CN115473716A - Power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification - Google Patents
Power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification Download PDFInfo
- Publication number
- CN115473716A CN115473716A CN202211077381.4A CN202211077381A CN115473716A CN 115473716 A CN115473716 A CN 115473716A CN 202211077381 A CN202211077381 A CN 202211077381A CN 115473716 A CN115473716 A CN 115473716A
- Authority
- CN
- China
- Prior art keywords
- signal
- channel
- electrical characteristic
- fingerprint
- characteristic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H02—GENERATION; CONVERSION OR DISTRIBUTION OF ELECTRIC POWER
- H02J—CIRCUIT ARRANGEMENTS OR SYSTEMS FOR SUPPLYING OR DISTRIBUTING ELECTRIC POWER; SYSTEMS FOR STORING ELECTRIC ENERGY
- H02J13/00—Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the network; Circuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network
- H02J13/00002—Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the network; Circuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network characterised by monitoring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Collating Specific Patterns (AREA)
Abstract
The invention provides a power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification. The power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification comprises the following steps: the system comprises a physical channel signal acquisition module, a weak signal noise reduction extraction and fingerprint construction module and a silence monitoring equipment detection module; the physical channel signal acquisition module acquires characteristic signal data reflecting the electrical characteristic change of a communication network channel by deploying special data receiving equipment and is used for constructing a channel electrical characteristic fingerprint of the communication network. The power grid monitoring equipment detection method based on the channel electrical characteristic fingerprint identification can effectively realize the detection of the physical access of the silent equipment, can quickly detect and accurately identify illegal access equipment of the smart power grid, and further can improve the information safety level of infrastructure of the smart power grid.
Description
Technical Field
The invention belongs to the technical field of power grid monitoring equipment detection based on channel electrical characteristic fingerprint identification, and particularly relates to a power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification.
Background
The method detects illegal access equipment in the power grid, reduces damage of attacks to a system, is very important in the field of intelligent power grid safety, and aims at the problems of detection and identification of the illegal access equipment in a communication network, two main solutions are provided at present: (1) Identifying devices with abnormal behavior using intrusion detection techniques; (2) Identifying the legal identity of the equipment by using an identity identification technology;
the silent monitoring device, an illegal device accessed in a field bus communication network sharing a communication medium, can acquire system information by monitoring message transmission on a communication line, but does not actively send any message outwards, cannot detect according to an intrusion detection method, and needs to use an identity identification technology.
The fingerprint identification technology can be combined with the differentiation characteristics of communication equipment to construct a fingerprint information base to realize the identification and detection of equipment identity, and is divided into an active identification method and a passive identification method, the information of authenticated equipment is actively collected in modes of actively sending messages and the like, the information of the authenticated equipment is analyzed and extracted in modes of monitoring communication flow and the like, and in the research of the passive equipment fingerprint identification method, the current method for constructing the equipment fingerprint is mainly divided into the method based on the hardware difference of the equipment and the time characteristic;
the existing research method has the following defects when applied to the smart grid: (1) Because the communication behaviors of the silent monitoring equipment and the disguised response equipment are highly hidden, the existing intrusion detection technology based on the basic statistical characteristics of message content and flow has poor performance when detecting the illegal access equipment. (2) Due to the fact that communication and computing resources of the smart grid terminal device are limited, the identity identification method based on the encryption authentication technology has large limitations in the aspects of safety performance, use scenes and the like.
Therefore, there is a need to provide a new method for detecting a grid monitoring device based on channel electrical characteristic fingerprinting to solve the above technical problems.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification, which can effectively realize the detection of the physical access of the silencing equipment, can quickly detect and accurately identify illegal access equipment of a smart power grid, and further can improve the information security level of infrastructure of the smart power grid.
In order to solve the technical problem, the power grid monitoring equipment detection method based on the channel electrical characteristic fingerprint identification provided by the invention comprises the following steps: the system comprises a physical channel signal acquisition module, a weak signal noise reduction extraction and fingerprint construction module and a silence monitoring equipment detection module;
the physical channel signal acquisition module acquires characteristic signal data reflecting the electrical characteristic change of a communication network channel by deploying special data receiving equipment and is used for constructing a channel electrical characteristic fingerprint of the communication network;
the weak signal denoising, extracting and fingerprint constructing module extracts weak characteristic signal variation by a sequence correlation detection method by using time correlation of characteristic signals and known input signals, and constructs a channel electrical characteristic fingerprint of the smart grid communication network;
the silence monitoring equipment detection module is used for constructing a fingerprint sequence by utilizing the extracted electrical characteristic fingerprint of the channel, analyzing abnormal deviation of system characteristics by adopting an accumulation and control chart method in an industrial control system, and further detecting whether the silence equipment is accessed to a network.
As a further scheme of the present invention, the physical channel signal acquisition module specifically includes:
(1) At a sampling time period [ T, T + Δ T ]]In the case of a known voltage input signal x (t)/a periodic request message sent by an upper computer, the received signal y is subjected to m (t) sampling and storing, as a signature of the physical signal of the communication network, the differential voltage signal received at the device m is as follows:
y′ m (t)=ρ′ m ·x(t) (1)
wherein ρ' m After the silence monitoring device is implanted on behalf of an attacker, the signal reception coefficient of the device m, at this time, the feature signal variation on the device m may be expressed as follows:
δ m (t)=y′ m (t)-y(t)=(ρ′ m -ρ m )·x(t) (2)。
as a further aspect of the present invention, the Δ T is a signal sampling duration.
As a further scheme of the present invention, the weak signal denoising extracting and fingerprint constructing module specifically includes:
(1) In an actual RS845 communication network, channel noise exists on a signal transmission line due to device component thermal noise, power supply power fluctuation, and the like, and the amplitude of the change amount of the characteristic signal to be detected is much smaller than the signal amplitude of the channel noise, and will be submerged by the channel noise, so that it is necessary to perform noise reduction and extraction on a weak characteristic signal, and after considering the channel noise of the system, the change amount of the characteristic signal received at the detection device m is as follows:
σ m (t)=δ m (t)+ω(t)=(ρ′ m -ρ m )·x(t)+ω(t) (3)
where ω (t) represents the noise component detected at the device m, and the variance δ of the characteristic signal can be found by the mathematical model described in equation (3) m (t) is linearly related to the input signal x (t), while the channel noise and the input signal are independent of each other;
considering the certainty of the variation of the characteristic signal and the randomness of the channel noise signal, the method of signal correlation detection is used to eliminate the influence of the noise signal on the process of extracting the variation of the characteristic signal, and the input signal x (t) and the variation sigma of the characteristic signal are known m (t) performing a cross-correlation operation to obtain the following:
uncorrelated by x (t) and ω (t), and when the sampled samples of the signal are sufficient, there is R xω (t, t- τ) =0, then:
R xσ (t,t-τ)=(ρ′ m -ρ m )R xx (t,t-τ) (5)
thus, R xσ The calculation result of (t, t-tau) is not affected by the noise of the system channel basically, and the result of the cross-correlation operation with the time delay tau =0 is taken as R (t) = R xσ (t, t), ideally, the topology and impedance characteristics of the network do not change (ρ 'when the device is newly accessed' m -ρ m ) R (t) =0;
after new access device (ρ' m ≠ρ m ) And R (t) ≠ 0, so that R (t) can be taken as the channel electrical characteristic fingerprint of the communication network to characterize the characteristic network topology and impedance characteristic of the system.
As a further scheme of the present invention, the silence listener device detecting module specifically includes:
(1) Let us assume that the channel electrical characteristic fingerprint sequence R is obtained by means of correlation detection within a sampling period [0, Δ T ], [ Δ T,2 Δ T ] 0 ,R 1 ,R 2 ,...,R q Wherein R is i The = R (i Δ T) represents the channel electrical characteristic fingerprint collected in the time period [ i Δ T, (i + 1) Δ T), and the allowable deviation of the channel electrical characteristic fingerprint can be determined by detecting the channel electrical characteristic fingerprint in a normal stateI.e. without equipment accessIn the condition of (1) always haveAt this time, the control upper limit is obtained according to the following formulaAnd lower control limit
Wherein the initial valueRepresenting the cumulative sum of the positive values and the cumulative sum,which represents the cumulative sum of the negative values,andsetting the detection threshold value as epsilon when the probability of the fingerprint of the electrical characteristic of the channel deviating is largerAnd judging that the electrical characteristic fingerprint of the channel is obviously deviated, and possibly, the impedance distribution of the topology of the communication network is changed due to the access of the silencing equipment.
