CN116938525A - Novel electric power business terminal safety identification method based on LeNet-5 model - Google Patents
Novel electric power business terminal safety identification method based on LeNet-5 model Download PDFInfo
- Publication number
- CN116938525A CN116938525A CN202310699516.9A CN202310699516A CN116938525A CN 116938525 A CN116938525 A CN 116938525A CN 202310699516 A CN202310699516 A CN 202310699516A CN 116938525 A CN116938525 A CN 116938525A
- Authority
- CN
- China
- Prior art keywords
- lenet
- model
- data
- flow
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 239000000523 sample Substances 0.000 claims abstract description 35
- 238000012549 training Methods 0.000 claims abstract description 10
- 238000011176 pooling Methods 0.000 claims description 27
- 238000004364 calculation method Methods 0.000 claims description 8
- 238000010586 diagram Methods 0.000 claims description 8
- 230000002159 abnormal effect Effects 0.000 claims description 6
- 238000007477 logistic regression Methods 0.000 claims description 6
- 239000011159 matrix material Substances 0.000 claims description 6
- 238000013528 artificial neural network Methods 0.000 claims description 5
- 238000012545 processing Methods 0.000 claims description 5
- 210000002569 neuron Anatomy 0.000 claims description 4
- 238000005070 sampling Methods 0.000 claims description 2
- 230000002779 inactivation Effects 0.000 claims 1
- 238000010408 sweeping Methods 0.000 claims 1
- 238000004458 analytical method Methods 0.000 abstract description 11
- 238000000605 extraction Methods 0.000 abstract description 8
- 230000006870 function Effects 0.000 abstract description 8
- 230000004913 activation Effects 0.000 abstract description 3
- 238000005457 optimization Methods 0.000 abstract 2
- 238000007781 pre-processing Methods 0.000 abstract 1
- 238000010606 normalization Methods 0.000 description 6
- 230000008569 process Effects 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000013527 convolutional neural network Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000001595 flow curve Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 238000012935 Averaging Methods 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 230000001066 destructive effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/0464—Convolutional networks [CNN, ConvNet]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Evolutionary Computation (AREA)
- Data Mining & Analysis (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Biomedical Technology (AREA)
- Biophysics (AREA)
- Computational Linguistics (AREA)
- Software Systems (AREA)
- Mathematical Physics (AREA)
- General Health & Medical Sciences (AREA)
- Molecular Biology (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a safety identification method of a novel electric power service terminal based on a LeNet-5 model, which is used for safety identification of access of the novel electric power terminal and comprises the following steps: the system comprises a network flow acquisition module, a service flow characteristic identification extraction and analysis module and a LeNet-5 model-based identification and optimization module; the network flow acquisition module is deployed into a link accessed by the terminal through a network probe, continuously acquires the flow of the novel power service terminal according to fixed time, analyzes an original flow data packet from bottom to top, and stores the original flow data packet in a server after preprocessing; the service flow characteristic recognition extraction and analysis module is used for researching the current state and realizing the prediction of the future state of the data flow stored in the server by using a Markov model S= { S1, S2, s3... The data flow is characterized by a time characteristic sequence; based on a LeNet-5 model identification and optimization module, constructing a LeNet-5 network, performing iterative training on data by using the LeNet-5 network model, updating network parameter values and weights in the data, using an optimized ReLU activation function, and obtaining the LeNet-5 model which finally accords with the novel power service terminal by changing the learning rate of the model. The invention effectively avoids the attacker from carrying out attack by taking the terminal as an intermediary, improves the accurate recognition rate of recognizing illegal terminals, illegal terminals are stolen and terminals are maliciously authorized to access, and ensures the safe access of novel power service terminals.
Description
Technical Field
The invention relates to the field of electric power information safety, in particular to a safety identification method of a novel electric power service terminal based on a LeNet-5 model.
Background
Along with the development of intelligent technology, the construction of power informatization also gradually carries out implementation and application to each link in the intelligent power grid, and the application of the intelligent power grid is extremely wide. The integration of the power grid transformation and the new technology can control and operate the process of the power business in real time. With the continuous development of new information communication systems, the new information communication systems play an important role in various fields, wherein the typical fields include power grid transmission, user service and the like, and the development of electric power is promoted by high informatization.
