Meng Sun,Qi Wang,Jue He,Huailin Huang,Yu Huang,Xiaojie Shen,Yaohui Xiao,Suchun Fan

DOI: https://doi.org/10.1088/1742-6596/2290/1/012036

2022-01-01

Journal of Physics Conference Series

Abstract:Abstract Power system network is an important guarantee for the smooth operation of power enterprises. Considering the current automatic network vulnerability scanning method of power system, the detection rate of network vulnerability scanning is low due to its poor scheduling ability. Therefore, this paper designs a new automatic scanning method for network vulnerabilities in power system. According to the infrastructure of power system network vulnerability scanner, the power system web page interaction behavior recognition model is constructed to complete the power system web page interaction behavior recognition. On this basis, the power system network scanning scheduling algorithm is designed. Combined with genetic algorithm, the variation process of power system network vulnerabilities is determined, the power system network security situation is determined, the power system network scanning scheduling and vulnerability mining are realized, and the design of power system network leakage automatic scanning method is completed. The experimental link is constructed to verify this method. The verification shows that this method can effectively improve the detection rate of network vulnerability scanning and the efficiency of vulnerability scanning to a certain extent.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Yanmiao Zhang,Xiaoyu Ji,Yushi Cheng,Wenyuan Xu

DOI: https://doi.org/10.23919/ChiCC.2019.8866144

2019-01-01

Abstract:As a modern power transmission network, smart grid connects abundant terminal devices and plays an important role in our daily life. However, along with its growth are the security threats. Different from the separated environment previously, an adversary nowadays can destroy the power system by attacking its terminal devices. As a result, it's critical to ensure the security and safety of terminal devices. To achieve it, detecting the pre-existing vulnerabilities in the terminal program and enhancing its security, are of great importance and necessity. In this paper. we introduce Cker, a novel vulnerability detection tool for smart grid devices, which generates an program model based on device sources and sets rules to perform model checking. We utilize the static analysis to extract necessary information and build corresponding program models. By further checking the model with pre-defined vulnerability patterns, we achieve security detection and error reporting. The evaluation results demonstrate that our method can effectively detect vulnerabilities in smart devices with an acceptable accuracy and false positive rate. In addition, as Cker is realized by pure python. it can be easily scaled to other platforms.

Ruiwen He,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei250167.2020.9346835

2020-01-01

Abstract:With the development of information technology and Power Internet of Things, the increasing number of networked terminals presents new network security threats. Industrial control equipment and systems have vulnerabilities in hardware, software and firmware, and advanced persistent threat against ICS has become more complex and diverse. However, most of the research are aimed at the detection of single vulnerability, and lack attack mechanism analysis and threat assessment for attack chain. We proposed a threat assessment method based on vulnerability descriptive text and described the attributes of attack samples according to the classification results in attack targets, methods and consequences. We constructed attack graphs based on attack sample attributes and cyber-physical topology to quantitatively evaluate the feasibility and benefits of each attack path from vulnerability capabilities and the impact of devices in the physical world. Finally, we took the substation device status monitoring system as an example to verify the feasibility of this method.

Bocheng Zhang,Liang Chen,Jie Li

DOI: https://doi.org/10.1109/CBFD52659.2021.00048

2021-04-01

Abstract:At present, there are some security risks existing in power web system, such as large number of systems, low efficiency of vulnerability identification, poor intelligence level of vulnerability penetration and so on. To solve the problems, this paper studies parallel crawler and multithreaded crawler scanning technology to effectively improve the code and data crawling speed of power web system, so as to improve the efficiency of vulnerability scanning identification. Furthermore, the paper studies the decision-making selection technology of vulnerability feature pattern recognition and vulnerability intelligent detection model of power web system based on LSTM, breaks through the key technologies of semi-automatic outlier sample detection and intelligent vulnerability location and identification, effectively improves the efficiency of vulnerability location and identification, and reduces the labor cost in the process of data processing. Then, based on neural network algorithm, combined with expert experience and exploitation characteristics, the combination rules of parallel and chain are trained. Finally, the deep neural network algorithm is used to judge the feasibility of vulnerability exploitation path, eliminate those paths that cannot be successfully attacked, and improve the success of vulnerability exploitation, so as to improve the ability of intelligent discovery of vulnerability risks.

