| Citation: | LYU Zhuo, GUO Zhimin, CHEN Cen, et al. A dynamic network threat evaluation method for smart grid embedded devices[J]. Journal of Beijing University of Aeronautics and Astronautics, 2022, 48(2): 324-330. doi: 10.13700/j.bh.1001-5965.2020.0398(in Chinese)
|
Due to the limited computing and storage resources, the smart grid embedded devices cannot deal with the network attacks effectively and the security assessment method is weak. In order to solve these problems, a dynamic network attack behavior evaluation method for smart grid embedded devices is proposed. This method uses the security control module to analyze the communication data stream of the actual embedded device, and conduct security detection evaluation of the impact of the attack behavior in the embedded system simulator by using the component dynamic trust measurement. The final security evaluation result of the network attacks is obtained based on the whole process dynamic comprehensive measurement of the platform configuration property, the platform operation attribute and the user authentication attribute. The method is tested in the actual environment of the power distribution automation system and the power utilization information collection system. The results show that, aimed at the common attacks against the embedded devices, accuracy rate of the proposed detection method can reach more than 90%. This method provides good safety assessment accuracy, and meanwhile achieves effective upgrade of its own security.
| [1] |
何金栋, 王宇, 赵志超, 等. 智能变电站嵌入式终端的网络攻击类型研究及验证[J]. 中国电力, 2020, 53(1): 81-91. https://www.cnki.com.cn/Article/CJFDTOTAL-ZGDL202001011.htm
HE J D, WANG Y, ZHAO Z C, et al. Type and verification of network attacks on embedded terminals of intelligent substation[J]. Electric Power, 2020, 53(1): 81-91(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-ZGDL202001011.htm
|
| [2] |
梅文明, 李美成, 孙炜, 等. 一种面向分布式新能源网络的终端安全接入技术[J]. 电网技术, 2020, 44(3): 953-961. https://www.cnki.com.cn/Article/CJFDTOTAL-DWJS202003018.htm
MEI W M, LI M C, SUN W, et al. Terminal security access technology for distributed new energy networks[J]. Power System Technology, 2020, 44(3): 953-961(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-DWJS202003018.htm
|
| [3] |
王宇, 李俊娥, 周亮, 等. 针对嵌入式终端安全威胁的电力工控系统自愈体系[J]. 电网技术, 2020, 44(9): 3582-3594. https://www.cnki.com.cn/Article/CJFDTOTAL-DWJS202009048.htm
WANG Y, LI J E, ZHOU L, et al. A self-healing architecture for power industrial control systems against security threats to embedded terminals[J]. Power System Technology, 2020, 44(9): 3582-3594(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-DWJS202009048.htm
|
| [4] |
李田, 苏盛, 杨洪明, 等. 电力信息物理系统的攻击行为与安全防护[J]. 电力系统自动化, 2017, 41(22): 162-167. https://www.cnki.com.cn/Article/CJFDTOTAL-DLXT201722022.htm
LI T, SU S, YANG H M, et al. Attacks and cyber security defense in cyber-physical power system[J]. Automation of Electric Power Systems, 2017, 41(22): 162-167(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-DLXT201722022.htm
|
| [5] |
周敦凯. 基于可信计算的嵌入式系统安全设计[J]. 自动化与仪器仪表, 2020(10): 81-84. https://www.cnki.com.cn/Article/CJFDTOTAL-ZDYY202010019.htm
ZHOU D K. Security design of embedded system based on trusted computing[J]. Automation & Instrumentation, 2020(10): 81-84(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-ZDYY202010019.htm
|
| [6] |
FRAGOULI C, PRABHAKARAN V M, CZAP L, et al. Wireless network security: Building on erasures[J]. Proceedings of the IEEE, 2015, 103(10): 1826-1840. doi: 10.1109/JPROC.2015.2438312
|
| [7] |
章锐, 费稼轩, 石聪聪, 等. 特定攻击场景下源网荷系统恶意攻击关联分析方法[J]. 中国电力, 2019, 52(10): 1-10. https://www.cnki.com.cn/Article/CJFDTOTAL-ZGDL201910001.htm
ZHANG R, FEI J X, SHI C C, et al. Malicious attack correlation analysis method of source-grid-load system under specific attack scenarios[J]. Electric Power, 2019, 52(10): 1-10(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-ZGDL201910001.htm
|
| [8] |
陈晋音, 徐轩桁, 苏蒙蒙. 基于自适应免疫计算的网络攻击检测研究[J]. 计算机科学, 2018, 45(S1): 364-370. https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA2018S1080.htm
CHEN J Y, XU X Y, SU M M. Research on network attack detection based on self-adaptive immune computing[J]. Computer Science, 2018, 45(S1): 364-370(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-JSJA2018S1080.htm
|
| [9] |
李小雨, 王怀彬. 基于Renyi交叉熵与CVSS的网络安全态势评估模型[J]. 天津理工大学学报, 2019, 35(5): 12-17. https://www.cnki.com.cn/Article/CJFDTOTAL-TEAR201905003.htm
LI X Y, WANG H B. Thenetwork security situation assessment model based on Renyi cross entropy and CVSS[J]. Journal of Tianjin University of Technology, 2019, 35(5): 12-17(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-TEAR201905003.htm
|
| [10] |
曾颖明, 谢小权, 吴明杰, 等. 一种面向网络系统安全度量的攻击检测方法: CN109167794B[P]. 2021-05-14.
