摘要
为了实现针对智能变电站系统的网络入侵检测,文章提出一种智能变电站系统网络报文分析方法与异常检测方法。利用智能变电站系统网络封闭性的特点,建立系统内部网络规则,实时捕获网络报文并与建立规则进行比对分析,发现网络中的异常行为。在实验室环境中模拟恶意攻击行为,验证了本文提出方法的合理性和有效性。
To implement the network intrusion detection for intelligent substation automation system,this paper presents an intelligent substation automation system network packet analysis and anomaly detection method.Based on the relatively closed features of intelligent substation automation system,the internal network rules of substation automation system are established.By comparison,the real-time captured network packets and established rules are analyzed,potential network abnormal behavior can be found.Simulating malicious behaviors in the lab environment has verified the rationality and effectiveness of the proposed method.
出处
《电力信息与通信技术》
2017年第2期54-58,共5页
Electric Power Information and Communication Technology
关键词
电力工控系统
智能变电站
报文分析
网络安全
power industry control system
intelligent substation
packet analysis
network security