计算机科学 ›› 2025, Vol. 52 ›› Issue (11A): 241200158-7.doi: 10.11896/jsjkx.241200158
李晓耕1, 韩校1, 肖海怡2
LI Xiaogeng1, HAN Xiao1, XIAO Haiyi2
摘要: 电力监控系统是确保电力稳定供应的核心基础设施,当前电力监控系统网络空间客体安全防御手段大多基于固定策略,往往缺少对当前系统环境与安全事件的针对性,且执行这种防御策略也会对系统业务的正常运行产生较大影响。为解决此问题,提出了一种网络空间客体协同防御方法。首先,针对网络威胁阻断,使用IP溯源技术对攻击路径进行重绘,考虑节点与受攻击客体在攻击路径中的跳数以及节点处的网络流量,构造适应度函数,基于改进遗传算法思想确定最优阻断位置;其次,根据网络空间客体类型,制定网络空间客体分类防御策略,引入防御动作关联度计算模型,确定具体的防御动作。仿真实验证明,所提出的网络空间客体协同防御方法在防御动作选取与执行、防御效果等方面均有显著优势,可最大程度降低防御动作对系统正常业务的影响。
中图分类号:
| [1]ZHOU Q X et al.Detection resource allocation scheme for two-layer cooperative IDSs in smartgrids[J].Journal of Parallel and Distributed Computing,2021,147:236-247. [2]SARASWATHI S.Enforcing a source-end cooperative multil-evel defense mechanism to counter floodingattack[J].Computer Systems Science and Engineering,2023,44(1):67-79. [3]LI L X,ZHANG B,WU H M,et al.A novel network proactive defense model:anomaly driven dynamic cooperative defense model[C]//IOP Conference Series:Materials Science and Engineering.2018. [4]FANRONG W et al.Substation area joint defensive protection strategy based on distributed cooperative all-in-onedevice[J].Journal of Modern Power Systems and Clean Energy,2016,4(3):467-477. [5]HONG Q Z,ZI W,WEI L,et al.A method of conflict detectionfor cooperative defense strategy in power industrial control system[J].International Conference on Advanced Cloud and Big Data,2020. [6]CAI X P.Research on information-physical collaborativedefence methods for power system cyber attacks[D].Najjing:Southeast University,2021. [7]LI W,HE H.Design and implementation of a multi-level backup automatic blocking system for source-network-load interaction[J].Computer Applications and Software,2020,37(9):302-309,333. [8]XIAO Y X,MU T,QIN Z Y,et al.Exploration of water resources network security collaborative defence system based on software defined security[J].Pearl River,2023,44(2):122-128,133. [9]TAN S S.Design and implementation of an attack blocking system for virtual-real networks[D].Beijing:Beijing University of Posts and Telecommunications,2015. [10]WANG Z,WANG Z H,HAN Y,et al.Research on multi-layercollaborativedefence model for power system network security[J].Computer Engineering,2021,47(12):131-140. [11]SONG L,FAN Y,LIU M,et al.State estimation method of a new energy power system based on SC-DNN and multi-source datafusion[J].Power System Protection and Control,2023,51:177-187. [12]LIU J Q,W R.An overview of new information transmission methods for powersystems[J].Journal of Northeast Dianli University,2024,44(4):1-8,76. [13]ZHANG D,ZHANG Y,ZANG X X.Anomalous Intrusion Detection Method for Surveillance Video Based on Self-Organising Mathematical Models[J].Journal of Northeast Dianli University,2022,42(4):63-69. [14]HAN Y,WANG Y,CAO Y,et al.A novel wrapped feature selection framework for developing power system intrusion detection based on machine learning methods[J].IEEE Transactions on Systems,Man,and Cybernetics:Systems,2023,53(11):7066-7076. [15]YAN B,JIANG Z,YAO P,et al.Game Theory based optimaldefensive resources allocation with incomplete information in cyber-physical power systems against false data injection attacks[J].Protection and Control of Modern Power Systems,2024,9(2):115-127. [16]LIU C,ZHU H,ZHOU M,et al.Phase shiftingtransformer-based mitigation strategy for load redistribution attacks in po-wer system optimal power flow[J].IEEE Transactions on Smart Grid,2024,15(5):5127-5138. [17]CHANG Z,WU J,LIANG H,et al.A review of power system false data attack detection technology based on bigdata[J].Information,2024,15(8):439. [18]ABDELKADER S,AMISSAH J,KINGA S,et al.Securing mod-ern power systems:implementing comprehensive strategies to enhance resilience and reliability against cyber-attacks[J].Results in Engineering,2024:102647. [19]ZHANG S,YANG Y,ZHOU Z,et al.DIBAD:A disentangled information bottleneck adversarial defense method using Hilbert-Schmidt independence criterion for spectrum security[J].IEEE Transactions on Information Forensics and Security,2024,19:3879-3891. |
|
||
首页