In recent years, network security situation is more and more severe, network attack events initiated by network terminal equipment are frequently happened, the destructive power of attack is also more and more large, and the influence range is also expanding continuously. This indicates that the network attacks have extended to the terminal side, and the number of network attacks against the terminal will continue to increase in the future.
Accordingly, security of various network end terminals has become a critical component of enterprise network security. With the wide application of cloud computing technology and network communication technology in various links of power production, the boundary of a power system becomes fuzzy or even breaks down, which puts higher security requirements on identity authentication, security management and control, access control and the like in the process of accessing mass terminals. The power service terminals are exposed to a large number of attack risks, which may affect the safe and reliable power supply of the power system to the users. Currently, the security risks faced by the power system mainly include the condition that the power protection system lacks integrity checking and protecting measures for hardware, an operating system and application programs of the power terminal, and legal terminals are stolen or maliciously accessed in an unauthorized mode.
Disclosure of Invention
The invention discloses a LetNet-5-based method for establishing an optimized safety recognition model. Through the technical research level, the past identification system mostly adopts a research method for manually collecting the related rules in the network traffic data, and when various service terminals are accessed, a plurality of problems exist. For example, the computational complexity is high and the data feature extraction is insufficient, and when the data amount and the attack category are increased, it becomes more challenging to accurately and timely perform authentication identification of the terminal. Compared with the prior identification method, the traditional machine learning algorithm has good effect; however, the new power service terminals have various service types, so a new security identification method is needed, so that the security identification speed is faster and the accuracy is higher. Based on the specific scene and business of the novel electric power business terminal, a LeNet-5 model is provided, characteristics are eliminated by using the multilayer perceptron, the optimized LeNet-5 model is provided, the autonomous learning capacity of the model is enhanced, the calculation speed of the model is accelerated, the training and reasoning efficiency of the model is improved, and the model is more flexible, so that the novel electric power business terminal is better applied.
In order to achieve the above purpose, the technical scheme provided by the invention is as follows:
step 1: acquiring real-time flow data of a novel power service terminal through a network probe;
step 2: carrying out normalization processing on the flow data, and then carrying out business feature processing and analysis;
step 3: training a model;
step 4: and (3) giving high-level semantic parameters, inputting the high-level semantic parameters into a parameterized model, and giving a corresponding LeNet-5-based model.
The invention adopts the LeNet-5 model, when the novel electric power service terminal performs service interaction, the network probe is used for collecting flow, extracting and analyzing service characteristics of the flow and monitoring the flow by using the LeNet-5 model, thereby effectively avoiding network attack by an attacker by taking the terminal as a springboard, solving the problems of illegal terminal access, legal terminal theft, malicious and unauthorized terminal access and the like, and ensuring the safe access of the novel electric power service terminal.
Drawings
The drawings that are required for use in the present invention are described below.
FIG. 1 is a diagram of a safety identification technology route of a novel electric power business terminal based on a LeNet-5 model;
FIG. 2 is a flow acquisition block diagram;
FIG. 3 is a business feature extraction and analysis model diagram;
FIG. 4 is a graph of an improved ReLU activation function;
Detailed Description
In order to more clearly illustrate the technical solution of the present invention, the present invention will be described in detail below based on the drawings in the embodiments, and the embodiments described herein are only for explaining the present invention, and all other embodiments obtained by those skilled in the art without making any inventive effort are within the scope of the present invention.
The invention discloses a safety identification method of a novel electric power service terminal based on a LeNet-5 model, which is specially designed for the safety risk of the access of the novel electric power service terminal and the characteristic of network privatization, creatively introduces the LeNet-5 model into the field of safety protection of the electric power terminal, and realizes the safety protection of the novel electric power service terminal. In the face of interaction of novel power service terminals, the service types are various, and along with the difference of the service, the flow size and fluctuation rule in network transmission can also change correspondingly, so that safety identification of the novel power service terminals is researched, and the novel power service terminals are required to be subjected to flow collection, analysis and modeling of service flow. The system mainly comprises three modules, namely network flow acquisition, service flow characteristic identification extraction and analysis, training based on a LeNet-5 model and the like.
In order to ensure safe and stable operation of an electric power system, a technical route of a safe identification method of a novel electric power service terminal based on a LeNet-5 model is shown in a figure 1 by combining a convolution layer, a pooling layer and the like in a traditional convolution neural network with a specific scene of the novel electric power service terminal, and the method mainly comprises the following steps:
based on the operation of collecting network data packets by the network probes, deploying the network probes in the network equipment through a bypass to capture the data packets, and storing the captured network traffic to a server after analyzing from bottom to top;
fig. 2 shows a collection flow module diagram of the present invention. The flow acquisition process for the novel power service terminal specifically comprises the following steps:
step one:
step 11, connecting the network probe in series to the device.
Step 12, configuring the network probe includes configuring network connection configuration: including IP address, subnet mask, gateway, etc.; network protocol configuration: configuration of protocols including TCP/IP, UDP, ICMP and the like; port configuration: the port number monitored by the probe equipment needs to be configured; and (3) data acquisition configuration: the data type and the acquisition frequency of the probe equipment are required to be configured; storing configuration: the method comprises the steps that the mode and the position of the probe equipment for storing collected data are required to be configured; alarm configuration: an alarm mode and a receiving person of the probe equipment when the abnormal condition is detected need to be configured; safety configuration: security policies of the probe device including access control, encryption, etc. need to be configured; system management configuration: the probe device management account number, password, log record, etc. need to be configured.
And 13, after the network probe is configured in the step 12, setting corresponding collected data packet types and filtering rules.
The probe device is connected to the network device via the network interface to capture the data packets, step 14.
In step 15, since there is a large difference between the measurement units (scales) of the numerical data of the different attribute features of the network traffic data, in order to eliminate such an effect, normalization processing is required for the features, so that the values of all the feature data can fall within the [0,1] interval, so as to be equally seen for each dimension of the features.
In step 16, in the feature normalization, x is a piece of flow data before normalization, min (x) is data of a minimum attribute in the flow data, and max (x) is data of a maximum attribute in the flow data. By means of feature normalization, the influence of unit and scale differences among the features of different attribute data can be eliminated, so that the influence degree of the different features on the network flow data is the same, and data analysis and classification can be performed more accurately. And storing the preprocessed data to a local server so as to carry out subsequent service flow characteristic identification extraction and analysis.
In order to analyze the service situation, a characteristic model of the service flow needs to be established to reflect the law of the change of the service flow along with time.
FIG. 3 shows a business feature extraction and analysis model diagram of the present invention. The process of extracting and analyzing the service characteristics of the data flow is as follows:
step two:
step 21: reading data traffic from the server begins.
Step 22: and establishing flow characteristic curves of different services through data flow, and obtaining the flow characteristic curves by adopting a mean value method.
Step 23: the service characteristic analysis part uses the service flow characteristic model to obtain the flow characteristic sequence of the port as a reference, fits the real-time flow curve and the service characteristic curve, and calculates the fitting value.
Step 24: by obtaining the fitting value at step 23, a judgment is made that the value should normally be within a certain range. When abnormal conditions occur in the traffic flow, the fitting value will change greatly.
Step 25: under normal conditions, the traffic of the service terminal has stronger periodicity, so that the average absolute percentage error between the traffic data and the service characteristic curve can be calculated through fitting the real-time traffic data and the service characteristic curve, and the difference of the two sequences is evaluated.
Step 26: for the fitting process described above, where T represents the current flow value and N represents the number of sequences within the time window T. The service characteristic analysis part uses the service flow characteristic model to obtain the flow characteristic sequence of the port as a reference, and fits the real-time flow curve and the service characteristic curve.