Engineering,Computer Science

Xueshuai Ge,Tieming Liu,Yaobin Xie,Yuanyuan Zhang

DOI: https://doi.org/10.1117/12.2683413

2023-01-01

Abstract:The mining and exploitation of security vulnerabilities have always been the focus of offensive and defensive confrontations. In recent years, with the application of technologies such as fuzzing in vulnerability mining, the number of discovered vulnerabilities continues to increase, which seriously threatens the security of the network world. With so many vulnerabilities, it is unrealistic to rely solely on manual analysis by security experts, which is not only costly, but also time-consuming, and cannot meet the needs of vulnerability assessment and defense. Therefore, an automated exploit solution for vulnerabilities is urgently needed to solve the problem of low efficiency of manual vulnerability assessment. Existing research has proposed some solutions and achieved certain results. The purpose of this paper is to review and analyze the existing typical research results.

Chen Weihua,Jiang Quanyuan,Cao Yijia

DOI: https://doi.org/10.1109/ipec.2005.207004

2005-01-01

Abstract:With the increasing utilization of HVDC system, security assessment of HVDC system has become a hot topic. This paper presents a novel approach using the framework of vulnerability to assess HVDC system security. First, equivalent models of HVDC systems, based on Markov model and logical diagram, are built to solve "dimension disaster" problem. Second, the risk index is used as an indicator of the level of security, and its sensitivity to a changing system parameter is used as an indicator of its trend. These two indicators are combined to determine the degree of HVDC system vulnerability to contingent disturbances. Finally, artificial neural network (ANN) is applied to the fast pattern recognition and classification of system vulnerability status. A case of Gezhouba-Shanghai HVDC system in China is presented to verify correctness and effectiveness of the approach.

Zhengshuang Shi

DOI: https://doi.org/10.1088/1742-6596/2033/1/012175

2021-09-01

Journal of Physics: Conference Series

Abstract:Web is an area of continuous development and innovation every year. It not only changes the way people deal with personal, social contact and business, but also ushers in new opportunities in the era of Internet. Network security develops rapidly. Web security also needs new methods to solve. Machine learning technology is used to detect attacks, and its algorithm model is used to predict attacks. This kind of method that can automatically update the module to adapt to the new attack can greatly reduce the manpower consumption. This paper sorts out the methods of mining typical web attack vulnerabilities using machine learning. The future development trend is given.

CAO Jing,CHEN Lushen,QIU Jian,WANG Huifang,YING Gaoliang,ZHANG Bo

DOI: https://doi.org/10.13335/j.1000-3673.pst.2016.1044

2017-01-01

Abstract:Power grid enterprises have large amounts of equipment defect texts in Chinese, containing important reliability information. It is of low efficiency and uncertain accuracy to mine information hiding behind the texts manually. Taking transformer defect texts as study object, after analyzing text characteristics, a defect text mining model is established based on semantic framework. The model provides a new technology for unstructured data mining in power grid domain because it solves problems of segmenting sentence elements of defect texts and extracting digital information precisely. Firstly, defect texts are pretreated based on established ontology thesaurus, such as segmentation and feature extraction. Then, power semantic framework and semantic slots are defined, process of slot-filling and semantic framework construction is raised, and ontology dictionary is auto-perfected by merging word series. Finally, application of defect text mining results in statistical reliability is studied. Example shows that the proposed mining technology is feasible and effective when applied to automatic classification and statistics of grid defect.

Chao Wang,Tianyu Ren,Qun Li,Xiaohu Wang,Guangxin Guo,Jiahan Dong

DOI: https://doi.org/10.1088/1757-899x/750/1/012155

2020-02-01

IOP Conference Series: Materials Science and Engineering

Abstract:Abstract With the development of computer technology and communication technology, computer network will increasingly become an important means of information exchange, and permeate into every field of social life. However, the network has the potential threat and the reality existence each kind of security question, therefore we must take the strong security policy to ensure the network security. The purpose of this paper is to study the network computer security hidden trouble and vulnerability mining technology. In this paper, the types of security hidden dangers are analyzed, and the vulnerability detection technology Fuzzing technology is deeply studied. Then, the inspection and test time is analyzed for the existing vulnerability detection tools. The experimental results prove that vulnerability detection technology can protect network security with high efficiency of vulnerability detection. In this paper, three vulnerability detection tools WS Fuzzer, Web Fuzz and Webvul Scan were used to analyze the detection time of open source system, personal blog, shopping mall and forum. The average detection time was 1.9s, 8.7s, 20.5s and 59.7s, respectively. It can be seen that the vulnerability mining technology has a certain practical role.

CHEN Wei-hua,JIANG Quan-yuan,CAO Yi-jia,HAN Zhen-xiang

DOI: https://doi.org/10.3321/j.issn:1000-3673.2005.04.004

2005-01-01

Abstract:Based on probability theory the risk theory was applied to the vulnerability assessment of power system. Here, the power system was defined as a vulnerable system and a set of risk indices to assess the power system vulnerability and corresponding algorithm were built, thus the defects of traditional determinsistic security assessment method, which cannot satisfy the requirement of electricity market and complicated power grid, could be overcome. On this basis, a risk theory and risk indices based power system vulnerability assessment software was developed. Taking the New England test system for example, the effectiveness and advanced property of the presented method were proved.

