###
DOI:
电力大数据:2020,23(01):-
←前一篇   |   后一篇→
本文二维码信息
基于集中器SIM卡状态分析的异常检测
董重重1, 夏水斌1, 孙秉宇1, 何欢1, 王吁2, 王先培2
(1.国网湖北省电力有限公司计量中心;2.武汉大学 电子信息学院)
Intrusion detection based on SIM card behavior analysis in concentrator
Dong Chongchong1, Xia Shuibin1, Sun Bingyu1, He Huan1, Wang Xu2, Wang Xianpei2
(1.State Grid Hubei Corporation Maintenance Company;2.Electronic Information School of Wuhan University)
摘要
图/表
参考文献
相似文献
本文已被:浏览 466次   下载 4
投稿时间:2019-07-25    修订日期:2019-10-17
中文摘要: 针对用电信息采集系统非法入侵问题,提出了基于集中器SIM卡异常行为分析来构建入侵检测系统。该方案利用非法入侵者需要依赖对GPRS模块的使用,这个过程中会产生一系列的异常行为,在入侵检测系统中捕抓这些行为并以日志的形式存储进行实时建模,用改进的K-means和iForest聚类算法进行检测,发现疑似异常点后,再结合心跳帧机制判断确认,确认为非法身份后发出警告,并拒绝访问请求。经仿真分析,该方案能够检测出目前用电采集系统非法入侵主站的行为,并具有很好的拓展性和前瞻性。
中文关键词: 入侵检测  日志分析  SIM行为  集中器
Abstract:Aiming at the problem of illegal intrusion of power information collection system, it is proposed to construct an intrusion detection system by analyzing the abnormality of SIM card behavior in the concentrator. The scheme utilizes an illegal terminal to obtain the use of a SIM card during the intrusion of the primary station. And a series of abnormal behaviors will occur in this process. Therefore, these behaviors are captured in the intrusion detection system. It is stored in the form of a log for real-time modeling and analyzed with a modified k-means clustering algorithm. After an abnormal point is found, warnings, alarms, and the like are issued according to the level threat. Through simulation analysis, the scheme can resist the behavior of the current power collection system illegally invading the primary station. And has a very good expansion and forward-looking..
文章编号:     中图分类号:    文献标志码:
基金项目:国家自然科学基金资助项目;国网湖北省电力有限公司电力科学研究院外委研究项目
引用文本: