摘要
针对现有方法无法达到预期检测效果的问题,提出基于时间序列的电源设备通信异常检测方法。先利用流量采集装置捕获电源设备通信中的NetFlow报文信息,构建电源设备通信时间序列图,描述电源设备通信行为的多个时间序列的相互关系,然后通过挖掘时间序列图,计算出电源设备的通信异常系数,识别并检测电源设备的通信异常行为。实验结果表明,设计方法的平均百分比误差在1%以内,召回率在95%以上,电源设备的通信异常检测效果较好。
Aiming at the problem that the existing methods can not achieve the expected detection effect,a time series-based communication anomaly detection method for power equipment is proposed.First,the NetFlow message information in the communication of the power device is captured by the traffic acquisition device,and the communication time series diagram of the power device is constructed to describe the relationship between multiple time series of the communication behavior of the power device.Then,the abnormal coefficient of the communication of the power device is calculated by mining the time series diagram,and the abnormal communication behavior of the power device is identified and detected.The experimental results show that the average percentage error of the design method is less than 1%,the recall rate is more than 95%,and the communication anomaly detection effect of power equipment is good.
作者
赵爱勤
ZHAO Aiqin(Luoyang Institute of Electro-Optical Equipment,AVIC,Luoyang 471000,China)
出处
《通信电源技术》
2023年第22期150-152,共3页
Telecom Power Technology
关键词
时间序列
电源设备
通信异常
NetFlow报文
time series
power supply equipment
communication abnormality
NetFlow message