Peiyue Ma,Liehuang Zhu,Chuan Zhang

DOI: https://doi.org/10.1109/icipca61593.2024.10709035

2024-01-01

Abstract:In recent years, with the continuous development of computer technology, Internet of Things (IoT) technology has been widely used in various fields and has played an important role in various industries. The Internet of Things is responsible for information transmission and storage, and once there are network security issues, it will bring huge disasters to various industries. Detecting vulnerabilities in the Internet of Things is an urgent problem that needs to be addressed. In order to improve the efficiency of IoT vulnerability detection, this paper designs an IoT vulnerability mining solution based on the LSTM algorithm. The designed artificial intelligence IoT vulnerability mining algorithm uses deep learning for identification, and this framework includes steps such as data collection, data learning, and data detection. The results show that after comparing three models: LSTM, SeqGAN, and WGAN, the LSTM algorithm exhibits the highest accuracy.

Wei Hu,Xianxu Li,Xueqin Gao,Tao Shang,Penglin Hou,Da Li

DOI: https://doi.org/10.1109/ei252483.2021.9713546

2021-01-01

Abstract:Large-scale blackouts are often caused by cascading failures. When some components in the power system fail, they often spread and eventually cause serious accidents. Therefore, the analysis and research on the vulnerable parts of power system can help improve the overall robustness of power grid. Based on the N-1 safety test of power system, correlation matrix is constructed to quantify the relationship between different lines. We construct a directed weighted correlation network which can consider both static topology and dynamic power flow information of power system. For the correlation network, Infomap community discovery algorithm is used to divide the grid community, and the interaction between different power system components is visualized to obtain the community with the highest vulnerability level. Finally, we adopt cascading failures simulation and find that almost all the fault chains appear in the communities with the highest vulnerability. Therefore, the correlation network obtained by N-1 security test can dig out the scope of chain faults, which provides guidance for the rapid identification of vulnerable components in power grid.

张恺伦,江全元

2013-01-01

Abstract:With the promotion and application of wide area measurement systems (WAMS) in power system, the security of its communication system is attracting a growing body of research. To analyze the vulnerability of WAMS communication infrastructures when facing network intrusions, an assessing method of vulnerability based on attack tree model is proposed. First, the attack tree model of WAMS communication system is established, which directly reflects the intrusion scenarios when the system is maliciously attacked. Second, a more reasonable assessing method for the vulnerability of passwords and ports is proposed, as well as the vulnerability of the system with all scenarios taken into consideration. Finally, the paper puts forth the concept of vulnerability sensitivity, which can quantitatively evaluate the effect of changes in the leaf vulnerability on the system, so as to find out the critical port.

Zhang Kai-lun,Tang Quan,Zhang Hong-gang

DOI: https://doi.org/10.1109/ispec50848.2020.9351155

2020-01-01

Abstract:With the promotion and application of wide area measurement systems (WAMS) in the Energy Internet, the security of its communication system is attracting a growing body of research. To analyze the vulnerability of WAMS communication infrastructures when facing network intrusions, an assessing method of vulnerability based on attack tree model is proposed. First, the attack tree model of WAMS communication system is established, which directly reflects the intrusion scenarios when the system is maliciously attacked. Second, a more reasonable assessing method for the vulnerability of passwords and ports is proposed, as well as the vulnerability of the system with all scenarios taken into consideration. Finally, the paper puts forth the definition of vulnerability sensitivity, which can quantitatively evaluate the effects of changes in the leaf vulnerability on the system, so as to find out the critical port.

Ning Qi,Lin Cheng,Jiang Yi,Luo Jinshan,Sun Ke,Wang Dan,W.C. Wang,Sun Wentao

DOI: https://doi.org/10.1109/ispec48194.2019.8974894

2019-01-01

Abstract:Vulnerability assessment is the key to the security and stability analysis of power system. During the operation of power grid, the fault risk of electrical equipment is not fixed because of the influence of system operating conditions, operating environment and equipment itself, so the vulnerability of power system will also be changeable. Based on the existing research results of complex network theory, a vulnerability assessment method considering operational reliability is proposed in this paper. Firstly, the basic idea of reliability weighted vulnerability assessment is introduced. Then HITS algorithm and PageRank algorithm will be used to analyze the basic vulnerability of power grid topology. Moreover, the vulnerability index of power grid considering reliability weighted is calculated. Finally, numerical analysis focusing on the difference between basic and improved assessment method is tested in IEEE RTS-79 system, and the preventive planning suggestions will be given based on the vulnerability assessment results.

Tianlei Zang,Zian Wang,Xiaoguang Wei,Yi Zhou,Jiale Wu,Buxiang Zhou

DOI: https://doi.org/10.3390/en16186509

IF: 3.2

2023-09-10

Energies

Abstract:The increasing factors of uncertainty faced by the system are due to the deep coupling of the electric power cyber network and the physical network. Consequently, ensuring the efficient, secure, and stable operation of the cyber–physical power system (CPPS) has become a key concern. To achieve this, vulnerability assessment plays a crucial role, as it identifies and protects the vulnerable points of the system. The application of complex network theory to assess the vulnerability of CPPSs has garnered significant attention from scholars. This paper delves into the research connotation of vulnerability assessment for CPPSs, starting with the origin, definition, and classification of vulnerability. Subsequently, the assessment framework of vulnerability based on complex network theory is presented, and the status of current domestic and international research in this field is summarized. Furthermore, the interrelationship between system vulnerability and cascading failures is analyzed from the perspective of complex network theory. In conclusion, the ideas of CPPS coupling modeling in vulnerability assessment are summarized, the concept of situation awareness is introduced, and a prospective approach for dynamic vulnerability assessment is proposed. This approach is based on situation awareness combined with complex network theory. Security protection and optimal operation of CPPSs based on vulnerability assessment are also discussed, along with the assessment of vulnerability within integrated energy cyber–physical systems (IECPSs).

energy & fuels

Bin Wang,Wenxin Guo,Tianen Huang,Ganghong Wang

DOI: https://doi.org/10.1109/powercon.2018.8601754

2018-01-01

Abstract:The framework of a power grid crucial interface and security knowledge automatic discovery system is proposed in this paper. By accessing the online operation status data, the proposed system can automatically discover crucial interfaces and generate the detailed total transmission capacity (TTC) expressions online, which are regarded as power system security knowledge, by using data-mining techniques and self-learning methods based on high performance computing platform. The core functions of the proposed framework include automatic discovery of crucial power flow interfaces, calculation of TTC for these interfaces, big data and high performance simulation, feature selection, automatic discovery of detailed expressions of TTC online, etc. This system has been applied to Guangdong Power Grid and several merits of it have been proved: the security operation knowledge can be generated every 15 minutes which is fast enough for real-time application; the proposed system can outperform the previous knowledge discovery system based on operation experts as well as improve the efficiency significantly. This system can be trained as an automatic operator and it is a promising humanitarian technology to keep the power grid in safe and stable status.

Yongzhen Li,Gaolong Wang

DOI: https://doi.org/10.1109/ISAIEE57420.2022.00089

2022-12-01

Abstract:With the rapid development of the internet in China, we are dealing with web sites all the time, but with this comes the increasing vulnerability of various web applications. The vulnerability of web applications can be used to steal information, account theft and fraud, threatening the security of web applications. Therefore, the security detection of web applications is particularly important. This paper introduces the background of today's web application scanning technology, analyses the importance of securing web sites, and focuses on the history and future development trends of web application vulnerability scanning at home and abroad. The system is based on the OWASP Top 10 vulnerabilities of SQL injection and XSS, which have a large impact. By analysing the risks and principles of these two vulnerabilities, a scanning system is designed to run on the Windows platform.

Computer Science

Jian Ding,Chunyi Lu,Bo Li

DOI: https://doi.org/10.1007/s11265-022-01741-y

2022-03-08

Journal of Signal Processing Systems

Abstract:Power systems are playing an unsubstitutable role in industrial production and inhabitant life. With the deepening of integration process over industrialization and informatization in the field of power systems, an increasing number of industrial control devices (e.g., PLC, SCADA) are exposing in the Internet, which are attracting more and more attention from attackers and malicious communities as the great values. It is crucial for organizations to monitor and evaluate the security situation of power systems. In this paper, we propose a data-driven based security situation awareness towards power systems, which can monitor and evaluate the security situations in power systems and send warnings to organizations when the system encounters suspicious threats. Specifically, the proposed framework continuously collects public data related to electric safety and scan for the power control devices exposed on the Internet to grasp the security landscape of power systems around the world. We then deploy an extensible honeypot system in the real environment to real-time perceive the internal security situation of power systems. Finally, we leverage a graph structure to fuse the cyber threats inside and outside the power system for capturing a comprehensive security awareness of power systems. Experimental results show that our framework can detect system threats in real time and protect it from penetration and intrusion effectively.