摘要
通过分析现有智能变电站信息系统的安全现状、需求及存在的问题,提出了建设变电站监测预警系统的方法;抽象出了智能变电站业务流量的行为模型,并根据该行为模型定义了异常行为规则,然后在异常流量行为监测基础上进行二次开发,建设了网络异常流量分析系统,从而快速识别出系统中存在的非法操作、异常事件、外部攻击并实时告警,可为智能变电站运维人员提供数据支持,提高对未知威胁的检测能力。
By analyzing the security situation of smart substation information system, demand and existing problem, this paper proposes a method of building monitoring and early warning system for substation. By abstracting behavioral models of smart substation service flow, we define the abnormal behavior rules based on the behavior model, then secondary development based on the abnormal traffic detection is done to form abnormal network traffic analysis system, the system can quickly identify the presence of illegal operation, abnormal events, external attacks and real-time alerts. It can provide sufficient reference information and data for smart substation operation and maintenance, to improve the ability to detect unknown threats.
出处
《电力信息与通信技术》
2015年第11期153-157,共5页
Electric Power Information and Communication Technology
