Visible to the public An Attack Intention Recognition Method Based on Evaluation Index System of Electric Power Information System

TitleAn Attack Intention Recognition Method Based on Evaluation Index System of Electric Power Information System
Publication TypeConference Paper
Year of Publication2017
AuthorsGuan, X., Ma, Y., Hua, Y.
Conference Name2017 IEEE 2nd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)
Keywordsactual power system network security operation, attack confidence, attack evidence, attack graph, Attack Graphs, attack intent, attack intention recognition method, attack probability value, attack proficiency, attack sub-graphs, attack targets, attacker ability, attacker knowledge, attacker willingness, composability, current security technologies, diverse network protocols, electric power information system, graph theory, Indexes, Metrics, network attack graph, network intrusion detection system, node attack, parallel computing, Ports (Computers), power engineering computing, power information network system, Power system protection, power system security, pre-order attack path, probability, protection requirements, Protocols, pubcrawl, resilience, Resiliency, security, security evaluation index system, security of data, security protection configuration, telecommunication security, Tools, vulnerability exploit, vulnerability information

With the increasing scale of the network, the power information system has many characteristics, such as large number of nodes, complicated structure, diverse network protocols and abundant data, which make the network intrusion detection system difficult to detect real alarms. The current security technologies cannot meet the actual power system network security operation and protection requirements. Based on the attacker ability, the vulnerability information and the existing security protection configuration, we construct the attack sub-graphs by using the parallel distributed computing method and combine them into the whole network attack graph. The vulnerability exploit degree, attacker knowledge, attack proficiency, attacker willingness and the confidence level of the attack evidence are used to construct the security evaluation index system of the power information network system to calculate the attack probability value of each node of the attack graph. According to the probability of occurrence of each node attack, the pre-order attack path will be formed and then the most likely attack path and attack targets will be got to achieve the identification of attack intent.

Citation Keyguan_attack_2017