Compared with the related technology, the power grid monitoring equipment detection method based on the channel electrical characteristic fingerprint identification has the following beneficial effects:
1. the invention can effectively realize the detection of the physical access of the silent equipment, and on the practical application level, an enhanced network intrusion detection system is developed on the existing intelligent power grid communication simulation experiment platform, thereby realizing the rapid detection and accurate identification of the illegal access equipment of the intelligent power grid and improving the information security level of the infrastructure of the intelligent power grid.
Drawings
To facilitate understanding for those skilled in the art, the present invention will be further described with reference to the accompanying drawings.
FIG. 1 is a schematic view of the present invention;
fig. 2 is a schematic diagram of the principle of the present invention.
Detailed Description
Please refer to fig. 1 and fig. 2 in combination, wherein fig. 1 is a schematic diagram of the present invention; fig. 2 is a schematic diagram of the present invention. The method for detecting the power grid monitoring equipment based on the channel electrical characteristic fingerprint identification comprises the following steps: the system comprises a physical channel signal acquisition module, a weak signal noise reduction extraction and fingerprint construction module and a silence monitoring equipment detection module;
the physical channel signal acquisition module acquires characteristic signal data reflecting the electrical characteristic change of a communication network channel by deploying special data receiving equipment and is used for constructing a channel electrical characteristic fingerprint of the communication network;
the weak signal noise reduction extraction and fingerprint construction module is used for extracting weak characteristic signal variation by a sequence correlation detection method by utilizing the time correlation of characteristic signals and known input signals and constructing a channel electrical characteristic fingerprint of the smart grid communication network;
the silence monitoring equipment detection module is used for constructing a fingerprint sequence by utilizing the extracted channel electrical characteristic fingerprint, analyzing abnormal deviation of system characteristics by adopting an accumulation and control chart method in an industrial control system, and further detecting whether silence equipment is accessed to a network.
The physical channel signal acquisition module specifically comprises the following modules:
(1) At a sampling time period [ T, T + Δ T ]]In the known voltage input signal x (t)/up positionIn the case of periodic request messages sent by a machine, the received signal y is evaluated m (t) sampling and storing, as characteristic signals of the physical signals of the communication network, the differential voltage signals received at the device m are as follows:
y′ m (t)=ρ′ m ·x(t) (1)
wherein, ρ' m After the silence monitoring device is implanted on behalf of an attacker, the signal reception coefficient of the device m, at this time, the characteristic signal variation on the device m may be expressed as follows:
δ m (t)=y′ m (t)-y(t)=(ρ′ m -ρ m )·x(t) (2)。
the Δ T is the signal sampling duration.
The weak signal denoising, extracting and fingerprint constructing module specifically comprises the following steps:
(1) In an actual RS845 communication network, channel noise caused by thermal noise of device elements, power fluctuation, and the like exists on a signal transmission line, and the amplitude of the change amount of the characteristic signal to be detected is much smaller than the signal amplitude of the channel noise, and will be submerged by the channel noise, so that it is necessary to perform noise reduction and extraction on a weak characteristic signal, and after considering the channel noise of the system, the change amount of the characteristic signal received at the detection device m is as follows:
σ m (t)=δ m (t)+ω(t)=(ρ′ m -ρ m )·x(t)+ω(t) (3)
where ω (t) represents the noise component detected at the device m, and the characteristic signal variation δ is obtained by the mathematical model described in equation (3) m (t) is linearly related to the input signal x (t), while the channel noise and the input signal are independent of each other;
considering the certainty of the variation of the characteristic signal and the randomness of the channel noise signal, the method of signal correlation detection is used to eliminate the influence of the noise signal on the process of extracting the variation of the characteristic signal, and the input signal x (t) and the variation sigma of the characteristic signal are known m (t) performing a cross-correlation operation to obtain the following:
uncorrelated by x (t) and ω (t), and when the sampled samples of the signal are sufficient, there is R xω (t, t- τ) =0, then:
R xσ (t,t-τ)=(ρ′ m -ρ m )R xx (t,t-τ) (5)
thus, R xσ The calculation result of (t, t-tau) is not affected by the noise of the system channel basically, and the result of the cross-correlation operation with the time delay tau =0 is taken as R (t) = R xσ (t, t), ideally, the topology and impedance characteristics of the network do not change (ρ 'when the device is newly accessed' m -ρ m ) R (t) =0;
after new access device (ρ' m ≠ρ m ) And R (t) ≠ 0, so that R (t) can be taken as the channel electrical characteristic fingerprint of the communication network to characterize the characteristic network topology and impedance characteristic of the system.
The silence monitoring device detection module specifically comprises the following modules:
(1) Assume that the channel electrical characteristic fingerprint sequence R is obtained by a correlation detection method within a sampling period [0, Δ T ], [ Δ T,2 Δ T ], [ q Δ T, (q + 1) Δ T) ] 0 ,R 1 ,R 2 ,...,R q Wherein R is i The = R (i Δ T) represents the channel electrical characteristic fingerprint collected in the time period [ i Δ T, (i + 1) Δ T), and the allowable deviation of the channel electrical characteristic fingerprint can be determined by detecting the channel electrical characteristic fingerprint in a normal stateI.e. constantly having no equipment accessAt this time, the control upper limit is obtained according to the following formulaAnd lower control limit
Wherein the initial valueRepresenting the cumulative sum of the positive values and the cumulative sum,which represents the cumulative sum of the negative values,andsetting the detection threshold value as epsilon when the probability of the fingerprint of the electrical characteristic of the channel deviating is largerAnd judging that the electrical characteristic fingerprint of the channel is obviously deviated, and possibly, the impedance distribution of the topology of the communication network is changed due to the access of the silencing equipment.
Aiming at the difficulty that the silent monitoring equipment in the smart grid does not have any interactive behavior after being accessed into the network, so that the silent monitoring equipment is difficult to detect by a flow characteristic analysis method, the fingerprint identification technology is combined to expand and enhance the current mainstream intrusion detection system framework, a more complete theoretical method system of the smart grid illegal access equipment detection technology is constructed, and the information security level of the smart grid infrastructure is improved;
extracting a channel electrical characteristic fingerprint which can represent the change of electrical parameters of a communication network from the weak received signal variable quantity by using a sequence correlation detection technology, and further amplifying the variable quantity of the fingerprint by using a CUSUM (compute unified device architecture) method so as to identify the access behavior of the silent monitoring equipment;
the analysis of the digital signal domain (content and statistical characteristics of network traffic) is shifted to the analysis of the analog signal domain (electrical signals of physical channels) to solve the behavioral characteristic modeling and detection difficulties of the silent listening devices.
The change of the electrical characteristics of the communication network channel caused by the access of the silent monitoring equipment is analyzed, the characteristic capable of reflecting the change is selected from the change, and the channel electrical characteristic fingerprint of the communication network is constructed, so that the physical access behavior of the silent monitoring equipment can be effectively detected, the illegal access equipment can be effectively detected in time in various use scenes, the huge hidden danger caused by the safe operation of the smart grid can be eliminated, the safe and reliable operation of the infrastructure of the smart grid can be guaranteed, and the method has great significance for maintaining social stability, high production efficiency and national safety.
The detection of the physical access of the silent equipment can be effectively realized. On the aspect of practical application, an enhanced network intrusion detection system is developed on an existing intelligent power grid communication simulation experiment platform, so that the illegal access equipment of the intelligent power grid can be quickly detected and accurately identified, and the information security level of the infrastructure of the intelligent power grid is improved.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments, or a direct or indirect use of these embodiments, without departing from the principles and spirit of the invention, the scope of which is defined in the claims and their equivalents, which are to be included in the scope of the invention as defined in the claims.
