Abstract
Introduction: In recent years, the frequent occurrence of network security attacks in the power field has brought huge risks to the production, transmission, and supply of power systems, and Advanced Persistent Threat (APT) is a covert advanced network security attack, which has become one of the network security risks that cannot be ignored in the construction of new power systems. Objective: This study aims to resist the increasing risk of APT attacks in the construction of new power systems, this paper proposes an attack detection model based on Deep Packet Inspection (DPI) and Transformer. Methods: Firstly, we extracted 606 traffic characteristics from the original traffic data through the extended CIC Flowmeter and used them all to train the Transformer network. Then, we used the DPI-Transformer model and traffic labels to perform feature analysis on the traffic data and finally obtained the APT-Score. If the APT-Score is greater than the threshold, the alarm module is triggered. Results: By analyzing the headers and payloads of the network traffic in the APT-2020 dataset, the experimental results show that the detection accuracy of APT attacks by the DPI-Transformer detection model is significantly higher than that of the current mainstream APT attack detection algorithms. Conclusion: Combined with the characteristics of the new power system and APT attacks, this paper proposes an attack detection model DPI-Transformer, which proves that the model has greatly improved the detection accuracy.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: Recent Advances in Electrical & Electronic Engineering (Formerly Recent Patents on Electrical & Electronic Engineering)
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.