Abstract
Nowadays, an electric power monitoring system may cause great damage due to security incidents happened. Furthermore, traditional active defense technologies no longer guarantee the safety and reliability of an electric power monitoring system. Thus, it is urgent to develop a new security defense technology suitable for the electric power monitoring system, the new security defense technology can take precautions against the destructive attacks occurring in the electric power monitoring system. According to the analysis of the network security demands of the electric power monitoring system, we propose an active defense system framework based on security automation and orchestration technology (i.e., SAOT). The active defense system framework with multi-layer architecture and functional modules integrates modules such as the behavioral feature extraction of typical network security events, the security disposal strategy generation of typical network security events, and the automation orchestration of security disposal strategies. Furthermore, the SAOT active defense system framework simultaneously solves the aspects of the vulnerability and security problems in the electric power monitoring system. Finally, a case study is adopted to further describe and explain the SAOT active defense system framework. Results indicate that the SAOT active defense system framework can ensure the information security of the national power system in cyberspace.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Li, T., Su, S., Yang, H., Wen, F., Wang, D., Zhu, L.: Attacks and cyber security defense in cyber-physical power system. Autom. Electric Power Syst. 41(22), 162–167 (2017)
Liu, N., Yu, X., Zhang, J.: Coordinated cyber-attack: inference and thinking of incident on Ukrainian power grid. Autom. Electric Power Syst. 40(6), 144–147 (2016)
Wang, Z., Zhu, S., Huang, T., Zhu, J., Fang, H.: Research on network security active defense system oriented to electric power monitoring system. In: 2020 IEEE International Conference on Information Technology, Big Data and Artificial Intelligence (ICIBA), Chongqing, China, pp. 883–887. IEEE (2020)
Xu, R., Chen, J.: Collaborative defense architecture of cyberspace security. Commun. Technol. 49(01), 92–96 (2016)
Qi, L., Zhang, X., Li, S., et al.: Spatial-temporal data-driven service recommendation with privacy-preservation. Inf. Sci. 515, 91–102 (2020)
Takahashi, T., Tomioka, R., Yamanishi, K.: Discovering emerging topics in social streams via link anomaly detection. IEEE Trans. Knowl. Data Eng. 26(1), 120–130 (2013)
Kim, H., Kim, I., Chung, T.-M.: Abnormal behavior detection technique based on big data. In: Park, J., Zomaya, A., Jeong, H.-Y., Obaidat, M. (eds.) Frontier and Innovation in Future Computing and Communications. LNEE, vol. 301, pp. 553–563. Springer, Dordrecht (2014). https://doi.org/10.1007/978-94-017-8798-7_66
Hinami, R., Mei, T., Satoh, S.: Joint detection and recounting of abnormal events by learning deep generic knowledge. In: 2017 IEEE International Conference on Computer Vision (ICCV), Venice, Italy, pp. 3639–3647. IEEE (2017)
Luo, W., Liu, W., Gao, S.: A revisit of sparse coding based anomaly detection in stacked RNN framework. In: 2017 IEEE International Conference on Computer Vision (ICCV), Venice, Italy, pp. 341–349. IEEE (2017)
Vannel, Z., Donghyun, K., Daehee, S., Ahyoung, L.: An unsupervised anomaly detection framework for detecting anomalies in real time through network system’s log files analysis. High-Confidence Comput. 1(2), 100030 (2021)
Sun, Y., Peng, X., Tian, Z., Guo, S.: A deception defense and active defense based three-dimensional defense architecture: DA-3DD design and implementation plan. In: 2019 15th International Conference on Mobile Ad-Hoc and Sensor Networks (MSN), Shenzhen, China, pp. 422–427. IEEE (2019)
Zhang, Y., Wan, Z., Wu, M.: An active DDoS defense model based on packet marking. In: 2009 Second International Workshop on Computer Science and Engineering, Qingdao, China, pp. 435–438. IEEE (2009)
Ma, L., Kang, Y.-J., Han, H.: Research on LAN network malicious code intrusion active defense technology. In: Gui, G., Yun, L. (eds.) ADHIP 2019. LNICSSITE, vol. 301, pp. 57–64. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-36402-1_6
Acknowledgment
This work was supported in part by 2021 Science and Technology Project of State Grid Corporation: Research on Vulnerability Analysis and Threat Detection Key Technology of Power Monitoring System in Cyberspace. No. 5108-202117055A-0-0-00. The 4th project “Research on the Key Technology of Endogenous Security Switches” (2020YFB1804604) of the National Key R&D Program, the 2020 Industrial Internet Innovation and Development Project from Ministry of Industry and Information Technology of China, the Fundamental Research Fund for the Central Universities (30918012204, 30920041112).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Ling, X., Qi, L., Li, M., Yan, J. (2022). Research on Network Security Automation and Orchestration Oriented to Electric Power Monitoring System. In: Khosravi, M.R., He, Q., Dai, H. (eds) Cloud Computing. CloudComp 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 430. Springer, Cham. https://doi.org/10.1007/978-3-030-99191-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-99191-3_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-99190-6
Online ISBN: 978-3-030-99191-3
eBook Packages: Computer ScienceComputer Science (R0)