Power terminal vulnerability attack detection method based on message features

Abstract

The invention discloses a power terminal loophole attack detection method based on message features, and belongs to the technical field of intelligent power grid terminal equipment safety. The methodcomprises the following steps: S01, acquiring communication message data between power terminal equipment and a master station, and classifying the communication message data of the power terminal equipment in a normal working state and an attacked state into a positive sample and a negative sample; s02, performing feature extraction on the positive sample and the negative sample, and forming a sample feature vector; s03, based on the sample feature vector, selecting a classifier to perform deep neural network training, and generating a vulnerability attack detection model; s04, collecting real-time communication message data between the power terminal equipment and the main station in work; s05, performing feature extraction on the real-time communication message data, and forming a detection feature vector; and S06, inputting the detection feature vector into a vulnerability attack detection model to detect whether the power terminal is attacked or not and the attack type. Accordingto the method, the power terminal equipment is subjected to safety monitoring from a network layer, and the power grid safety is improved.

Description

technical field [0001] The invention belongs to the technical field of smart grid terminal equipment security, and in particular relates to a message feature-based power terminal vulnerability attack detection method. Background technique [0002] The safety and reliability of the power terminal equipment in the power grid is fundamental to the stable operation of the power system. There are a large number of power terminal equipment in the smart grid business system, such as RTU (remote terminal unit), DTU (data terminal unit), FTU (feeder terminal unit), and smart meters. Power terminals affect the production process of power through monitoring, control and protection, and play a vital role in the process of "power generation" - "transformation" - "transmission" - "distribution" of power production. For example, the RTU can affect the power production by opening and closing the current line, and at the same time monitor the voltage and current of the current line to prote...

AI Technical Summary

Problems solved by technology

[0007] Although the existing smart grid security protection system can resist some information attacks, under the double influence of the intelligent and interactive development of the power system and the evolution of network attack technology, the security of the smart grid is facing new challenges. More and more Attack Trojans are concealed, latent, and highly destructive. Once the virus invades the smart grid system, it will have a huge impact on the normal production of the smart grid. Strengthening the security performance of the smart grid is particularly important in the production process of the grid.

Images