+高级检索
首页 > 过刊浏览>2021年第44卷第7期 >64-74. DOI:10.11835/j.issn.1000-582X.2021.07.007
PDF HTML阅读 XML下载 导出引用 引用提醒
面向智能变电站的威胁与风险评价模型研究与实现
作者:
中图分类号:

TN914

基金项目:

国网四川省电力公司科技资助项目(52199717001P);国网四川省电力公司电力科学研究院项目(SGSCDK00XTJS1800093)。


Research and development of threat and risk evaluation model for smart substation
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [32]
    • |
  • 相似文献 [20]
    • |
  • 引证文献
    • | |
  • 文章评论
    摘要:

    针对传统入侵检测系统在资源受限的工业网络中部署时效率和稳定性表现不足的问题,首先提出了面向智能变电站的入侵检测系统,以及工业设备安全风险评估方法,建立了针对智能变电站结构的威胁风险评价模型,引入基于灰色模型的网络脆弱性节点主动预测方法用以平衡威胁来源的权重;其次提出基于信息安全三维度风险值计算算法,引入模糊一致判断矩阵进行风险值参数计算,最终实现可以直观判断攻击对系统的影响范围和程度的风险评价。通过相关实验,系统在部署环境中满足被动性、低负荷、实时性以及可靠性要求的同时,能够有效地检测工业网络面临的入侵威胁。

    Abstract:

    Due to the lack of efficiency and stability in the deployment of traditional intrusion detection systems in resource-limited industrial equipment, an intrusion detection system for intelligent substations was proposed to supplement the evaluation model of industrial equipment security risks. The system used a gray model-based network vulnerability node active prediction method to balance the weight of threat sources in the established threats and risk assessment model. A risk value calculation algorithm based on the three-dimensionality of information security is proposed. The algorithm used a fuzzy consistent judgment matrix to calculate the risk value parameters. Therefore, a risk evaluation that can intuitively determine the scope and extent of the attack on the system was completed. Through relevant experiments, the system can effectively detect intrusion attacks and have good performance while satisfying the passive, low load, real-time and reliability in the deployment environment.

