摘要
高级持续性威胁(advanced persistent threat,APT)已经成为新型电力系统网络安全的主要威胁之一,面对其隐蔽性强、破坏力大、持续时间长的攻击行为特点,现有的传统检测方法无法满足新型电力系统的安全要求。对此,文章提出一种基于卷积神经网络的通道与空间并行结合的注意力机制(parallel channel and spatial attention mechanism based convolutional neural network,PCSA-CNN)的APT攻击检测方法。该算法引入通道与空间并行的注意力机制,以突出APT攻击数据特征并生成对应的特征向量矩阵,然后采用卷积神经网络模型完成对APT攻击的检测。实验结果表明,基于PCSA-CNN模型的APT攻击检测方法可达到99.87%的准确率,相较现有主流神经网络模型检测效果有明显提升。
Advanced persistent threat(APT)has become one of the main threats to the network security of the new type power systems.Because of the features like strong concealment,destructive power and long duration,the existing traditional detection methods can not meet the security requirements of the new type power systems.Therefore,an APT attack detection method using parallel channel and spatial attention mechanism based convolutional neural network(PCSA-CNN)is proposed.The parallel channel and spatial attention mechanism is introduced to highlight the characteristics of APT attack data and generate the corresponding eigenvector matrix,and then a convolutional neural network model is used to detect APT attack.The experiment results indicate that PCSA-CNN model can reach 99.87%accuracy,which is significantly better than the existing mainstream neural network model.
作者
林玉坤
于新会
李元诚
支妍力
曾萍
LIN Yukun;YU Xinhui;LI Yuancheng;ZHI Yanli;ZENG Ping(School of Control and Computer Engineering,North China Electric Power University,Changping District,Beijing 100096,China;State Grid Jiangxi Electric Power Co.,Ltd.,Nanchang 330077,Jiangxi Province,China;Ji'an Power Supply Branch,State Grid Jiangxi Electric Power Co.,Ltd.,Ji’an 343000,Jiangxi Province,China)
出处
《电力信息与通信技术》
2023年第6期1-7,共7页
Electric Power Information and Communication Technology
基金
国家电网有限公司总部科技项目资助“新型电力系统高级可持续网络攻击行为识别与主动防御研究”(5700-202199539A-0-5-ZN)。
关键词
新型电力系统
APT攻击
注意力机制
CNN
new type power systems
advanced persistent threat
attention mechanism
CNN
