基于跨域数据链路安全画像的攻击可追溯性关联

2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT) Pub Date : 2023-06-16 DOI:10.1109/AINIT59027.2023.10212474

Jianqian Sheng, Yuan Fang, Guannan Zhang, Xin Ding

{"title":"基于跨域数据链路安全画像的攻击可追溯性关联","authors":"Jianqian Sheng, Yuan Fang, Guannan Zhang, Xin Ding","doi":"10.1109/AINIT59027.2023.10212474","DOIUrl":null,"url":null,"abstract":"To address the problem of attackers invading the power system through cross-domain attacks and vulnerability exploitation, current research is focusing on security portrait technology. By creating a security portrait of the power system, real-time supervision and comprehensive understanding of abnormal user behavior can be achieved. However, traditional network traffic anomaly detection methods based on clustering analysis often have low accuracy. This article proposes an improved k-means clustering-based traffic anomaly detection method, which improves the efficiency and accuracy of constructing security portraits based on abnormal traffic. Secondly, the Yen's shortest path algorithm is used to select the optimal set in the path to determine the network attack path location, and finally, the attack traceability correlation of cross-domain data link security portraits is achieved, improving the recognition efficiency to 91.7% on the original basis.","PeriodicalId":276778,"journal":{"name":"2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)","volume":"118 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Cross-Domain Data Link Security Portrait Based Attack Traceability Correlation\",\"authors\":\"Jianqian Sheng, Yuan Fang, Guannan Zhang, Xin Ding\",\"doi\":\"10.1109/AINIT59027.2023.10212474\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"To address the problem of attackers invading the power system through cross-domain attacks and vulnerability exploitation, current research is focusing on security portrait technology. By creating a security portrait of the power system, real-time supervision and comprehensive understanding of abnormal user behavior can be achieved. However, traditional network traffic anomaly detection methods based on clustering analysis often have low accuracy. This article proposes an improved k-means clustering-based traffic anomaly detection method, which improves the efficiency and accuracy of constructing security portraits based on abnormal traffic. Secondly, the Yen's shortest path algorithm is used to select the optimal set in the path to determine the network attack path location, and finally, the attack traceability correlation of cross-domain data link security portraits is achieved, improving the recognition efficiency to 91.7% on the original basis.\",\"PeriodicalId\":276778,\"journal\":{\"name\":\"2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)\",\"volume\":\"118 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-06-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AINIT59027.2023.10212474\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINIT59027.2023.10212474","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

为了解决攻击者通过跨域攻击和漏洞利用入侵电力系统的问题，目前的研究重点是安全画像技术。通过创建电力系统的安全画像，可以实现对用户异常行为的实时监控和全面了解。然而，传统的基于聚类分析的网络流量异常检测方法往往准确率较低。本文提出了一种改进的基于k均值聚类的流量异常检测方法，提高了基于异常流量构建安全画像的效率和准确性。其次，利用Yen最短路径算法在路径中选择最优集，确定网络攻击路径位置，最后实现跨域数据链路安全画像的攻击可追溯性关联，识别效率在原有基础上提高到91.7%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Cross-Domain Data Link Security Portrait Based Attack Traceability Correlation

To address the problem of attackers invading the power system through cross-domain attacks and vulnerability exploitation, current research is focusing on security portrait technology. By creating a security portrait of the power system, real-time supervision and comprehensive understanding of abnormal user behavior can be achieved. However, traditional network traffic anomaly detection methods based on clustering analysis often have low accuracy. This article proposes an improved k-means clustering-based traffic anomaly detection method, which improves the efficiency and accuracy of constructing security portraits based on abnormal traffic. Secondly, the Yen's shortest path algorithm is used to select the optimal set in the path to determine the network attack path location, and finally, the attack traceability correlation of cross-domain data link security portraits is achieved, improving the recognition efficiency to 91.7% on the original basis.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2023 4th International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT)

自引率

0.00%

发文量