摘要
稳定、可靠的信息通信系统对电力系统的安全运行至关重要,而信息通信系统运行过程中产生的海量日志数据中隐藏着大量的安全信息,如何运用日志分析技术实现对系统运行状态和用户行为的监视,成为目前的一个难点问题。在此背景下,文章首先构造了动态时间阈值和属性相异度相结合的归并方法对海量日志进行数据预处理,获得日志数据的有效信息;然后,运用改进FP-Growth算法实现对日志数据的关联分析和预警;最后,设计并开发了一套基于日志分析的电力信通网络安全预警系统,该预警系统可对信息通信系统中不同设备的日志进行采集和统一管理,实现对信息通信系统的威胁检测和安全预警。
A stable and reliable information communication system is essential for the safe operation of a power system.A large amount of security information is hidden in the massive log data generated during the operation of the information communication system.How to use log analysis technology to monitor the running status and user behavior of the system has become a difficult problem at present.In this context,this paper designs a power communication network security early warning system.Firstly,data preprocessing is performed on the massive logs to obtain valid information of the log data,in which a combination method of dynamic time threshold and attribute dissimilarity is constructed.Secondly,the improved FP-Growth algorithm is used to achieve correlation analysis and early warning of log data.Finally,the early warning system is designed which can collect and manage the logs of different devices in the information communication system.Through this system,threat detection and security warning for'information communication systems are realized.
作者
李刚
陈怡潇
黄沛烁
李洋
阎立
薛泓林
LI Gang;CHEN Yixiao;HUANG Peishuo;LI Yang;YAN Li;XUE Honglin(School of Control and Computer Engineering,North China Electric Power University,Baoding 071003,China;Information Communication Branch of State Grid Shanxi Electric Power Company,Taiyuan 030001,China)
出处
《电力信息与通信技术》
2018年第12期1-8,共8页
Electric Power Information and Communication Technology
基金
国家自然科学基金(51407076)
中央高校基本科研业务费专项资金(2018MS075)
国网山西省电力公司信息通信分公司科技项目(基于大数据分析的电力通信移动运维系统应用研究)
关键词
日志分析
数据挖掘
安全预警
关联分析
log analysis
data mining
security early warning
correlation analysis
