{"title":"基于攻击链知识图的电网信息网络内外交互异常检测框架","authors":"Qianqian Jin, Mingyan Li, Peng Gao, Yenjou Wang","doi":"10.1145/3548608.3559260","DOIUrl":null,"url":null,"abstract":"With the gradual opening of the interaction method between the internal and external network, how to effectively detect the attack for the internal network through the external network becomes more and more important. However, traditional security protection measures cannot well detect unknown attacks and multi-step attacks, which leads to a constant threat. This paper proposes a network security knowledge graph model based on an extended attack-chain, combined with a multi-layer anomaly detection system to detect the threat lurked in the network. Finally, the application of the multi-layer anomaly detection framework in the security protection for internal and external boundary of state grid information network is prospected.","PeriodicalId":201434,"journal":{"name":"Proceedings of the 2022 2nd International Conference on Control and Intelligent Robotics","volume":"361 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An Anomaly Detection Framework for Internal and External Interaction of Power Grid Information Network based on the Attack-chain Knowledge Graph\",\"authors\":\"Qianqian Jin, Mingyan Li, Peng Gao, Yenjou Wang\",\"doi\":\"10.1145/3548608.3559260\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the gradual opening of the interaction method between the internal and external network, how to effectively detect the attack for the internal network through the external network becomes more and more important. However, traditional security protection measures cannot well detect unknown attacks and multi-step attacks, which leads to a constant threat. This paper proposes a network security knowledge graph model based on an extended attack-chain, combined with a multi-layer anomaly detection system to detect the threat lurked in the network. Finally, the application of the multi-layer anomaly detection framework in the security protection for internal and external boundary of state grid information network is prospected.\",\"PeriodicalId\":201434,\"journal\":{\"name\":\"Proceedings of the 2022 2nd International Conference on Control and Intelligent Robotics\",\"volume\":\"361 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-06-24\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2022 2nd International Conference on Control and Intelligent Robotics\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3548608.3559260\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2022 2nd International Conference on Control and Intelligent Robotics","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3548608.3559260","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Anomaly Detection Framework for Internal and External Interaction of Power Grid Information Network based on the Attack-chain Knowledge Graph
With the gradual opening of the interaction method between the internal and external network, how to effectively detect the attack for the internal network through the external network becomes more and more important. However, traditional security protection measures cannot well detect unknown attacks and multi-step attacks, which leads to a constant threat. This paper proposes a network security knowledge graph model based on an extended attack-chain, combined with a multi-layer anomaly detection system to detect the threat lurked in the network. Finally, the application of the multi-layer anomaly detection framework in the security protection for internal and external boundary of state grid information network is prospected.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
