Intelligent power grid communication anomaly detection method based on network flow

Abstract

The invention discloses a network flow-based intelligent power grid communication anomaly detection method. The method comprises the steps of S1 network flow fragmentation: dividing each network flowat a fixed interval, forming a fragment after each division, and taking network flow feature extraction and analysis detection units as network flow fragments; S2 network flow feature extraction and preprocessing: carrying out feature extraction on 'client-server' and 'server-client' flows respectively, and carrying out normalization operation on the extracted network flow features; and S3 model construction and detection: constructing a clustering anomaly detection model by adopting an unsupervised clustering method, and performing model detection. According to the method, time dimension statistical information is newly added; more attacks which cannot be detected by a traditional method can be detected; deep analysis does not need to be carried out on messages; a proprietary protocol andan encryption protocol can be detected; an accurate model can be rapidly and efficiently constructed through a density clustering method; and noise points in training data can be well processed.

Description

technical field [0001] The invention belongs to the technical field of smart grids, and in particular relates to an abnormality detection technology of network communication. Background technique [0002] In the past few decades, the emergence of smart grids has greatly improved the efficiency of power grids in power generation, transmission, and distribution. Residents have become increasingly convenient to use electricity and pay electricity bills. In the process of networking, the original physical isolation has been broken, and the number of access points that can be invaded by malicious attackers has increased. The power grid is facing more and more network security threats, and it has also become one of the hidden dangers of national security to a certain extent. Globally, attacks on smart grids are increasing year by year, causing huge losses to society, economy and finance every year. Taking the Ukrainian power grid as an example, on December 23, 2015, it was attacke...

AI Technical Summary

Problems solved by technology

[0002] In the past few decades, the emergence of smart grids has greatly improved the efficiency of power grids in power generation, transmission, and distribution. Residents have become increasingly convenient to use electricity and pay electricity bills. In the process of networking, the original physical isolation is broken, and the number of access points that can be invaded by malicious attackers increases. The power grid is facing more and more network security threats, and it has also become one of the hidden dangers of national security to a certain extent.

Globally, attacks on smart grids are increasing year by year, causing huge losses to society, economy and finance every year. Taking the Ukrainian power grid as an example, on December 23, 2015, it was attacked by hackers. There were 7 110KV and 23 35KV power grids in the power grid. The substation was cut off for 3 hours, and the remote control function was blocked due to denial-of-service attacks and authority seizures by hackers, and grid engineers could only restore power supply by manually closing the switch

This attack caused huge economic losses, and at the same time exposed many security loopholes and hidden dangers of the current smart grid, such as the lack of identification and two-way security verification mechanism, the lack of abnormal monitoring and active defense devices, etc.

[0003] With the continuous improvement of the information level of the smart grid, the corresponding network security threats are increasing. The existing anomaly monitoring and defense methods mainly include access control lists such as blacklists and whitelists, and grid state estimation, etc., which cannot detect , Resist current targeted and covert cyber attacks of various scales

Images