一种基于BF-DT-CUSUM算法的电网工控系统DDoS攻击检测方法

费稼轩; 张涛; 马媛媛; 周诚

doi:10.11959/j.issn.1000-0801.2015402

您当前的位置：

首页 >

文章列表页 >

一种基于BF-DT-CUSUM算法的电网工控系统DDoS攻击检测方法

网络与信息安全 | 更新时间：2024-06-05

- 一种基于BF-DT-CUSUM算法的电网工控系统DDoS攻击检测方法
- Efficient detection technology of DDoS attacks based onBF-DT-CUSUM algorithm in smart grid industrial control system
- 电信科学 2015年31卷第Z1期页码：106-112
- 作者机构：
- 作者简介：
  
  [ "费稼轩（1984-），男，国网智能电网研究院工程师，主要研究方向为电网工控安全。" ]
  [ "张涛（1976-），男，国网智能电网研究院高级工程师，主要研究方向为电网信息安全。" ]
  [ "马媛媛（1978-），女，国网智能电网研究院高级工程师，主要研究方向为电网信息安全。" ]
  [ "周诚（1981-），男，国网智能电网研究院工程师，主要研究方向为电网信息安全。" ]
- 基金信息：
  
  国家电网公司2015年科技项目（电网智能化单元传输规约安全分析及增强技术研究）;The 2015 Science and Technology Project of State Grid Corporation of China:Security Analysis and Enhance Technical Research of Power Grid's Intelligent Transmission Protocols
- DOI：10.11959/j.issn.1000-0801.2015402
  中图分类号： TP311;TP39
- 网络出版日期：2015-12-20，
  
  纸质出版日期：2015-12-20
- 稿件说明：
移动端阅览
费稼轩, 张涛, 马媛媛, 等. 一种基于BF-DT-CUSUM算法的电网工控系统DDoS攻击检测方法[J]. 电信科学, 2015,31(Z1):106-112.

Jiaxuan FEI, Tao ZHANG, Yuanyuan MA, et al. Efficient detection technology of DDoS attacks based onBF-DT-CUSUM algorithm in smart grid industrial control system[J]. Telecommunications science, 2015, 31(Z1): 106-112.
费稼轩, 张涛, 马媛媛, 等. 一种基于BF-DT-CUSUM算法的电网工控系统DDoS攻击检测方法[J]. 电信科学, 2015,31(Z1):106-112. DOI： 10.11959/j.issn.1000-0801.2015402.

Jiaxuan FEI, Tao ZHANG, Yuanyuan MA, et al. Efficient detection technology of DDoS attacks based onBF-DT-CUSUM algorithm in smart grid industrial control system[J]. Telecommunications science, 2015, 31(Z1): 106-112. DOI： 10.11959/j.issn.1000-0801.2015402.

摘要

摘要：信息通信技术的高速发展使得国家电网已经迈进了智能化、信息化、自动化发展时代，然而同时智能电网中信息通信技术的广泛应用也为攻击者提供了更多的途径入侵和攻击电网工控系统。提出一种基于BloomFilter地址统计的动态阈值更新的改进型CUSUM（BF-DT-CUSUM）DDoS（distributed denial of service）入侵攻击检测方法，针对电网工控系统存在的DDoS攻击采用基于BloomFilter正常流量统计的动态阈值技术，同时改进了传统的EWMA算法使其可用于计算识别DDoS攻击用阈值，并对CUSUM（cumulative sum）算法作出一定变动，以此来更高效地检测电网工控系统DDoS攻击事件。仿真实验验证了该方法对电网工控系统中DDoS攻击具有较高的检测速度和精度，且系统开销小。

Abstract

Rapid development of information and communication technology has led China National Grid Corp into the era of intelligent

informational and automated

simultaneously with wide application of information and communication technology in smart grid also providing more ways for attackers to invade and attack power system.A DDoS attacks detection method based on modified CUSUM with dynamic threshold was proposed according to BloomFilter address statistics in smart grid.The proposed method used dynamic threshold technology based on BloomFilter normal traffic statistics

and optimized traditional EWMA algorithm to identify threshold of DDoS attacks

finally modified CUSUM algorithm in order to efficiently detect DDoS attacks in smart grid.Simulation experiments demonstrate that proposed method has high detection speed and precision for DDoS attacks in smart grid

and the system overhead is small.

关键词

Keywords

references

FANG X , MISRA S , XUE G L , et al . Smart grid-the new and improved power grid:a survey [J ] . IEEE Communications Surveys & Tutorials , 2012 , 14 ( 4 ): 944 - 980 .

WANG W Y , LU Z . Cyber security in the smart grid:survey and challenges [J ] . Computer Networks , 2013 , 57 ( 5 ): 1344 - 1371 .

METKE A R , EKL R L . Security technology for smart grid networks [J ] . IEEE Transactions on Smart Grid , 2010 , V1 ( 1 ): 99 - 107 .

LINE M B , TONDEL I A , JAATUN M G . Cyber security challenges in smart grids [C ] // The 2nd IEEE PES International Conference and Exhibition on Innovative Smart Grid Technologies（ISGT Europe） , December 5 - 7 , 2011 , Manchester,United Kingdom . New Jersey : IEEE Press , 2011 : 1 - 8 .

FALLIERE N , MURCHU L O , CHIEN E . W32stuxnet dossier [R ] . 2011 .

CHEN T M . Stuxnet,the real start of cyber warfare? [J ] . IEEE Network , 2010 , 24 ( 6 ): 2 - 3 .

LU Z , WANG W , et al . Review and evaluation of security threats on the communication networks in the smart grid [C ] // The 2010 Military Communications Conference （MILCOM 2010） , October 31 - November 3 , 2010 , San Jose,USA . [S.l.:s.n.] , 2010 : 1830 - 1835 .

DOULIGERIS C , MITROKOSTA A . DDoS attacks and defense mechanisms:classification and state-of-the-art [J ] . Computer Networks , 2004 , 44 ( 44 ): 643 - 666 .

VALDES A , CHEUNG S . S [C ] // The 42nd Hawaii International Conference on System Sciences（HICSS'09） , Januaryr 5 - 8 , 2009 , Hawaii,USA . Washington : IEEE Computer Society , 2009 : 1 - 7 .

Systems C . Security for the smart grid [R ] . San Jose: Cisco 2009 .

LIANG Z Q , FAN Y . Principles and defense techniques of DDoS attacks in electricity auxiliray system security protection [J ] . Computer Security , 2010 ( 9 ): 70 - 72 .

SUN Y A , GUAN X H , LIU T , et al . A cyber-physical monitoring system for attack detection in smart grid [C ] // IEEE INFOCOM 2013 . April 26 - May 1 , 2013 , Hong Kong,China . Washington : IEEE Computer Society , 2013 : 1 - 7 .

YI H , EEMALIFALAK M , NGUYEN H , et al . Bad data injection in smart grid:attack and defense mechanisms [J ] . IEEE Communications Magazine , 2013 , 51 ( 1 ): 27 - 33 .

LIU T , YUN G , DAI W , et al . A novel method to detect bad data injection attack in smart grid [C ] // The 2013 IEEE Conference on Computer Communications Workshops（INFOCOM WKSHPS） . April 11 - 19 , 2013 , Turin,Italy . Washington : IEEE Computer Society , 2013 : 49 - 54 .

WANG D , GUAN X H , LIU T , et al . Extended distributed state estimation:a detection method against tolerable false data injection attacks in smart grids [J ] . Energies , 2014 , 7 ( 3 ): 1517 - 1538 .

KOSUT O , JIA L Y , THOMAS R J , et al . Malicious data attacks on the smart grid [J ] . IEEE Transactions on Smart Grid , 2011 , 2 ( 4 ): 645 - 658 .

LIU Y , NINE P , REITER M K , et al . False data injection attacks against state estimation in electric power grids [J ] . ACM Transactions on Information and System Security , 2011 , 14 ( 1 ): 1301 - 1333 .

浏览量

687

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

面向网络大数据的安全分析技术应用

网络安全分析中的大数据技术应用