CN109992964B - Data protection method and device based on industrial internet and storage medium - Google Patents

Data protection method and device based on industrial internet and storage medium Download PDF

Info

Publication number
CN109992964B
CN109992964B CN201910295256.2A CN201910295256A CN109992964B CN 109992964 B CN109992964 B CN 109992964B CN 201910295256 A CN201910295256 A CN 201910295256A CN 109992964 B CN109992964 B CN 109992964B
Authority
CN
China
Prior art keywords
data
verified
industrial
likelihood
time
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910295256.2A
Other languages
Chinese (zh)
Other versions
CN109992964A (en
Inventor
朱亚清
欧阳春明
万文军
陈华忠
肖黎
许志斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Electric Power Design Institute
Original Assignee
China Southern Power Grid Power Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Southern Power Grid Power Technology Co Ltd filed Critical China Southern Power Grid Power Technology Co Ltd
Priority to CN201910295256.2A priority Critical patent/CN109992964B/en
Publication of CN109992964A publication Critical patent/CN109992964A/en
Application granted granted Critical
Publication of CN109992964B publication Critical patent/CN109992964B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application discloses a data protection method, a device and a storage medium based on an industrial internet, wherein the method comprises the following steps: 101. acquiring data to be verified which requests to be added into an industrial database; 102. calculating a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood; 103. and judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values or not, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data, so that the technical problem that the existing industrial data protection method has little effect on knowing the legal data of the factory and attacking by utilizing the legal data is solved.

Description

Data protection method and device based on industrial internet and storage medium
Technical Field
The application belongs to the technical field of data protection, and particularly relates to a data protection method and device based on an industrial internet and a storage medium.
Background
With the industrial modernization, the rapid development of the industrial internet and the proposal of the industrial 4.0 plan, the industrial automation and the industrial informatization are more and more closely related. Industrial control systems are also utilizing computer networking technology to increase the level of integration, interconnection, and information management between systems. The intelligent industrial revolution storm is completed after a steam engine, large-scale production and automation, and the whole industrial industry is led to develop towards high informatization, automation and intelligence. The development history of industrial automation is expected to be closely related to the development of the internet. Therefore, industrial internet security is in force.
In industrial production, industrial field data is closely related to production conditions, once the industrial field data is damaged, the whole production conditions are seriously threatened, and therefore, the data protection of the industrial field is not lacked. Therefore, every data added to the industrial database is required to be securely verified to identify the attack data. Although the existing data verification method can protect some simpler attacks, the existing data verification method has little effect on the attacks which are carried out by knowing the legal data of the factory and utilizing the legal data.
Disclosure of Invention
In view of this, the present application provides a data protection method, device and storage medium based on industrial internet, which are used for industrial data protection and solve the technical problem that the existing industrial data protection method has little effect on the attack which is performed by knowing the legal data of a factory and utilizing the legal data.
The application in a first aspect provides a data protection method based on an industrial internet, which is characterized by comprising the following steps:
101. acquiring data to be verified which requests to be added into an industrial database;
102. calculating a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood;
103. and judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data.
Preferably, the first preset formula is specifically:
L(x1j,x2j,…xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjTime likelihood of data of (1), L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjTime possibilities of (3).
Preferably, the second preset formula is specifically:
Figure BDA0002026272950000021
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces.
Preferably, step 103 is followed by:
and when the data to be verified is credible data, adding the data to be verified into an industrial database, wherein the data in the industrial database is used for verifying whether the access data accessing the industrial Internet is credible data.
Preferably, step 103 specifically includes:
and judging whether the time possibility value is equal to a time possibility threshold value and the space possibility value is equal to a space possibility threshold value, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data.
This application second aspect provides a data protector based on industry internet, includes:
the acquisition unit is used for acquiring data to be verified which requests to be added into the industrial database;
the calculation unit is used for calculating the time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating the space likelihood value of the data to be verified according to a second preset formula based on the space likelihood;
and the judging unit is used for judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values, if so, the data to be verified is credible data, and if not, the data to be verified is attack data.
Preferably, the first preset formula is specifically:
L(x1j,x2j,...xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjTime likelihood of data of (1), L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjTime possibilities of (3).
Preferably, the second preset formula is specifically:
Figure BDA0002026272950000031
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces.
Preferably, the apparatus further comprises:
and the database adding unit is used for adding the data to be verified into an industrial database when the data to be verified is credible data, and the data in the industrial database is used for verifying whether the access data accessing the industrial Internet is credible data.
A third aspect of the present application provides a storage medium for storing program code for executing the industrial internet-based data protection method of the first aspect.
According to the technical scheme, the embodiment of the application has the following advantages:
the application provides a data protection method based on an industrial internet, which comprises the following steps: 101. acquiring data to be verified which requests to be added into an industrial database; 102. calculating a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood; 103. and judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data.
In the method, two common data verification modes of the industrial data are analyzed, in the time correlation verification mode, verification is performed according to the mode that an attacker knows legal data to attack, in the space correlation verification mode, verification is performed according to the mode that the attacker knows the legal data to attack in the space correlation verification mode, industrial data protection is enhanced, and the technical problem that the existing industrial data protection method has little effect on knowing the legal data of a factory and attacking by utilizing the legal data is solved.
Drawings
Fig. 1 is a schematic flowchart of a first embodiment of a data protection method based on an industrial internet according to an embodiment of the present application;
FIG. 2 is a flowchart illustrating a second embodiment of a method for data protection based on the industrial Internet according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an industrial internet-based data protection device according to an embodiment of the present application.
Detailed Description
The existing data protection methods in the industrial internet mainly comprise two methods, one method is to verify according to the time relevance of data to be verified, the other method is to verify according to the space relevance of the data to be verified, the two methods are correspondingly protected according to the two methods, and the attacks according to the two respective legal data are respectively:
the former adds noise to the legitimate data for an attacker, for example, the attacker adds each legitimate data to the interval between-90 dBm and-50 dBm, and adds 5 localized error signals to each legitimate data.
The latter changes the mapping between the legal data and the indoor position for the attacker, and the second data verification mode is verified according to the implicit relation between the legal data and the indoor position, namely the attacker attacks after changing the implicit relation between the legal data and the indoor position. E.g. piIndicating the ith position. Wherein f isiIs position piCorresponding legal data, assuming that the attacker will be fiMapping to position pi+kWhere k represents an offset.
Based on the above, the embodiment of the application provides a data protection method, a device and a storage medium based on an industrial internet, which are used for industrial data protection and solve the technical problem that the existing industrial data protection method has little effect on knowing legal data of a factory and attacking by utilizing the legal data.
Referring to fig. 1, a schematic flow chart of a first embodiment of a data protection method based on an industrial internet in an embodiment of the present application includes:
step 101, obtaining data to be verified which requests to be added into an industrial database.
It should be noted that, first, data to be verified that requests to join the industrial database is obtained.
And 102, calculating a time possibility value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space possibility value of the data to be verified according to a second preset formula based on the space likelihood.
It should be noted that, in the time correlation verification method, a series of data is verified, and for any kind of data, the relative verification center of the data exhibits a rule, that is, the closer to the verification center, the larger the signal value of the data is, and the farther from the verification center, the signal value of the data gradually decreases, that is, the time likelihood, so that the time correlation of the data to be verified is evaluated according to the time likelihood metric, thereby performing the verification. It is understood that the first preset value described herein in the time correlation is calculated according to the legal data (trusted data) in the industrial database, that is, the time likelihood value of the data to be verified is equal to the time likelihood of the legal data in the industrial database.
In the spatial correlation verification method, verification is performed on data, the data has a relative position with respect to a verification center, and a data signal value at the position with respect to the verification center is determined to be invariant. Therefore, for the possible attacks (i.e. changing the mapping relationship) suffered by the spatial correlation verification mode, the spatial likelihood value of the data to be verified is calculated according to the second preset formula based on the spatial likelihood, whether the spatial likelihood value is equal to the second preset value or not is judged, and if yes, the data to be verified is credible data. It can be understood that the second preset value described in the spatial correlation is calculated according to the legal data in the industrial database, that is, the spatial value of the data to be verified is equal to the time probability of the legal data in the industrial database.
And 103, judging whether the time possibility value and the space possibility value are both equal to corresponding preset threshold values, if so, executing a step 104, and otherwise, executing a step 105.
It should be noted that, when the time likelihood value and the space likelihood value are equal to the corresponding preset threshold values, the data to be verified is trusted data, otherwise, the data to be verified is attack data.
And step 104, the data to be verified is credible data.
It should be noted that, when the data to be verified is trusted data, the data requested to be added to the industrial database is trusted data.
And 105, taking the data to be verified as attack data.
It should be noted that, when the data to be verified is attack data, the data requested to be added to the industrial database is the attack data.
In the embodiment, two common data verification modes of the industrial data are analyzed, in the time correlation verification mode, a mode that an attacker knows legal data to attack is verified in the root time correlation verification mode, and in the space correlation verification mode, the mode that the attacker knows the legal data to attack is verified according to the space correlation verification mode, so that the industrial data protection is enhanced, and the technical problem that the existing industrial data protection method has little effect on knowing the legal data of a factory and attacking by utilizing the legal data is solved.
The above is a first embodiment of the data protection method based on the industrial internet provided by the embodiment of the present application, and the following is a second embodiment of the data protection method based on the industrial internet provided by the embodiment of the present application.
Referring to fig. 2, a flowchart of a second embodiment of a data protection method based on the industrial internet in the embodiment of the present application includes:
step 201, obtaining data to be verified which requests to be added into an industrial database.
It should be noted that step 201 in this embodiment is the same as step 101 in the first embodiment, and is not described herein again.
And step 202, calculating a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood.
It should be noted that, the first preset formula specifically includes:
L(x1j,x2j,...xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjOf (2) dataTime possibility, L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjTime possibilities of (3). In the actual calculation, L (x)nj) Is an assumption, that is, the assumption is based on the probability of the last position being computed, and the probability of that last position is random.
The second preset formula is specifically as follows:
Figure BDA0002026272950000061
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces. In the actual calculation, L (x)ij) And also random.
Step 203, determining whether the time likelihood value is equal to the time likelihood threshold and the space likelihood value is equal to the space likelihood threshold, if yes, executing steps 204 and 205, and if no, executing step 206.
And step 204, the data to be verified is credible data.
It should be noted that, when the data to be verified is the trusted data, the data requested to be added to the industrial database is the trusted data, and at this time, the corresponding request result is passed.
And step 205, when the data to be verified is the credible data, adding the data to be verified into the industrial database.
And step 206, the data to be verified is attack data.
It should be noted that, when the data to be verified is attack data, the data requested to be added to the industrial database is the attack data, and at this time, the corresponding request result is failed.
In the embodiment, two common data verification modes of the industrial data are analyzed, in the time correlation verification mode, a mode that an attacker knows legal data to attack is verified in the root time correlation verification mode, and in the space correlation verification mode, the mode that the attacker knows the legal data to attack is verified according to the space correlation verification mode, so that the industrial data protection is enhanced, and the technical problem that the existing industrial data protection method has little effect on knowing the legal data of a factory and attacking by utilizing the legal data is solved.
The second embodiment of the data protection method based on the industrial internet according to the embodiment of the present application is described above, and an embodiment of the data protection device based on the industrial internet according to the embodiment of the present application is shown in fig. 3.
The data protector based on industrial internet that provides in this application embodiment includes:
an obtaining unit 301, configured to obtain data to be verified that requests to join an industrial database;
a calculating unit 302, configured to calculate a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculate a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood;
the determining unit 303 determines whether the time likelihood value and the space likelihood value are both equal to the corresponding preset threshold, if so, the data to be verified is trusted data, and if not, the data to be verified is attack data.
Further, the first preset formula specifically includes:
L(x1j,x2j,…xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjTime likelihood of data of (1), L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjTime possibilities of (3).
Further, the second preset formula specifically includes:
Figure BDA0002026272950000071
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces.
Further, the apparatus further comprises:
and the database adding unit is used for adding the data to be verified into the industrial database when the data to be verified is the credible data, and the data in the industrial database is used for verifying whether the access data accessing the industrial Internet is the credible data.
In the embodiment, two common data verification modes of the industrial data are analyzed, in the time correlation verification mode, a mode that an attacker knows legal data to attack is verified in the root time correlation verification mode, and in the space correlation verification mode, the mode that the attacker knows the legal data to attack is verified according to the space correlation verification mode, so that the industrial data protection is enhanced, and the technical problem that the existing industrial data protection method has little effect on knowing the legal data of a factory and attacking by utilizing the legal data is solved.
The embodiment of the present application further provides a storage medium, where the storage medium is used to store a program code, and the program code is used to execute the industrial internet-based data protection method according to the foregoing embodiments.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
The above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims (6)

1. A data protection method based on industrial Internet is characterized by comprising the following steps:
101. acquiring data to be verified which requests to be added into an industrial database;
102. calculating a time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating a space likelihood value of the data to be verified according to a second preset formula based on the space likelihood;
103. judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values or not, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data;
the first preset formula is specifically as follows:
L(x1j,x2j,...xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjTime likelihood of data of (1), L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjThe time likelihood of (d);
the second preset formula is specifically as follows:
Figure FDA0002994749530000011
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) Possibility for position i in different data tracks。
2. The industrial internet-based data protection method according to claim 1, wherein step 103 is followed by further comprising:
and when the data to be verified is credible data, adding the data to be verified into an industrial database, wherein the data in the industrial database is used for verifying whether the access data accessing the industrial Internet is credible data.
3. The industrial internet-based data protection method according to claim 1, wherein the step 103 specifically comprises:
and judging whether the time possibility value is equal to a time possibility threshold value and the space possibility value is equal to a space possibility threshold value, if so, determining that the data to be verified is credible data, and if not, determining that the data to be verified is attack data.
4. A data protector based on industry internet, characterized by, includes:
the acquisition unit is used for acquiring data to be verified which requests to be added into the industrial database;
the calculation unit is used for calculating the time likelihood value of the data to be verified according to a first preset formula based on the time likelihood, and calculating the space likelihood value of the data to be verified according to a second preset formula based on the space likelihood;
the judging unit is used for judging whether the time possibility value and the space possibility value are equal to corresponding preset threshold values or not, if so, the data to be verified is credible data, and if not, the data to be verified is attack data;
the first preset formula is specifically as follows:
L(x1j,x2j,...xnj)=L(x1j)L(x2j|x1j)...L(xnj|x(n-1)j);
wherein x isnjFor a position x in the data to be verifiednjData of (2), L (x)nj) Is a position xnjTime likelihood of data of (1), L (x)nj|x(n-1)j) At position x(n-1)jCalculating position xnjThe time likelihood of (d);
the second preset formula is specifically as follows:
Figure FDA0002994749530000021
where L (fi) is the spatial probability of position i, ximThe probability of position i in different data tracks, m is the mth data track, L (x)ij) The probability of position i in different data traces.
5. The industrial internet-based data guard of claim 4, further comprising:
and the database adding unit is used for adding the data to be verified into an industrial database when the data to be verified is credible data, and the data in the industrial database is used for verifying whether the access data accessing the industrial Internet is credible data.
6. A storage medium for storing a program code for performing the industrial internet-based data protection method of any one of claims 1 to 3.
CN201910295256.2A 2019-04-12 2019-04-12 Data protection method and device based on industrial internet and storage medium Active CN109992964B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910295256.2A CN109992964B (en) 2019-04-12 2019-04-12 Data protection method and device based on industrial internet and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910295256.2A CN109992964B (en) 2019-04-12 2019-04-12 Data protection method and device based on industrial internet and storage medium