The LeNet-5 model is mainly composed of a convolution layer, a pooling layer and a full-connection layer, and the function of the convolution layer in the roll neural network is to extract sample characteristics through convolution operation. In convolutional neural networks, there are typically a plurality of convolutional layers, and the more basic the sample features learned by the earlier convolutional layers, the more advanced the features learned by the later convolutional layers. The previous convolution layer may learn the direction of the line by convolution, and the subsequent convolution layer may learn advanced features such as traffic class, traffic attribute, etc.
The purpose of the network model adopting the convolution layer is to extract and extract the service characteristics of the service terminal flow, and the dependency relationship between the service characteristics and each influence factor is as follows, the height of the convolution layer is set as h, the width is set as w, and k filters are all arranged. The LeakyReLU refers to a LeakyReLU loss function, and the LeakyReLU function is specifically described later; the output generated by the convolution operation of the current Filter is the weight of the current Filter to the input matrix, and the bias of the current Filter to the input matrix. The convolution calculation is carried out to generate an output matrix, k is the number of filters, and T is a vector with the length of T generated by the convolution operation of the input matrix through the Filter.
The convolution kernel carries out convolution on the sample according to a certain step length and a sliding window so as to achieve the purpose of extracting the characteristics, and then a characteristic diagram is generated. In the figure, the side length of a two-dimensional sample is 5, the side length of a convolution kernel is 3, and the side length of a finally generated characteristic is 3 when the step length is 1. We will find that the feature map generated is smaller in size than the original sample size. If one wants to make the feature map size as large as the original sample size, we only need to fill around the input sample during training, typically 0. Convolutional neural networks can be used in a wide range of applications, and it is the weights based on convolutional kernels that can also be learned. In the higher-level convolution layer, the desired feature can be extracted from the objective function without being limited to the detection range of the filter. In the structure of the convolutional neural network, a pooling layer is generally arranged behind the convolutional layer, and the pooling layer calculates a plurality of characteristics in a region to finally obtain a characteristic, so that redundant characteristics are removed, the number of the characteristics is greatly reduced, and the training speed of the model is further improved.
The addition of the pooling layer may increase the computational speed. There are several calculation modes of the pooling layer, and the most common is two kinds of maximum pooling and average pooling. Maximum pooling is the preservation of features with the greatest value in each pooled region, respectively, which preserves the most significant features. Average pooling is the averaging of the characteristics of the pooled portion, and this approach allows for feature balancing within the pooled region taking into account all of the characteristics. In practical selection, we can select a proper pooling calculation mode according to own requirements.
In the calculation process of pooling, some loss exists in the characteristics due to different selected pooling calculation modes, but the pooling is calculated by using the original characteristics, no additional introduced parameters are needed, and the overall effect change of the characteristics is small. The pooling layer can ensure the characteristic of constant translation and rotation of the features. The fully connected layer is typically located at the end of the overall network and may have one or several layers, for example, the LeNet-5 has two fully connected layers. And developing the advanced features learned by the multi-layer convolution, and taking the advanced features as basic features of classification to achieve the effect of classification.
FIG. 4 shows an image representation of the improved ReLU activation function in a LeNet-5 based model, with the training steps based on the LeNet-5 model as follows:
step three:
step 31: parameters in the LeNet-5 model were altered.
Step 32: modifying parameters of a C1 convolution layer, setting 4*2 of the convolution kernel of the C1 convolution layer, setting 1 step length and 6 feature maps, carrying out one-dimensional convolution operation on a 12 x 6 two-dimensional matrix to obtain a feature map with 8*6 size, and totally obtaining 288 neurons of the layer.
Step 33: the convolution is followed by pooling operation, which is defined as an S2 pooling layer, the size of the pooling layer is set to 2×2, the feature maps are set to 6, and the feature map with the size of 8*6 is maximized to obtain the feature map with the size of 7*3. The layer has a total of 7 x 3 x 6, i.e. 126 neurons.
Step 34: in LeNet-5, the trainable parameters of C3 are not directly connected to the feature map of S2 pooling layer, but are connected in a sparse sampling manner. The size of the C3 convolution kernel is set to be 2 x 2, the number of the feature images is set to be 10, and the feature images with the size of 5*2 are obtained after convolution operation is carried out on the feature images of 7*3.
Step 35: in this step, the pooling layer is defined as S4 and the size of the pooling layer is 2×2, the feature map is 16, and 4) the largest pooling operation is performed on the feature map of 4*2 size to obtain a feature map of 2*1 size, and the layer has 32 neurons in total.
Step 36: after step 305, a C5 full connection layer is further required, the size of the convolution kernel of C5 is set to 1*1, the feature maps of C5 are set to 150, and the feature maps of 2*1 are subjected to full connection operation to obtain a feature map of 120×1.
Step 37: at output, the neural network is classified using a Softmax logistic regression model, which is a generalization of logistic regression that deals with multiple traffic flow scenarios. In the Softmax logistic regression model, we used this classifier to distinguish between types (e.g., normal and abnormal).
Step 38: softmax logistic regression enables us to handle multi-class classification, K representing the number of classes.
Step 39: in back propagation, the neural network calculates the loss using a cross entropy loss function, the calculation formula of which is as follows:
wherein y is a sample tag, the sample tag representing an attack is 1, and the sample tag representing a normal is 0; a is predicted as the probability of a sample representing an anomaly.
According to the safety identification method of the novel electric power service terminal based on the LeNet-5 model, real-time flow data are acquired through adopting a network probe, the data are analyzed and stored in a server from bottom to top, a real-time feature column is acquired through a service feature extraction and analysis module, an optimized LeNet-5 model is used, and the optimal model applicable to the novel electric power service terminal is generated through continuous parameter adjustment and iterative training. The data sample of the novel power service terminal is trained through the action of the convolutional layer C1, the pooling layer S2, the convolutional layer C3, the pooling layer S4 and the two layers of full-connection layers on the flow data subjected to normalization processing by the LeNet-5 model, the result is compared with a normal sample, the service type of the current terminal and whether the current terminal is in an abnormal state or not can be known, and the safety of access of the power system terminal is effectively protected.
The above embodiments are merely examples of the present invention and are not intended to limit the present invention, and any modifications, equivalent substitutions, improvements, etc. made within the spirit and principle of the present invention are included in the scope of the present invention.
Claims (5)
1. A safety identification method of a novel electric power service terminal based on a LeNet-5 model is characterized by comprising the following steps:
step 1: acquiring sample data, acquiring real-time flow data through a network probe, analyzing the real-time flow data from bottom to top, and storing the real-time flow data into a server;
step 2: analyzing flow data in a server through a service characteristic processing and analyzing algorithm;
step 3: fitting the real-time flow data with a service characteristic curve, calculating an average absolute percentage error between the real-time flow data and the service characteristic curve, and comparing the difference between the real-time flow data and the service characteristic curve;
step 4: iterative training using a LeNet-5 based model.
2. The safety identification method of the novel electric power business terminal based on the LeNet-5 model according to claim 1, wherein the step 1 specifically comprises the following steps:
step 11: normalizing the data in the step 1;
step 12: the data in step 1 is input as an input component.
3. The safety identification method of the novel electric power service terminal based on the LeNet-5 model according to claim 1, wherein the step 2 specifically comprises the following steps:
step 21: collecting the number of categories to be learned;
step 22: traversal category number for= … m;
step 23: setting the height of the convolution layer as h, the width as w, and the output of the ith Filter after sweeping the input matrix X is:
h i =LeakyReLU(W i *X+b i ) (1)
step 24: modifying the parameters of the C1 convolution layer;
step 25: setting the size of an S2 pooling layer to 2 x 2 and setting the feature map to 6;
step 26: in LeNet-5, the trainable parameters of C3 are not directly connected to the feature map of S2 pooling layer, but are connected in a sparse sampling manner. The size of the C3 convolution kernel is set to 2 x 2, and the feature map is set to 10;
step 27: the size of the S4 pooling layer is 2 x 2, and the characteristic diagrams are 16;
step 28: finally, the convolution kernel size of the full connection layer C5 is set to 1*1, and the characteristic diagram of the C5 is set to 15
Step 29: and finally comparing the output result with the training set, and if the output result is abnormal, preventing the novel power terminal from being accessed.
4. The safety identification method of the novel electric power business terminal based on the LeNet-5 model according to claim 1, wherein the step 3 specifically comprises the following steps:
step 31: the improved LeakyReLU function is introduced, so that the rapid convergence rate of the ReLU function is maintained, and the occurrence of neuron inactivation is prevented.
Step 32: step 31, obtaining the number of categories i= … m;
step 33: in the Softmax logistic regression model, we used this classifier to distinguish between types (e.g., normal and abnormal). Softmax logistic regression enabled us to handle multi-class classification as follows:
y (i) ∈{0……k} (2)。
5. the safety identification method of the novel electric power business terminal based on the LeNet-5 model according to claim 1, wherein the step 4 specifically comprises the following steps:
step 41: when back propagation is performed, the neural network calculates loss by using a cross entropy loss function, and the calculation formula is shown as follows;
wherein y is a sample tag, the sample tag representing an attack is 1, and the sample tag representing a normal is 0; a is predicted as the probability of a sample representing an anomaly.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310699516.9A CN116938525A (en) | 2023-06-14 | 2023-06-14 | Novel electric power business terminal safety identification method based on LeNet-5 model |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310699516.9A CN116938525A (en) | 2023-06-14 | 2023-06-14 | Novel electric power business terminal safety identification method based on LeNet-5 model |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116938525A true CN116938525A (en) | 2023-10-24 |
Family
ID=88391587
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310699516.9A Pending CN116938525A (en) | 2023-06-14 | 2023-06-14 | Novel electric power business terminal safety identification method based on LeNet-5 model |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116938525A (en) |
-
2023
- 2023-06-14 CN CN202310699516.9A patent/CN116938525A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Muna et al. | Identification of malicious activities in industrial internet of things based on deep learning models | |
| Awotunde et al. | Intrusion Detection in Industrial Internet of Things Network‐Based on Deep Learning Model with Rule‐Based Feature Selection | |
| CN108566364B (en) | Intrusion detection method based on neural network | |
| CN111629006B (en) | Malicious flow updating method fusing deep neural network and hierarchical attention mechanism | |
| CN112804196A (en) | Log data processing method and device | |
| CN111669384B (en) | Malicious flow detection method integrating deep neural network and hierarchical attention mechanism | |
| De Assis et al. | Fast defense system against attacks in software defined networks | |
| CN113094707B (en) | Lateral movement attack detection method and system based on heterogeneous graph network | |
| CN111669385B (en) | Malicious traffic monitoring system fusing deep neural network and hierarchical attention mechanism | |
| CN110830467A (en) | Network suspicious asset identification method based on fuzzy prediction | |
| CN117156442B (en) | Cloud data security protection method and system based on 5G network | |
| Chen et al. | An effective metaheuristic algorithm for intrusion detection system | |
| CN115396204A (en) | Industrial control network flow abnormity detection method and device based on sequence prediction | |
| CN116318928A (en) | Malicious traffic identification method and system based on data enhancement and feature fusion | |
| Sun et al. | Intrusion detection system based on in-depth understandings of industrial control logic | |
| Binbusayyis | Hybrid VGG19 and 2D-CNN for intrusion detection in the FOG-cloud environment | |
| CN110650124A (en) | Network flow abnormity detection method based on multilayer echo state network | |
| CN116366319A (en) | Method and system for detecting network security | |
| CN116938525A (en) | Novel electric power business terminal safety identification method based on LeNet-5 model | |
| CN115643086A (en) | Unknown threat detection method based on deep neural network | |
| Osamor et al. | Deep learning-based hybrid model for efficient anomaly detection | |
| Manandhar | A practical approach to anomaly-based intrusion detection system by outlier mining in network traffic | |
| Izuazu et al. | Securing Critical Infrastructure: A Denoising Data-Driven Approach for Intrusion Detection in ICS Network | |
| Al-Harbi et al. | An Efficient Method for Detection of DDoS Attacks on the Web Using Deep Learning Algorithms | |
| Samadzadeh et al. | Detection of Denial-of-Service Attacks in Software-Defined Networking Based on Traffic Classification using Deep learning |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |