Abstract Scheduling data of power plant systems plays a pivotal role in grid security. In this paper, the intrusion detection model IDP-TSW is constructed by using deep learning technology, feature extraction of raw traffic data based on density peak clustering algorithm and control variable method, and the final classification is realized by softmax. After completing the intrusion detection, for the network malicious intrusion situation further proposed the security protection strategy selection model HMS-BAG based on the Bayesian attack graph, formalized the description of the protection strategy selection problem, and proposed the optimal security protection strategy selection algorithm based on PSO. In the network intrusion detection performance experiments, the performance of the IDP-TSW model proposed in this paper outperforms the Bi-LSTM and CNN+Bi-LSTM models in terms of accuracy, recall, and F1 value. The F1 values for determining normal and abnormal data are 96.57% and 95.75%, respectively, and the precision and recall are also higher than 94%. Detecting Generic and Reconnaissance attacks is more than 90% accurate, but Dos attacks and others are relatively absent. In the network security defense performance experiment, the proposed HMS-BAG model achieved a defense success rate of 94.2% and a defense gain of 170.68.
Read full abstract