Publications (2)

Publication Number Publication Date
CN109992964A CN109992964A (en) 2019-07-09
CN109992964B true CN109992964B (en) 2021-06-29

Family

ID=67133465

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910295256.2A Active CN109992964B (en) 2019-04-12 2019-04-12 Data protection method and device based on industrial internet and storage medium

Country Status (1)

Country Link
CN (1) CN109992964B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115412375B (en) * 2022-11-01 2023-04-18 山东省信息技术产业发展研究院(中国赛宝(山东)实验室) Industrial Internet data protection system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103761485A (en) * 2014-01-13 2014-04-30 清华大学 Privacy protection method
CN103916860A (en) * 2014-04-16 2014-07-09 东南大学 Outlier data detection method based on space-time correlation in wireless sensor cluster network

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002057917A2 (en) * 2001-01-22 2002-07-25 Sun Microsystems, Inc. Peer-to-peer network computing platform
GB2507574B (en) * 2012-11-06 2015-05-27 F Secure Corp Malicious object detection
CN109241989B (en) * 2018-07-17 2023-06-20 中国电力科学研究院有限公司 Method and system for restoring intelligent substation invasion scene based on space-time similarity matching
CN109379717B (en) * 2018-12-06 2020-08-04 西安电子科技大学 Space-time correlation privacy protection method based on false position

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103761485A (en) * 2014-01-13 2014-04-30 清华大学 Privacy protection method
CN103916860A (en) * 2014-04-16 2014-07-09 东南大学 Outlier data detection method based on space-time correlation in wireless sensor cluster network

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
An integrated representation of spatial and temporal relationships between evolving regions;Christophe Claramunt,et al;《Journalof Geographical systems>;20011231;第411-428页 *
Mining Association Rules between Sets of Items in Large Databases;Rakesh Agrawal,et al;《ACM Sigmod Record》;19930131;207-216 *
基于时空关联分析的网络实时威胁识别与评估;吕慧颖 等;《计算机研究与发展》;20140703;第51卷(第5期);第1039-1049页 *
基于时空相似度量的复杂场景背景估计;周宁 等;<计算机研究与发展>;20140703;第51卷(第5期);第9-11,38页 *

Also Published As

Publication number Publication date
CN109992964A (en) 2019-07-09

Similar Documents

Publication Publication Date Title
US11531766B2 (en) Systems and methods for attributing security vulnerabilities to a configuration of a client device
JP2022512192A (en) Systems and methods for behavioral threat detection
US8407799B2 (en) Software behavior modeling device, software behavior modeling method, software behavior verification device, and software behavior verification method
CN111698257B (en) Industrial information physical system security detection method for multi-class malicious attacks
CN107070940B (en) Method and device for judging malicious login IP address from streaming login log
CN113711559B (en) System and method for detecting anomalies
US20180349470A1 (en) Multi-distance similarity analysis with tri-point arbitration
CN115577360A (en) Gradient-independent clustering federal learning method and system
JP2022512195A (en) Systems and methods for behavioral threat detection
CN109992964B (en) Data protection method and device based on industrial internet and storage medium
CN112464252A (en) Vulnerability threat degree dynamic calculation method based on risks
CN117061254B (en) Abnormal flow detection method, device and computer equipment
US20210258344A1 (en) Methods and Systems for Browser Spoofing Mitigation
CN114422186B (en) Attack detection method and device, electronic equipment and storage medium
CN108270746B (en) User access request processing method and device
CN112422573B (en) Attack path restoration method, device, equipment and storage medium
CN112560085B (en) Privacy protection method and device for business prediction model
CN111967043B (en) Method, device, electronic equipment and storage medium for determining data similarity
CN111582673B (en) Attack risk assessment method and device for power distribution automation system master station
CN111200504B (en) Network security situation fitting method, device, equipment and medium
CN114679333B (en) Dual security decision method based on function and network and computer readable storage medium
CN114745162B (en) Access control method, device, terminal equipment and storage medium
CN117195273B (en) Data leakage detection method and device based on time sequence data anomaly detection
CN116980322A (en) Behavior detection method and device based on behavior data and computer equipment
CN117749454A (en) Safety protection device and safety protection device for MELSEC protocol and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20200113

Address after: 510000 room 501-503, annex building, Huaye building, No.1-3, Chumo new street, Xihua Road, Yuexiu District, Guangzhou City, Guangdong Province

Applicant after: Guangdong Electric Power Research Institute of energy technology limited liability company

Address before: 510600 No. 757 Dongfeng East Road, Guangzhou, Guangdong, Yuexiu District

Applicant before: GUANGDONG STATE GRID CO., LTD.

Applicant before: ELECTRIC POWER RESEARCH INSTITUTE, GUANGDONG POWER GRID CO., LTD.

Applicant before: Guangdong Electric Power Research Institute of energy technology limited liability company

TA01 Transfer of patent application right
CB02 Change of applicant information

Address after: Room 501-503, annex building, Huaye building, No.1-3 Chuimao new street, Xihua Road, Yuexiu District, Guangzhou City, Guangdong Province 510000

Applicant after: China Southern Power Grid Power Technology Co.,Ltd.

Address before: Room 501-503, annex building, Huaye building, No.1-3 Chuimao new street, Xihua Road, Yuexiu District, Guangzhou City, Guangdong Province 510000

Applicant before: GUANGDONG ELECTRIC POWER SCIENCE RESEARCH INSTITUTE ENERGY TECHNOLOGY Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant