Electric power information network security measuring method based on security log data mining

Abstract

The invention provides an electric power information network security measuring method based on security log data mining. The electric power information network security measuring method comprises the steps of defining a security index measurement model parameter and a measurement standard; acquiring electric power information network heterogeneous security events, normalizing the security events by means of an extensible security event standard format which is defined based on a template, and buffering the security events, thereby forming standard security events; in mass standard security events, grouping the security events according to a dimension parameter Di, extracting a parameter which reflect network safety operation condition according to an index parameter Vk, and obtaining a real-time network security index data model; dynamically updating the network security index data baseline model according to fitting between the network security index historical data and the network security index real-time data; calculating a network security measurement index; and obtaining a network abnormity position through the network security measurement index. The electric power information network security measuring method settles the technical problems such as low accuracy, low efficiency and no effective facility for performing security problem positioning in prior art.

Description

Technical field [0001] The invention belongs to the technical field of information security, and in particular relates to a security log data [0002] The mining power information network security measurement method. Background technique [0003] The power system is an important infrastructure for the national economy and people’s lives. The safety of its network and application system is the guarantee of the safe operation of the power system and the reliable power supply to the society. It is directly related to the development of various industries in our country, the stability of the society and the lives of the people. Level. The main goal of power system security protection is to prevent key business information system data or information from being stolen or tampered with, to prevent malicious infiltration or monitoring of the network, to ensure that there are no grid accidents and large-scale power outages caused by information security, and to realize information security...

AI Technical Summary

Problems solved by technology

[0006] The technical problem to be solved by the present invention is to provide a power information network security measurement method based on security log data mining to solve the problem that in the prior art, the power information network security measurement is implemented by personnel, and the accuracy of the measurement often depends on human resources. The technical ability, practical experience, understanding of relevant standards, etc., have low accuracy and low efficiency. Under the complex security measurement index system, when abnormalities are found in the overall network indicators, there is no effective means to assist managers to conduct security inspections. Troubleshooting and other technical issues

Images