电气工程学报 ›› 2021, Vol. 16 ›› Issue (3): 192-198.doi: 10.11985/2021.03.026

• 电工理论与新技术 • 上一篇    

扫码分享

基于非扫描漏洞探测的输电信息安全防御研究

靳晓琪()   

  1. 中国南方电网有限责任公司超高压输电公司 广州 510670
  • 收稿日期:2020-09-02 修回日期:2021-03-22 出版日期:2021-09-25 发布日期:2021-10-29
  • 作者简介:靳晓琪,男,1991年生。主要研究方向为漏洞研究与管理、网络安全攻防技术。E-mail: yuran20592764@163.com

Research on Transmission Information Security Defense Based on Non Scanning Vulnerability Detection

JIN Xiaoqi()   

  1. EHV Power Transmission Company of China Southern Power Grid, Guangzhou 510670
  • Received:2020-09-02 Revised:2021-03-22 Online:2021-09-25 Published:2021-10-29

摘要:

传统方法在进行输电信息安全防御时,未进行输电信息特征量训练学习,导致信息安全防御效果不理想。为此,引入非扫描漏洞探测技术,对输电信息安全防御进行优化。在特定时间里,执行程序获取程序执行事件序列,完成基于信息聚合的输电信息的动态特征提取;采用TF-IDF算法实现动态样本特征集的特征向量化,将特征量输入机器学习模型,通过Text-CNN、Logistic和随机森林等算法对提取的动态特征进行训练学习,获取漏洞探测结果;针对探测出的安全漏洞产生的安全问题,采用线路检测终端的安全防御、安全存储和安全隔离三个方面实现输电信息安全防御。试验验证该方法准确探测电网漏洞,且对输电信息安全防御效果较好。

关键词: 非扫描漏洞探测, 输电信息, 安全漏洞, TF-IDF算法

Abstract:

The traditional method does not conduct the training and learning of the characteristics of the transmission information when conducting the transmission information security defense, which leads to the unsatisfactory effect of the information security defense. To this end, non-scanning vulnerability detection technology is introduced to optimize transmission information security defense. In a specific time, the execution program obtains the program execution event sequence, completes the dynamic feature extraction of the transmission information based on information aggregation; uses the TF-IDF algorithm to realize the feature vectorization of the dynamic sample feature set, and the feature quantity is input into the machine learning model through Text-CNN, Logistic, and random forest algorithms train and learn the extracted dynamic features to obtain the vulnerability detection results; for the security problems caused by the detected security vulnerabilities, the security defense, secure storage and security isolation of the line detection terminal are implemented transmission information security defense. Experiments verify that this method accurately detects power grid loopholes and has a good effect on transmission information security defense.

Key words: Non-scanning detection, power transmission information, security holes, TF-IDF algorithm

中图分类号: