Relay protection information processing system attack behavior monitoring method and device

A technology of information processing system and relay protection device, applied in circuit devices, safety communication devices, transmission systems, etc., to achieve the effect of improving safety

Pending Publication Date: 2022-07-29
HUNAN UNIV
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The technical problem to be solved by the present invention is to provide an attack behavior monitoring method and device for a relay protection information processing system to effectively solve the problem that the existing detection method cannot perform attack behavior on the application layer for relay protection system services Limitation of detection, improve the safety and reliability of relay protection information processing system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Relay protection information processing system attack behavior monitoring method and device
  • Relay protection information processing system attack behavior monitoring method and device
  • Relay protection information processing system attack behavior monitoring method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0057] figure 1 The flow chart of the method for monitoring the attack behavior of the relay protection information processing system provided by the embodiment of the present invention, the specific implementation steps are as follows:

[0058] Step S1: capturing the relay protection information processing system traffic data packets in real time, and extracting the application layer message of the current frame traffic data;

[0059] Step S2: perform field-level analysis on the message according to the IEC 60870-5-103 protocol, obtain the specific value of the message length field, type identifier, transmission reason, information serial number, and clock characteristics, and determine the system service to which the message belongs;

[0060] Step S3: Perform clock tampering attack detection on the packet parsed in step S2, if the clock range, clock logic, clock synchronization, and clock delay of the packet do not conform to normal clock characteristics, it is determined th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a relay protection information processing system attack behavior monitoring method and device, and the method comprises the steps: carrying out the application layer message extraction of the traffic data of a relay protection information processing system captured in real time, and carrying out the analysis according to an IEC 60870-5-103 protocol. And secondly, carrying out clock tampering attack detection on the message. And then abnormal message attack detection is carried out on the message format according to protocol requirements. And finally, establishing a normal behavior model of various system services, and carrying out application layer attack behavior detection on the system flow data according to the normal behavior model. According to the method, the defects that an existing relay protection information processing system attack behavior detection method focuses on data analysis of a relay protection device measurement point and lacks attack behavior detection for a flow data application layer message are overcome, and the accuracy of relay protection information processing system attack behavior detection is improved.

Description

technical field [0001] The invention relates to the technical field of power system information security, in particular to a method and device for monitoring attack behavior of a relay protection information processing system. Background technique [0002] With the continuous improvement of the level of substation automation and dispatching automation, the informatization and intelligence of the power system are gradually enhanced. The relay protection information processing system composed of relay protection device, safety automatic device and fault recorder has become an important part of the power system. The relay protection information processing system can collect the action information and operating status information of the relay protection device in real time, and conduct automatic and in-depth analysis of the action information of the protection device, so as to assist the power dispatcher to quickly judge the protection action behavior, perform fault location, an...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H02J13/00H04L9/40
CPCH02J13/00002H02J13/00006H02J13/00028H02J13/00032H02J13/0004H04L63/1408
Inventor 刘绚王文博张博宋宇飞于宗超
Owner HUNAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap