Network security anomaly detection method and device, storage medium and computing equipment
An anomaly detection and network security technology, applied in the field of information security, can solve problems that affect power system security, cannot meet user needs well, and detection is difficult, and achieve the effect of ensuring security
Pending Publication Date: 2022-04-01
STATE GRID ELECTRIC POWER RES INST +3
View PDF0 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
[0002] The security of the edge devices of the power Internet of Things affects the security of the power system. Facing the diversity and novelty of network attacks, detection is difficult and costly
[0003] At present, the network security protection of IoT devices is mainly to improve the network security of IoT devices by placing IoT devices on an isolated network or enhancing the complexity of passwords. However, these methods will affect the user experience and cannot satisfy User needs
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0038] The present invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.
[0039] The present invention provides a network security anomaly detection method, comprising:
[0040] Monitor the static binary files under the critical path of the power Internet of Things edge device system, and generate abnormal alarms according to the change information of the static binary files, and monitor the real-time behavior information of the device process, compare it with the local behavior baseline set, and generate abnormal results abnormal alarm;
[0041] Compare the monitored static binary file and the process file corresponding to the device process with the local trusted software base, and upload the abnormal static binary file to the server for cloud scanning and killing;...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a network security anomaly detection method and device, a storage medium and computing equipment. According to the method, an acquisition probe is adopted to acquire software static fingerprint information and process dynamic behavior information of electric power Internet of Things edge equipment to construct a trusted software base and a behavior baseline; the behavior information of the process is compared with a local behavior baseline model, the behavior deviation degree is calculated, and therefore safety abnormity is found; comparing the changed binary file under the critical path and a process file corresponding to the new process with a trusted software base, and uploading the binary file which is abnormal in comparison to a server for cloud searching and killing; and the user carries out manual study and judgment on the abnormal alarm, and disposes the abnormity or updates the trusted software base and the behavior baseline according to the result. According to the method, the credible software base and the behavior base line are constructed, changes including software static fingerprint information and process dynamic behaviors exceeding the standard are monitored, the abnormal behaviors of the power internet of things edge equipment can be recognized, and the safety of the equipment is guaranteed.
Description
technical field [0001] The invention relates to the technical field of information security, in particular to a network security anomaly detection method, device, storage medium and computing equipment. Background technique [0002] The security of the edge devices of the power Internet of Things affects the security of the power system. Facing the diversity and novelty of network attacks, detection is difficult and costly. [0003] At present, the network security protection of IoT devices is mainly to improve the network security of IoT devices by placing IoT devices on an isolated network or enhancing the complexity of passwords. However, these methods will affect the user experience and cannot satisfy User needs. Contents of the invention [0004] The purpose of the present invention is to provide a network security anomaly detection method, device, storage medium and computing equipment for the edge equipment of the electric power Internet of things, which can detect...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More IPC IPC(8): H04L9/40H04L41/06G16Y10/35G16Y40/10G16Y40/50
CPCY04S40/20
Inventor 吴超魏兴慎杨维永张勃朱世顺刘苇陈连栋曹永健马增洲高鹏赵林丛张浩天葛国栋
Owner STATE GRID ELECTRIC POWER RES INST