ZENG Y M, XIE X Q, WU M J, et al. An attack detection method for network system security measurement: CN109167794B[P]. 2021-05-14(in Chinese).
|
| [11] |
莫坚松, 张之刚, 牛霜霞, 等. 智能电网嵌入式设备网络检测评估系统与检测评估方法: CN103905450B[P]. 2017-05-31.
MO J S, ZHANG Z G, NIU S X, et al. Smart grid embedded equipment network detection and evaluation system and detection and evaluation method: CN103905450B[P]. 2017-05-31(in Chinese).
|
| [12] |
WANG W, LIU J Q, PITSILIS G, et al. Abstracting massive data for lightweight intrusion detection in computer networks[J]. Information Sciences, 2018, 433-434: 417-430.
|
| [13] |
WANG W, SHANG Y Y, HE Y Z, et al. BotMark: Automated botnet detection with hybrid analysis of flow-based and graph-based traffic behaviors[J]. Information Sciences, 2020, 511: 284-296.
|
| [14] |
LI Y D, ZHANG L, LV Z, et al. Detecting anomalies in intelligent vehicle charging and station power supply systems with multi-head attention models[J]. IEEE Transactions on Intelligent Transportation Systems, 2021, 22(1): 555-564.
|
| [15] |
WANG W, WANG X, FENG D W, et al. Exploring permission-induced risk in Android applications for malicious application detection[J]. IEEE Transactions on Information Forensics and Security, 2014, 9(11): 1869-1882.
|
| [16] |
WANG W, LI Y Y, WANG X, et al. Detecting Android malicious apps and categorizing benign apps with ensemble of classifiers[J]. Future Generation Computer Systems, 2018, 78: 987-994.
|
| [17] |
WANG X, WANG W, HE Y Z, et al. Characterizing Android apps' behavior for effective detection of malapps at large scale[J]. Future Generation Computer Systems, 2017, 75: 30-45.
|
| [18] |
WANG W, ZHAO M C, GAO Z Z, et al. Constructing features for detecting android malicious applications: Issues, taxonomy and directions[J]. IEEE Access, 2019, 7: 67602-67631.
|
| [19] |
常朝稳, 徐江科. 终端行为可信评估及其访问控制方法研究[J]. 小型微型计算机系统, 2014, 35(3): 493-499. https://www.cnki.com.cn/Article/CJFDTOTAL-XXWX201403014.htm
CHANG C W, XU J K. Research on behavior assessment and access control for terminal[J]. Journal of Chinese Computer Systems, 2014, 35(3): 493-499(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-XXWX201403014.htm
|
| [20] |
徐江科. 信息系统终端用户行为可信评估研究[D]. 郑州: 解放军信息工程大学, 2012.
XU J K. Research on trusted assessment of user behavior on information system terminal[D]. Zhengzhou: PLA Information Engineering University, 2012(in Chinese).
|
Figures(5) / Tables(1)
Copyright © Journal of Beijing University of Aeronautics and Astronautics
Address: Editorial Department of Journal of Beijing University of Aeronautics and Astronautics, 37 Xueyuan Road, Haidian District, Beijing Post Code: 100191 Email: jbuaa@buaa.edu.cn
Supported by:
Beijing Renhe Information Technology Co., Ltd.
DownLoad:
