processing method and device | |
| CN112560146A (en) | BIM-based power grid data operation and maintenance method, device, equipment and storage medium | |
| CN111310644A (en) | Intelligent identification method and device for types and working states of electrical appliances | |
| CN111814996A (en) | Data processing method based on BIM and related device | |
| CN114913172B (en) | Method, system, equipment and medium for identifying manufacturing risk of cable middle head | |
| CN114546703B (en) | File handle monitoring and leakage analysis method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20231115 Address after: 132012 No. 169, Changchun Road, Jilin, Jilin Patentee after: NORTHEAST DIANLI University Patentee after: State Grid Zhejiang Electric Power Co., Ltd. Hangzhou Linping District Power Supply Co. Address before: 132012 No. 169, Changchun Road, Jilin, Jilin Patentee before: NORTHEAST DIANLI University |