Claims (5)
1. A power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification is characterized by comprising the following steps:
the system comprises a physical channel signal acquisition module, a weak signal noise reduction extraction and fingerprint construction module and a silence monitoring equipment detection module;
the physical channel signal acquisition module acquires characteristic signal data reflecting the electrical characteristic change of a communication network channel by deploying special data receiving equipment and is used for constructing a channel electrical characteristic fingerprint of the communication network;
the weak signal denoising, extracting and fingerprint constructing module extracts weak characteristic signal variation by a sequence correlation detection method by using time correlation of characteristic signals and known input signals, and constructs a channel electrical characteristic fingerprint of the smart grid communication network;
the silence monitoring equipment detection module is used for constructing a fingerprint sequence by utilizing the extracted electrical characteristic fingerprint of the channel, analyzing abnormal deviation of system characteristics by adopting an accumulation and control chart method in an industrial control system, and further detecting whether the silence equipment is accessed to a network.
2. The method for detecting the power grid monitoring equipment based on the channel electrical characteristic fingerprint identification as claimed in claim 1, wherein the method comprises the following steps: the physical channel signal acquisition module specifically comprises the following modules:
(1) At a sampling time period [ T, T + Δ T ]]In the case of a known voltage input signal x (t)/a periodic request message sent by an upper computer, the received signal y is subjected to m (t) sampling and storing, as characteristic signals of the physical signals of the communication network, the differential voltage signals received at the device m are as follows:
y′ m (t)=ρ′ m ·x(t) (1)
wherein ρ' m After the silence monitoring device is implanted on behalf of an attacker, the signal reception coefficient of the device m, at this time, the feature signal variation on the device m may be expressed as follows:
δ m (t)=y′ m (t)-y(t)=(ρ′ m -ρ m )·x(t) (2)。
3. the method for detecting the electric network monitoring equipment based on the channel electrical characteristic fingerprint identification as claimed in claim 2, wherein: the Δ T is the signal sampling duration.
4. The method for detecting the electric network monitoring equipment based on the channel electrical characteristic fingerprint identification as claimed in claim 1, wherein: the weak signal denoising, extracting and fingerprint constructing module specifically comprises the following steps:
(1) In an actual RS845 communication network, channel noise exists on a signal transmission line due to device component thermal noise, power supply power fluctuation, and the like, and the amplitude of the change amount of the characteristic signal to be detected is much smaller than the signal amplitude of the channel noise, and will be submerged by the channel noise, so that it is necessary to perform noise reduction and extraction on a weak characteristic signal, and after considering the channel noise of the system, the change amount of the characteristic signal received at the detection device m is as follows:
σ m (t)=δ m (t)+ω(t)=(ρ′ m -ρ m )·x(t)+ω(t) (3)
where ω (t) represents the noise component detected at the device m, and the characteristic signal variation δ is obtained by the mathematical model described in equation (3) m (t) is linearly related to the input signal x (t), while the channel noise and the input signal are independent of each other;
considering the certainty of the variation of the characteristic signal and the randomness of the channel noise signal, the method of signal correlation detection is used to eliminate the influence of the noise signal on the process of extracting the variation of the characteristic signal, and the input signal x (t) and the variation sigma of the characteristic signal are known m (t) performing a cross-correlation operation to obtain the following:
uncorrelated by x (t) and ω (t), and when the sampled samples of the signal are sufficient, there is R xω (t, t- τ) =0, then:
R xσ (t,t-τ)=(ρ′ m -ρ m )R xx (t,t-τ) (5)
thus, R xσ The calculation result of (t, t-tau) is basically not influenced by system channel noise, and the time delay tau is takenThe result of the cross-correlation operation of =0 is R (t) = R xσ (t, t), ideally, the topology and impedance characteristics of the network do not change (ρ 'when the device is newly accessed' m -ρ m ) R (t) =0;
after new access device (ρ' m ≠ρ m ) And R (t) ≠ 0, so that R (t) can be taken as the channel electrical characteristic fingerprint of the communication network to characterize the characteristic network topology and impedance characteristic of the system.