    参考文献
    [1] Gaddam R, Nandhini M. An analysis of various snort based techniques to detect and prevent intrusions in networks proposal with code refactoring snort tool in Kali Linux environment[C]//2017 International Conference on Inventive Communication and Computational Technologies (ICICCT). March 10-11, 2017. Coimbatore, India. IEEE, 2017:10-15.
    [2] 肖静. 基于IEC 61850规约的智能变电站在线监测系统设计[J]. 自动化应用, 2015(9):107-108. Xiao J. Design of intelligent substation online monitoring system based on IEC 61850[J]. Automation Application, 2015(9):107-108. (in Chinese)
    [3] Kimura S, Rotta A, Abboud R, et al. Applying IEC 61850 to real life:modernization project for 30 electrical substations[C]//Proceedings of the 10th Annual Western Power Delivery Automation Conference. Spokane:WA, 2008:1-18.
    [4] Janssen M C, Apostolov A. IEC 61850 impact on substation design[C]//2008 IEEE/PES Transmission and Distribution Conference and Exposition. April 21-24, 2008, Chicago, IL, USA. IEEE, 2008:1-7.
    [5] 王明俊. 智能电网热点问题探讨[J]. 电网技术, 2009, 33(18):9-16. Wang M J. Some highlights in relation to smart grid[J]. Power System Technology, 2009, 33(18):9-16. (in Chinese)
    [6] 刘昊昱, 左群业, 张保善. 智能变电站过程层网络性能测试与分析[J]. 电力系统保护与控制, 2012, 40(18):112-116. Liu H Y, Zuo Q Y, Zhang B S. Process level network performance testing and analysis in smart substation[J]. Power System Protection and Control, 2012, 40(18):112-116. (in Chinese)
    [7] 刘姗梅, 王胜, 柴继文, 等. 智能变电站安全脆弱性评估方法[J]. 重庆大学学报, 2017, 40(7):52-62. Liu S M, Wang S, Chai J W, et al. The assessment method of cyber-security vulnerability for smart substation[J]. Journal of Chongqing University, 2017, 40(7):52-62. (in Chinese)
    [8] 焦建林, 韩盟, 刘少波. SCD图形化技术在网络报文记录分析装置中的应用[J]. 华北电力技术, 2016(4):28-32. Jiao J L, Han M, Liu S B. Application of SCD graphic technology in message recording and analysis device[J]. North China Electric Power, 2016(4):28-32. (in Chinese)
    [9] Rashid M T A, Yussof S, Yusoff Y, et al. A review of security attacks on IEC61850 substation automation system network[C]//Proceedings of the 6th International Conference on Information Technology and Multimedia. November 18-20, 2014, Putrajaya, Malaysia. IEEE, 2014:5-10.
    [10] 王松, 陆承宇. 数字化变电站继电保护的GOOSE网络方案[J]. 电力系统自动化, 2009, 33(3):51-54,103. Wang S, Lu C Y. A GOOSE network scheme for relay protection in digitized substations[J]. Automation of Electric Power Systems, 2009, 33(3):51-54,103. (in Chinese)
    [11] Sidhu T S, Gangadharan P K. Control and automation of power system substation using IEC61850 communication[C]//Proceedings of 2005 IEEE Conference on Control Applications, 2005. CCA 2005. August 28-31, 2005, Toronto, Canada:IEEE, 2005:1331-1336.
    [12] Baker W H, Wallace L. Is information security under control?:investigating quality in information security management[J]. IEEE Security & Privacy, 2007, 5(1):36-44.
    [13] Grinstein U M F G G, Wierse A. Information visualization in data mining and knowledge discovery[M]. US:Morgan Kaufmann, 2002.
    [14] 王志勇. 基于k近邻密度峰值聚类混合算法的网络入侵检测[J]. 自动化技术与应用, 2019, 38(12):48-52. Wang Z Y. Network intrusion detection based on K nearest neighbor density peak clustering hybrid algorithm[J]. Techniques of Automation and Applications, 2019, 38(12):48-52. (in Chinese)
    [15] 张玲, 张建伟, 桑永宣, 等. 基于随机森林与人工免疫的入侵检测算法[J]. 计算机工程, 2020, 46(8):146-152. Zhang L, Zhang J W, Sang Y X, et al. Intrusion detection algorithm based on random forest and artificial immunity[J]. Computer Engineering, 2020, 46(8):146-152. (in Chinese)
    [16] 池亚平, 凌志婷, 王志强, 等. 基于支持向量机与Adaboost的入侵检测系统[J]. 计算机工程, 2019, 45(10):183-188,202. Chi Y P, Ling Z T, Wang Z Q, et al. Intrusion detection system based on support vector machine and adaboost[J]. Computer Engineering, 2019, 45(10):183-188,202. (in Chinese)
    [17] 王丽媛, 李晓风, 李玉洁, 等. 基于系统调用的交互式入侵检测系统设计与实现[J]. 仪表技术, 2020(3):1-5,11. Wang L Y, Li X F, Li Y J, et al. Design and implementation of interactive intrusion detection system based on the system call[J]. Instrumentation Technology, 2020(3):1-5,11. (in Chinese)
    [18] 张泽, 樊江伟, 周南. 基于MEA-LVQ的网络态势预测模型[J]. 信息安全研究, 2020, 6(6):499-505. Zhang Z, Fan J W, Zhou N. Network situation prediction model based on MEA-LVQ[J]. Journal of Information Security Research, 2020, 6(6):499-505. (in Chinese)
    [19] 李渤, 徐伟光, 张涛. 基于攻击面的通用系统安全统一建模研究[J]. 信息系统工程, 2019(1):18-20. Li B, Xu W G, Zhang T. Research on universal system security unified modeling based on attack surface[J]. Information Systems Engineering, 2019(1):18-20.
    [20] 赵凯, 辛阳, 杨义先, 等. 下一代网络安全脆弱性分析及威胁模型的建立[C]//第十一届全国青年通信学术会议论文集. 绵阳, 2006:664-668. Zhao K, Xin Y, Yang Y X, et al. Vulnerability analysis and threat model establishment of next generation network security[C]//Proceedings of the 11th National Youth Communication Academic Conference. China, Mianyang:Beijing University of Posts and Telecommunications Press, 2006:664-668.
    [21] 谭大礼, 王明政, 王璇. 面向服务的信息安全威胁分析模型[J]. 信息安全与通信保密, 2011, 9(9):97-99,104. Tan D L, Wang M Z, Wang X. Service-oriented threat analysis model for information security[J]. Information Security and Communications Privacy, 2011, 9(9):97-99,104. (in Chinese)
    [22] 王赛娥, 刘彩霞, 刘树新, 等. 一种基于攻击树的4G网络安全风险评估方法[J]. 计算机工程, 2021, 47(3):139-146,154. Wang S E, Liu C X, Liu S X, et al. A method of 4G network security risk assessment based on attack tree[J]. Computer Engineering, 2021, 47(3):139-146,154. (in Chinese)
    [23] 王皓然, 严彬元. 依赖小波神经网络算法的信息安全风险评估方法[J]. 信息技术, 2018, 42(12):93-96. Wang H R, Yan B Y. Information security risk assessment method based on wavelet neural network algorithm[J]. Information Technology, 2018, 42(12):93-96. (in Chinese)
    [24] 郭威, 邬江兴, 张帆, 等. 基于自动机理论的网络攻防模型与安全性能分析[J]. 信息安全学报, 2016, 1(4):29-39. Guo W, Wu J X, Zhang F, et al. A cyberspace attack and defense model with security performance analysis based on automata theory[J]. Journal of Cyber Security, 2016, 1(4):29-39. (in Chinese)
    [25] 赵志岩, 纪小默. 智能化网络安全威胁感知融合模型研究[J]. 信息网络安全, 2020, 20(4):87-93. Zhao Z Y, Ji X M. Research on the intelligent fusion model of network security situation awareness[J]. Netinfo Security, 2020, 20(4):87-93. (in Chinese)
    [26] Tawde R, Nivangune A, Sankhe M. Cyber security in smart grid SCADA automation systems[C]//2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS). March 19-20, 2015, Coimbatore, India:IEEE, 2015:1-5.
    [27] Yang Y, Jiang H T, McLaughlin K, et al. Cybersecurity test-bed for IEC 61850 based smart substations[C]//2015 IEEE Power & Energy Society General Meeting. July 26-30, 2015, Denver, CO, USA:IEEE, 2015:1-5.
    [28] Drias Z, Serhrouchni A, Vogel O. Analysis of cyber security for industrial control systems[C]//2015 International Conference on Cyber Security of Smart Cities, Industrial Control System and Communications (SSIC). August 5-7, 2015, Shanghai, China:IEEE, 2015:1-8.
    [29] 中华人民共和国国家质量监督检验检疫总局, 中国国家标准化管理委员会. 中华人民共和国推荐性国家标准:工业通信网络, 网络和系统安全, 系统安全要求和安全等级GB/T 35673-2017[S]. 北京:中国标准出版社. General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China. National standard (recommended) of the People's Republic of China:industrial communication networks, network and system security, system security requirements and security levels. GB/T 35673-2017[S]. Beijing:Standards Press of China. (in Chinese)
    [30] 胡昌振, 吕坤, 高程昕. 基于灰色模型的网络脆弱性节点的主动预测方法:CN109040027A[P]. 2018-12-18. Hu C Z, Lv K, Gao C X. Active prediction method of network vulnerability nodes based on grey model:CN109040027A[P]. 2018-12-18. (in Chinese)
    [31] 何明亮, 陈泽茂, 龙小东. 一种基于层次分析法的攻击树模型改进[J]. 计算机应用研究, 2016, 33(12):3755-3758. He M L, Chen Z M, Long X D. Improvement of attack tree model based on analytic hierarchy process[J]. Application Research of Computers, 2016, 33(12):3755-3758. (in Chinese)
    [32] 陶余会, 刘家才, 张吉军. 如何构造模糊层次分析法中模糊一致判断矩阵[C]//中国系统工程学会第12届年会论文集. 北京:海洋出版社,2002:460-464.Tao Y H, Liu J C, Zhang J J. How to construct fuzzy consistent judgment matrix in fuzzy analytic hierarchy process[C]//Proceedings of the 12th annual meeting of Chinese Society for Systems Engineering. Beijing:China Ocean Press, 2002:460-464. (in Chinese)
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

刘元生,王胜,白云鹏,夏晓峰.面向智能变电站的威胁与风险评价模型研究与实现[J].重庆大学学报,2021,44(7):64-74.

复制
分享
文章指标
  • 点击次数:440
  • 下载次数: 957
  • HTML阅读次数: 959
  • 引用次数: 0
历史
  • 收稿日期:2021-02-12
  • 在线发布日期: 2021-07-28
文章二维码
您是第11747267 位访问者
主管单位:中华人民共和国教育部
主办单位:重庆大学
地址:重庆市沙坪坝正街174号
电话:
重庆大学学报 ® 2025 版权所有