摘要
随着"大云物移"等新技术在电力系统的应用和智能电网的发展,电力工控侧的信息安全问题更加突出。文章从网络协议指纹分析、基于指纹的协议识别、网络流量实时分析与预警三个方面对电网工控系统流量进行深入研究。研究结果表明,可以通过在调度数据网中建立工控网络指纹库对流量进行实时分析,及时发现各类安全隐患,提升电网工控系统安全防护水平。
With the application of new technologies such as"big data,cloud computing,internet of things,mobile internet"in power system and the development of smart grid,the information security problem of power industrial control side is more prominent.The traffic of industrial control system in power grid is studied from three aspects:network protocol fingerprint analysis,fingerprint-based protocol identification,network traffic real-time analysis and early warning.The research results show that the real-time analysis of traffic can be carried out by setting up fingerprint database of industrial control network in dispatching data network,so as to discover all kinds of potential safety hazards in time and improve the safety protection level of industrial control system of power grid.
作者
叶水勇
YE Shuiyong(State Grid Anhui Electric Power Co.,Ltd.,Huangshan Power Supply Company,Huangshan 245000,China)
出处
《黑龙江电力》
CAS
2020年第1期84-89,94,共7页
Heilongjiang Electric Power
关键词
网络指纹
协议识别
安全风险
工控系统
网络流量
network fingerprint
protocol identification
security risk
industrial control system
network traffic