5. The method for detecting the electric network monitoring equipment based on the channel electrical characteristic fingerprint identification as claimed in claim 1, wherein: the silence monitoring device detection module specifically comprises the following steps:
(1) Assume that the channel electrical characteristic fingerprint sequence R is obtained by a correlation detection method within a sampling period [0, Δ T ], [ Δ T,2 Δ T ], [ q Δ T, (q + 1) Δ T) ] 0 ,R 1 ,R 2 ,...,R q Wherein R is i = R (i Delta T) represents the channel electrical characteristic fingerprint collected in the time period [ i Delta T, (i + 1) Delta T), and the allowable deviation amount of the channel electrical characteristic fingerprint can be determined by detecting the channel electrical characteristic fingerprint in a normal stateI.e. constantly having no equipment accessAt this time, the control upper limit is obtained according to the following formulaAnd lower control limit
Wherein the initial value Representing the cumulative sum of the positive values and the cumulative sum,which represents the cumulative sum of the negative values,andsetting the detection threshold value as epsilon when the probability of the fingerprint of the electrical characteristic of the channel deviating is largerAnd judging that the electrical characteristic fingerprint of the channel is obviously deviated, and possibly, the impedance distribution of the topology of the communication network is changed due to the access of the silencing equipment.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211077381.4A CN115473716A (en) | 2022-09-05 | 2022-09-05 | Power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211077381.4A CN115473716A (en) | 2022-09-05 | 2022-09-05 | Power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115473716A true CN115473716A (en) | 2022-12-13 |
Family
ID=84368971
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211077381.4A Pending CN115473716A (en) | 2022-09-05 | 2022-09-05 | Power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115473716A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117857225A (en) * | 2024-03-07 | 2024-04-09 | 国网江西省电力有限公司电力科学研究院 | Identity authentication system and method for new energy power station acquisition terminal |
-
2022
- 2022-09-05 CN CN202211077381.4A patent/CN115473716A/en active Pending
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117857225A (en) * | 2024-03-07 | 2024-04-09 | 国网江西省电力有限公司电力科学研究院 | Identity authentication system and method for new energy power station acquisition terminal |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Qin et al. | DDoS attack detection using flow entropy and clustering technique | |
Sun et al. | Honeypot identification in softwarized industrial cyber–physical systems | |
CN107046468B (en) | Physical layer authentication threshold determination method and system | |
KR101375813B1 (en) | Active security sensing device and method for intrusion detection and audit of digital substation | |
Niu et al. | Identifying APT malware domain based on mobile DNS logging | |
Stan et al. | Intrusion detection system for the MIL-STD-1553 communication bus | |
Song et al. | Enhancing Packet‐Level Wi‐Fi Device Authentication Protocol Leveraging Channel State Information | |
Zhou et al. | Design of a robust RF fingerprint generation and classification scheme for practical device identification | |
CN115473716A (en) | Power grid monitoring equipment detection method based on channel electrical characteristic fingerprint identification | |
Fei et al. | The abnormal detection for network traffic of power iot based on device portrait | |
Guo et al. | Survey of mobile device authentication methods based on RF fingerprint | |
CN111031006A (en) | Intelligent power grid communication anomaly detection method based on network flow | |
Stiawan et al. | Ping flood attack pattern recognition using a K-means algorithm in an Internet of Things (IoT) network | |
Bassey et al. | Device authentication codes based on RF fingerprinting using deep learning | |
Lin et al. | Improving wireless network security based on radio fingerprinting | |
CN115865526A (en) | Industrial internet security detection method and system based on cloud edge cooperation | |
Ho | Covert channel establishment through the dynamic adaptation of the sequential probability ratio test to sensor data in IoT | |
Lee et al. | AI-based network security enhancement for 5G industrial internet of things environments | |
CN112464209A (en) | Fingerprint authentication method and device for power terminal | |
CN117131490A (en) | Power distribution network wireless terminal equipment identity authentication method based on equipment hardware fingerprint | |
Ross et al. | Physical-layer discrimination of power line communications | |
CN113542222B (en) | Zero-day multi-step threat identification method based on dual-domain VAE | |
CN112469034B (en) | Internet of things gateway device capable of safely authenticating physical sensing equipment and access method thereof | |
CN112996001A (en) | Physical layer secure communication method based on radio frequency fingerprint image scrambling | |
Yin et al. | P2P botnet detection based on association between common network behaviors and host behaviors |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |