摘要
为了有效解决网络安全隐患问题,提出一种基于Hurst指数方差分析的堡垒机攻击检测方法。优先提取堡垒机攻击信号的Hurst指数,同时构建近似仿真Lorenz混沌含噪信号,通过Hurst指数方差分析方法中的小波系数方差对信号分解,分析噪声方差在不同层小波系数上的分布规律,确定小波系数对应层的阈值系数,完成堡垒机攻击信号去噪处理。然后通过聚类和样本相似度区间的方式将训练样本集划分为多个子集,将全部训练子集分别输入到SVDD模型中,同时训练分类器决策边界,实现堡垒机攻击检测。最终经过大量实验测试证明,所提方法可以准确检测堡垒机攻击。
In order to effectively solve the hidden danger of network security, a detection method of bastion machine attack based on Hurst exponential variance analysis is proposed. First extract the Hurst exponent of the attack signal of the fortress machine, and at the same time construct an approximate simulation Lorenz chaotic noisy signal, decompose the signal through the variance of the wavelet coefficient in the Hurst exponent variance analysis method, analyze the distribution law of the noise variance on the wavelet coefficients of different layers, and determine the wavelet The coefficient corresponds to the threshold coefficient of the layer to complete the denoising process of the bastion machine attack signal. Then, the training sample set is divided into multiple subsets by means of clustering and sample similarity interval, and all the training subsets are input into the SVDD model respectively, and the classifier decision boundary is trained at the same time to realize the bastion machine attack detection. Finally, after a large number of experimental tests, it is proved that the proposed method can accurately detect the bastion machine attack.
作者
林志达
张华兵
曹小明
周英耀
LIN Zhida;ZHANG Huabing;CAO Xiaoming;ZHOU Yingyao(Digitization Department Of China Southern Power Grid Co.,Ltd,Guangzhou,510663,China;Platform Security Branch Of China Southern Power Grid Digital Power Grid Research Institute Co.,Ltd,Guangzhou 511365,China)
出处
《自动化与仪器仪表》
2022年第11期60-63,68,共5页
Automation & Instrumentation
基金
南方电网有限责任公司项目(20214785454)。
