新型电力系统数据跨域流通泛安全边界防护技术

郭少勇, 刘岩, 邵苏杰, 臧志斌, 杨超, 亓峰

郭少勇, 刘岩, 邵苏杰, 臧志斌, 杨超, 亓峰. 新型电力系统数据跨域流通泛安全边界防护技术[J]. 电力系统自动化, 2024, 48(6): 96-111.
引用本文: 郭少勇, 刘岩, 邵苏杰, 臧志斌, 杨超, 亓峰. 新型电力系统数据跨域流通泛安全边界防护技术[J]. 电力系统自动化, 2024, 48(6): 96-111.
GUO Shaoyong, LIU Yan, SHAO Sujie, ZANG Zhibin, YANG Chao, QI Feng. Ubiquitous Security Boundary Protection Technology for Cross-domain Data Circulation in New Power System[J]. Automation of Electric Power Systems, 2024, 48(6): 96-111.
Citation: GUO Shaoyong, LIU Yan, SHAO Sujie, ZANG Zhibin, YANG Chao, QI Feng. Ubiquitous Security Boundary Protection Technology for Cross-domain Data Circulation in New Power System[J]. Automation of Electric Power Systems, 2024, 48(6): 96-111.

新型电力系统数据跨域流通泛安全边界防护技术

基金项目: 

国家重点研发计划资助项目(2022YFB3105102)~~

详细信息
    作者简介:

    郭少勇(1985—),男,博士,教授,博士生导师,主要研究方向:工业互联网网络管控、电力物联网。E-mail:syguo@bupt.edu.cn;刘岩(1999—),男,博士研究生,主要研究方向:在网安全计算、电力数据安全。E-mail:lewan@bupt.edu.cn邵苏杰(1985—),男,博士,副教授,主要研究方向:电力通信网、边缘计算。E-mail:buptssj@bupt.edu.cn

  • 中图分类号: TM73;TP309.2

Ubiquitous Security Boundary Protection Technology for Cross-domain Data Circulation in New Power System

Funds: 

supported by National Key R&D Program of China (No. 2022YFB3105102)

  • 摘要: 新型电力系统建设涉及多业务系统、多部门、多方主体间进行海量、异构数据的交互和共享,电力数据的内外部网络环境与安全形势日趋复杂化,数据流通的脆弱性风险加剧。首先,分析新型电力系统下数据流的类型与特性,概括电力数据流通安全防护面临的新形势;其次,基于专用数据处理器(DPU)的高性能流量编排和多功能安全网关能力,构建面向电力数据跨域流通安全增强的泛安全边界,凭借数据面可编程技术沟通网络安全与数据安全双维度安全能力,提出基于DPU的数据跨域流通协同防护技术应用方案;最后,阐释DPU在不同电力通信网络层次的部署方式、价值与关键技术,分析现阶段DPU在电力领域应用存在的挑战。
    Abstract: The construction of the new power system involves interaction and sharing of massive and heterogeneous data among multiple business systems, departments, and agents. The internal and external network environment and security situation of power data are becoming increasingly complex, and the vulnerability risk of data circulation increases. First, this paper analyzes the types and characteristics of data flow in the new power system, and summarizes the new situation faced by the security protection of power data circulation. Then, based on the high-performance traffic orchestration and multifunctional security gateway capabilities of the data processing unit(DPU), the ubiquitous security boundary is constructed to enhance the security of power data cross-domain circulation. With the help of data-plane programmable technology, the dual-dimension security capabilities of network security and data security are communicated, and a DPU-based application scheme of collaborative protection technology for the cross-domain data circulation is proposed. Finally, this paper explains the deployment methods, values, and key technologies of DPU at different levels of power communication networks, and analyzes the challenges of DPU application in the power industry at present.
  • [1] 王彩霞,时智勇,梁志峰,等.新能源为主体电力系统的需求侧资源利用关键技术及展望[J].电力系统自动化,2021,45(16):37-48.

    WANG Caixia, SHI Zhiyong, LIANG Zhifeng, et al. Key technologies and prospects of demand-side resource utilization for power systems dominated by renewable energy[J]. Automation of Electric Power Systems, 2021, 45(16):37-48.

    [2] 白昱阳,黄彦浩,陈思远,等.云边智能:电力系统运行控制的边缘计算方法及其应用现状与展望[J].自动化学报,2020,46(3):397-410.

    BAI Yuyang, HUANG Yanhao, CHEN Siyuan, et al. Cloudedge intelligence:status quo and future prospective of edge computing approaches and applications in power system operation and control[J]. Acta Automatica Sinica, 2020, 46(3):397-410.

    [3] 周劼英,张晓,邵立嵩,等.新型电力系统网络安全防护挑战与展望[J].电力系统自动化,2023,47(8):15-24.

    ZHOU Jieying, ZHANG Xiao, SHAO Lisong, et al. Challenges and prospects of cyber security protection for new power system[J]. Automation of Electric Power Systems, 2023, 47(8):15-24.

    [4] 张振峰,张志文,王睿超.网络安全等级保护2.0云计算安全合规能力模型[J].信息网络安全,2019(11):1-7.

    ZHANG Zhenfeng, ZHANG Zhiwen, WANG Ruichao. Model of cloud computing security and compliance capability for classified protection of cybersecurity 2.0[J]. Netinfo Security,2019(11):1-7.

    [5] 吴亦贝,李俊娥,陈汹,等.大规模可控负荷被恶意控制场景下配电网风险分析[J].电力系统自动化,2018,42(10):30-37.

    WU Yibei, LI Jun’e, CHEN Xiong, et al. Risk analysis of distribution network with large-scale controllable loads with attacks[J]. Automation of Electric Power Systems, 2018, 42(10):30-37.

    [6] 杨挺,翟峰,赵英杰,等.泛在电力物联网释义与研究展望[J].电力系统自动化,2019,43(13):9-20.

    YANG Ting, ZHAI Feng, ZHAO Yingjie, et al. Explanation and prospect of ubiquitous electric power Internet of Things[J].Automation of Electric Power Systems, 2019, 43(13):9-20.

    [7] 李钦豪,张勇军,陈佳琦,等.泛在电力物联网发展形态与挑战[J].电力系统自动化,2020,44(1):13-22.

    LI Qinhao, ZHANG Yongjun, CHEN Jiaqi, et al. Development patterns and challenges of ubiquitous power Internet of Things[J]. Automation of Electric Power Systems, 2020, 44(1):13-22.

    [8] 赵仕策,赵洪山,寿佩瑶.智能电力设备关键技术及运维探讨[J].电力系统自动化,2020,44(20):1-10.

    ZHAO Shice, ZHAO Hongshan, SHOU Peiyao. Discussion on key technology and operation&maintenance of intelligent power equipment[J]. Automation of Electric Power Systems, 2020, 44(20):1-10.

    [9] 盛戈皞,钱勇,罗林根,等.面向新型电力系统的数字化电力设备关键技术及其发展趋势[J].高电压技术,2023,49(5):1765-1778.

    SHENG Gehao, QIAN Yong, LUO Lingen, et al. Key technologies and development trends of digital power equipment for new type power system[J]. High Voltage Engineering,2023, 49(5):1765-1778.

    [10] 周峰,周晖,刁赢龙.泛在电力物联网智能感知关键技术发展思路[J].中国电机工程学报,2020,40(1):70-82.

    ZHOU Feng, ZHOU Hui, DIAO Yinglong. Development of intelligent perception key technology in the ubiquitous Internet of Things in electricity[J]. Proceedings of the CSEE, 2020, 40(1):70-82.

    [11] 王成山,李鹏,于浩.智能配电网的新形态及其灵活性特征分析与应用[J].电力系统自动化,2018,42(10):13-21.

    WANG Chengshan, LI Peng, YU Hao. Development and characteristic analysis of flexibility in smart distribution network[J]. Automation of Electric Power Systems, 2018, 42(10):13-21.

    [12] 吴凯.基于调控数据分析的电网调控人工智能关键技术研究[J].电力信息与通信技术,2022,20(6):69-74.

    WU Kai. Research on key technologies of artificial intelligence for power grid dispatching and control based on dispatching and control data analysis[J]. Electric Power Information and Communication Technology, 2022, 20(6):69-74.

    [13] 葛磊蛟,刘航旭,孙永辉,等.智能配电网多元电力用户群体特性精准感知技术综述[J].电力系统自动化,2023,47(20):174-191.

    GE Leijiao, LIU Hangxu, SUN Yonghui, et al. Review on accurate awareness technology for characteristics of diversified power user groups in smart distribution network[J]. Automation of Electric Power Systems, 2023, 47(20):174-191.

    [14] 宋关羽,于川航,冀浩然,等.考虑量测数据质量的集成储能智能软开关数据驱动电压控制[J].电力系统自动化,2023,47(6):90-100.

    SONG Guanyu, YU Chuanhang, JI Haoran, et al. Data-driven voltage control of energy storage integrated soft open point considering quality of measurement data[J]. Automation of Electric Power Systems, 2023, 47(6):90-100.

    [15] 曾鸣,舒彤,李冉,等.能源互联网背景下可交易能源实施的关键问题及展望[J].电力建设,2018,39(2):1-9.

    ZENG Ming, SHU Tong, LI Ran, et al. Key problems and prospects of transactive energy implementation under energy Internet[J]. Electric Power Construction, 2018, 39(2):1-9.

    [16] 李建林,牛萌,周喜超,等.能源互联网中微能源系统储能容量规划及投资效益分析[J].电工技术学报,2020,35(4):874-884.

    LI Jianlin, NIU Meng, ZHOU Xichao, et al. Energy storage capacity planning and investment benefit analysis of microenergy system in energy interconnection[J]. Transactions of China Electrotechnical Society, 2020, 35(4):874-884.

    [17] 韩肖清,李廷钧,张东霞,等.双碳目标下的新型电力系统规划新问题及关键技术[J].高电压技术,2021,47(9):3036-3046.

    HAN Xiaoqing, LI Tingjun, ZHANG Dongxia, et al. New issues and key technologies of new power system planning under double carbon goals[J]. High Voltage Engineering, 2021, 47(9):3036-3046.

    [18] 康重庆,杜尔顺,李姚旺,等.新型电力系统的“碳视角”:科学问题与研究框架[J].电网技术,2022,46(3):821-833.

    KANG Chongqing, DU Ershun, LI Yaowang, et al. Key scientific problems and research framework for carbon perspective research of new power systems[J]. Power System Technology, 2022, 46(3):821-833.

    [19] 严康,陆艺丹,于宗超,等.配电网用户侧异构电力物联设备运行安全管控分析[J].电力系统自动化,2023,47(8):53-61.

    YAN Kang, LU Yidan, YU Zongchao, et al. Analysis on operation security management and control for user-side heterogeneous power Internet-of-Things devices in distribution network[J]. Automation of Electric Power Systems, 2023, 47(8):53-61.

    [20] 孙浩洋,张冀川,王鹏,等.面向配电物联网的边缘计算技术[J].电网技术,2019,43(12):4314-4321.

    SUN Haoyang, ZHANG Jichuan, WANG Peng, et al. Edge computation technology based on distribution Internet of Things[J]. Power System Technology, 2019, 43(12):4314-4321.

    [21] 刘念,余星火,王剑辉,等.泛在物联的配用电优化运行:信息物理社会系统的视角[J].电力系统自动化,2020,44(1):1-12.

    LIU Nian, YU Xinghuo, WANG Jianhui, et al. Optimal operation of power distribution and consumption system based on ubiquitous Internet of Things:a cyber-physical-social system perspective[J]. Automation of Electric Power Systems, 2020,44(1):1-12.

    [22] 严康,陆艺丹,于宗超,等.配电网用户侧异构电力物联设备安全研究综述及展望[J].电力自动化设备,2023,43(3):146-158.

    YAN Kang, LU Yidan, YU Zongchao, et al. Review and prospect of research on security of user-side heterogeneous power IoT devices in distribution network[J]. Electric Power Automation Equipment, 2023, 43(3):146-158.

    [23] 李秋燕,王利利,张艺涵,等.能源互联网多能流的耦合模型及动态优化方法综述[J].电力系统保护与控制,2020,48(19):179-186.

    LI Qiuyan, WANG Lili, ZHANG Yihan, et al. A review of coupling models and dynamic optimization methods for energy Internet multi-energy flow[J]. Power System Protection and Control, 2020, 48(19):179-186.

    [24] 刘晓华,杨成月,徐茹枝,等.基于强化学习的智能电网多接入边缘计算的位置隐私保护[J].电力信息与通信技术,2023,21(1):47-53.

    LIU Xiaohua, YANG Chengyue, XU Ruzhi, et al. Location privacy protection of smart grid MEC based on reinforcement learning[J]. Electric Power Information and Communication Technology, 2023, 21(1):47-53.

    [25] 赵丙镇,陈智雨,闫龙川,等.基于区块链架构的电力业务交易数据隐私保护[J].电力系统自动化,2021,45(17):20-26.

    ZHAO Bingzhen, CHEN Zhiyu, YAN Longchuan, et al.Privacy protection of power business transaction data based on blockchain framework[J]. Automation of Electric Power Systems, 2021, 45(17):20-26.

    [26] 彭婧,尹立夫,王洲,等.电力数据脱敏安全防护体系[J].计算机应用,2022,42(增刊1):191-194.

    PENG Jing, YIN Lifu, WANG Zhou, et al. Safety protection system for power data desensitization[J]. Journal of Computer Applications, 2022, 42(Supplement 1):191-194.

    [27] 吉斌,昌力,朱丽叶,等.区块链系统节点私钥泄露的电力数据防篡改方法与验证机制设计[J].电力自动化设备,2021,41(12):87-94.

    JI Bin, CHANG Li, ZHU Liye, et al. Anti-tampering method and verification mechanism design of power data for private key leakage of node in blockchain system[J]. Electric Power Automation Equipment, 2021, 41(12):87-94.

    [28] 刘雪艳,张强,李战明,等.面向智能电网通信系统的数据聚合和访问控制方法[J].电力系统自动化,2016,40(14):135-144.

    LIU Xueyan, ZHANG Qiang, LI Zhanming, et al. Data aggregation and access control method for communication system of smart grid[J]. Automation of Electric Power Systems, 2016, 40(14):135-144.

    [29] 张岚,王献军,程勇.基于数据特征的电力数据隐私保护模型研究[J].电气自动化,2022,44(6):57-59.

    ZHANG Lan, WANG Xianjun, CHENG Yong. Research on power data privacy protection model based on data features[J].Electrical Automation, 2022, 44(6):57-59.

    [30] 高晗,李正烁.具有完全隐私保护的电-气综合能源系统分布式协同算法[J].电力系统自动化,2023,47(8):71-79.

    GAO Han, LI Zhengshuo. Full privacy-preserving decentralized coordination algorithm for integrated electricity-gas energy systems[J]. Automation of Electric Power Systems, 2023, 47(8):71-79.

    [31] 蒲天骄,杜帅,李烨,等.面向隐私保护基于联邦强化学习的分布式电源协同优化策略[J].电力系统自动化,2023,47(8):62-70.

    PU Tianjiao, DU Shuai, LI Ye, et al. Collaborative optimization strategy of distributed generators based on federated reinforcement learning for privacy preservation[J].Automation of Electric Power Systems, 2023, 47(8):62-70.

    [32] 林楠,左黎明,陈祚松.适用于电力WSN数据传输的短签名方案[J].计算机工程与设计,2019,40(12):3388-3393.

    LIN Nan, ZUO Liming, CHEN Zuosong. Short signature scheme for power WSN data transmission[J]. Computer Engineering and Design, 2019, 40(12):3388-3393.

    [33] 王丹,赵文兵,丁治明.大数据安全保障关键技术分析综述[J].北京工业大学学报,2017,43(3):335-349.

    WANG Dan, ZHAO Wenbing, DING Zhiming. Review of big data security critical technologies[J]. Journal of Beijing University of Technology, 2017, 43(3):335-349.

    [34] 刘清源,刘瑞佳,王健,等.基于边缘计算的泛在电力物联网群组密钥管理算法研究[J].电测与仪表,2022,59(7):48-56.

    LIU Qingyuan, LIU Ruijia, WANG Jian, et al. Research on group key management algorithm of ubiquitous power Internet of Things based on edge computing[J]. Electrical Measurement&Instrumentation, 2022, 59(7):48-56.

    [35] 王智东,王钢,童晋方,等.智能变电站的密钥管理方法[J].电力系统自动化,2016,40(13):121-127.

    WANG Zhidong, WANG Gang, TONG Jinfang, et al. Key management method for intelligent substations[J]. Automation of Electric Power Systems, 2016, 40(13):121-127.

    [36] 王栋,杨珂,王瑜,等.基于区块链的联盟信任分布式认证在电力行业的应用探索[J].电力系统自动化,2022,46(8):1-10.

    WANG Dong, YANG Ke, WANG Yu, et al. Application exploration of blockchain-based distributed authentication wtih alliance trust in power industry[J]. Automation of Electric Power Systems, 2022, 46(8):1-10.

    [37] 许杰,张锋军,陈捷,等.面向大数据环境下的数据安全治理技术[J].通信技术,2021,54(12):2659-2665.

    XU Jie, ZHANG Fengjun, CHEN Jie, et al. Data security governance technology in big data environment[J].Communications Technology, 2021, 54(12):2659-2665.

    [38] 傅宏,杨剑蓝,李靖,等.基于区块链的去中心化电力交易与访问控制系统[J].计算机应用与软件,2023,40(2):118-123.

    FU Hong, YANG Jianlan, LI Jing, et al. Decentralized power trading and access control system based on blockchain[J].Computer Applications and Software, 2023, 40(2):118-123.

    [39] 诸天逸,李凤华,成林,等.跨域访问控制技术研究[J].网络与信息安全学报,2021,7(1):20-27.

    ZHU Tianyi, LI Fenghua, CHENG Lin, et al. Research on cross-domain access control technology[J]. Chinese Journal of Network and Information Security, 2021, 7(1):20-27.

    [40] 杨维永,刘苇,崔恒志,等.SG-Edge:电力物联网可信边缘计算框架关键技术[J].软件学报,2022,33(2):641-663.

    YANG Weiyong, LIU Wei, CUI Hengzhi, et al. SG-Edge:key technology of power Internet of Things trusted edge computing framework[J]. Journal of Software, 2022, 33(2):641-663.

    [41] 郭庆来,田年丰,孙宏斌.支撑能源互联网协同优化的隐私计算关键技术[J].电力系统自动化,2023,47(8):2-14.

    GUO Qinglai, TIAN Nianfeng, SUN Hongbin. Key technologies of privacy computation supporting collaborative optimization of Energy Internet[J]. Automation of Electric Power Systems, 2023, 47(8):2-14.

    [42] 王忠春,陈庆荣,刘婷.大数据下新型安全沙箱技术运用分析与研究[J].网络空间安全,2022,13(6):89-97.

    WANG Zhongchun, CHEN Qingrong, LIU Ting. Analysis and research on the application of new safe sandbox technology under big data[J]. Information Security and Technology, 2022,13(6):89-97.

    [43] 陈永东,刘友波,沈晓东,等.面向城市能源系统分布式资源的边缘智能技术综述[J].电力系统自动化,2022,46(17):142-152.

    CHEN Yongdong, LIU Youbo, SHEN Xiaodong, et al.Review of edge intelligence technology for distributed energy resources in urban energy systems[J]. Automation of Electric Power Systems, 2022, 46(17):142-152.

    [44] 雷波,马小婷,李聪,等.云网融合中的网络基础设施演进探讨[J].信息通信技术与政策,2022,48(11):8-17.

    LEI Bo, MA Xiaoting, LI Cong, et al. Research on network infrastructure evolution for cloud-network convergence[J].Information and Communications Technology and Policy,2022, 48(11):8-17.

    [45] 陈皓勇,李志豪,陈永波,等.基于5G的泛在电力物联网[J].电力系统保护与控制,2020,48(3):1-8.

    CHEN Haoyong, LI Zhihao, CHEN Yongbo, et al. Ubiquitous power Internet of Things based on 5G[J]. Power System Protection and Control, 2020, 48(3):1-8.

    [46] 颜拥,陈星莺,文福拴,等.从能源互联网到能源区块链:基本概念与研究框架[J].电力系统自动化,2022,46(2):1-14.

    YAN Yong, CHEN Xingying, WEN Fushuan, et al. From Energy Internet to energy blockchain:basic concept and research framework[J]. Automation of Electric Power Systems, 2022, 46(2):1-14.

    [47] 苏盛,汪干,刘亮,等.电力物联网终端安全防护研究综述[J].高电压技术,2022,48(2):513-525.

    SU Sheng, WANG Gan, LIU Liang, et al. Review on security of power Internet of Things terminals[J]. High Voltage Engineering, 2022, 48(2):513-525.

    [48] 张涛,赵东艳,薛峰,等.电力系统智能终端信息安全防护技术研究框架[J].电力系统自动化,2019,43(19):1-8.

    ZHANG Tao, ZHAO Dongyan, XUE Feng, et al. Research framework of cyber-security protection technologies for smart terminals in power system[J]. Automation of Electric Power Systems, 2019, 43(19):1-8.

    [49] 梅文明,李美成,孙炜,等.一种面向分布式新能源网络的终端安全接入技术[J].电网技术,2020,44(3):953-961.

    MEI Wenming, LI Meicheng, SUN Wei, et al. Terminal security access technology for distributed new energy networks[J]. Power System Technology, 2020, 44(3):953-961.

    [50]

    DEVI L, PORKODI S, NARMADHA R, et al. Mitigation for cloud computing security risks and governance[J].International Journal of Cloud Computing, 2022, 11(5/6):560.

    [51]

    ZHANG T Z, LINGUAGLOSSA L, GALLO M, et al.FlowMon-DPDK:parsimonious per-flow software monitoring at line rate[C]//2018 Network Traffic Measurement and Analysis Conference(TMA), June 26-29, 2018, Vienna,Austria:1-8.

    [52]

    KALIA A, KAMINSKY M, ANDERSEN D. Design guidelines for high performance RDMA systems[C]//2016USENIX Annual Technical Conference, June 22-24, 2016,Denver, USA.

    [53]

    ROTHENBERGER B, TARANOV K, PERRIG A, et al.ReDMArk:bypassing RDMA security mechanisms[C]//30th USENIX Security Symposium, August 11-13, 2021,Vancouver, Canada.

    [54]

    XING J R, HSU K F, QIU Y M, et al. Bedrock:programmable network support for secure RDMA systems[C].31th USENIX Security Symposium, August 10-12, 2022,Boston, USA.

    [55]

    CHEN X, WU C M, LIU X, et al. Empowering network security with programmable switches:a comprehensive survey[J]. IEEE Communications Surveys&Tutorials, 2023, 25(3):1653-1704.

    [56]

    BURSTEIN I. NVIDIA data center processing unit(DPU)architecture[C]//2021 IEEE Hot Chips 33 Symposium(HCS), August 22-24, 2021, Palo Alto, USA:1-20.

    [57] 刘忠沛,吕高锋,王继昌,等.专用数据处理器综述[J].计算机工程与科学,2023,45(2):215-227.

    LIU Zhongpei, LÜGaofeng, WANG Jichang, et al. Review on data processing unit[J]. Computer Engineering and Science,2023, 45(2):215-227.

    [58]

    BOSSHART P, DALY D, GIBB G, et al. P4:programming protocol-independent packet processors[J]. ACM SIGCOMM Computer Communication Review, 2014, 44(3):87-95.

    [59] 李建华.能源关键基础设施网络安全威胁与防御技术综述[J].电子与信息学报,2020,42(9):2065-2081.

    LI Jianhua. Overview of cyber security threats and defense technologies for energy critical infrastructure[J]. Journal of Electronics&Information Technology, 2020, 42(9):2065-2081.

    [60] 祝现威,常朝稳,秦晰,等.面向安全协议的虚拟化可编程数据平面[J].电子与信息学报,2021,43(1):226-233.

    ZHU Xianwei, CHANG Chaowen, QIN Xi, et al. VCP4:virtualization of the programmable data plane for security protocol[J]. Journal of Electronics&Information Technology,2021, 43(1):226-233.

    [61]

    Oracal. Oracle cloud infrastructure security architecture[EB/OL].[2023-03-21]. https://www. oracle. com/a/ocom/docs/oracle-cloud-infrastructure-security-architecture.pdf.

    [62]

    MEZA A, RESTUCCIA F, OBERG J, et al. Security verification of the OpenTitan hardware root of trust[J]. IEEE Security&Privacy, 2023, 21(3):27-36.

    [63]

    WANG S X, CHEN H W, ZHAO Q Y, et al. Preserving scheme for user’s confidential information in smart grid based on digital watermark and asymmetric encryption[J]. Journal of Central South University, 2022, 29(2):726-740.

    [64]

    DI TIZIO G, SPEICHER P, SIMEONOVSKI M, et al.Pareto-optimal defenses for the web infrastructure:theory and practice[J]. ACM Transactions on Privacy and Security,2023, 26(2):1-36.

    [65]

    PASTOR-GALINDO J, LÓPEZ-MILLÁN G, MARÍNLÓPEZ R, et al. A framework for dynamic configuration of TLS connections based on standards[J]. Journal of Network and Systems Management, 2022, 30(2):1-29.

    [66]

    YANG T, JIANG J, LIU P, et al. Elastic sketch:adaptive and fast network-wide measurements[C]//Proceedings of the2018 Conference of the ACM Special Interest Group on Data Communication, August 20-25, 2018, Budapest, Hungary:561-575.

    [67]

    FU C P, LI Q, XU K. Detecting unknown encrypted malicious traffic in real time via flow interaction graph analysis[C]//Proceedings of 2023 Network and Distributed System Security Symposium, February 27-March 3, 2023, San Diego, USA.

    [68]

    AUSTIN T, HARRIS A, VERMA T, et al. MorpheusⅡ:a RISC-V security extension for protecting vulnerable software and hardware[C]//2021 IEEE Hot Chips 33 Symposium(HCS), August 22-24, 2021, Palo Alto, USA:1-18.

    [69]

    NVIDIA. Accelerating next-generation cybersecurity with NVIDIA Morpheus, now with expanded early access[EB/OL].[2023-03-21]. https://developer. nvidia. com/blog/accelerating-next-generation-cybersecurity-morpheus-now-withexpanded-early-access/.

    [70]

    HU N, TIAN Z H, DU X J, et al. An energy-efficient Innetwork computing paradigm for 6G[J]. IEEE Transactions on Green Communications and Networking, 2021, 5(4):1722-1733.

    [71]

    KIANPISHEH S, TALEB T. A survey on In-network computing:programmable data plane and technology specific applications[J]. IEEE Communications Surveys&Tutorials,2022, 25(1):701-761.

    [72]

    UÇTU G, ALKAN M, DOGRU I A, et al. A suggested testbed to evaluate multicast network and threat prevention performance of next generation firewalls[J]. Future Generation Computer Systems, 2021, 124:56-67.

    [73]

    DANTAS SILVA F S, NETO E P, NUNES R S S, et al.Securing software-defined networks through adaptive moving target defense capabilities[J]. Journal of Network and Systems Management, 2023, 31(3):1-28.

    [74] 宋克,刘勤让,魏帅,等.基于拟态防御的以太网交换机内生安全体系结构[J].通信学报,2020,41(5):18-26.

    SONG Ke, LIU Qinrang, WEI Shuai, et al. Endogenous security architecture of Ethernet switch based on mimic defense[J]. Journal on Communications, 2020, 41(5):18-26.

    [75] 汪杰,钟志明,鲁承波.电力监控系统高级持续性威胁感知研究[J].电网与清洁能源,2020,36(5):64-68.

    WANG Jie, ZHONG Zhiming, LU Chengbo. Research on perception of advanced persistent threat in power monitoring system[J]. Power System and Clean Energy, 2020, 36(5):64-68.

    [76]

    XIANG H, LI M. The research of network security mechanism based collaborative design[J]. Advanced Materials Research,2011, 421:406-409.

    [77]

    LIATIFIS A, SARIGIANNIDIS P, ARGYRIOU V, et al.Advancing SDN from OpenFlow to P4:a survey[J]. ACM Computing Surveys, 2023, 55(9):1-37.

    [78]

    ZOURE M, AHMED T, RÉVEILLÈRE L. Network services anomalies in NFV:survey, taxonomy, and verification methods[J]. IEEE Transactions on Network and Service Management, 2022, 19(2):1567-1584.

    [79] 田有亮,杨科迪,王缵,等.基于属性加密的区块链数据溯源算法[J].通信学报,2019,40(11):101-111.

    TIAN Youliang, YANG Kedi, WANG Zuan, et al. Algorithm of blockchain data provenance based on ABE[J]. Journal on Communications, 2019, 40(11):101-111.

    [80]

    JIA Y, GU Z Q, DU L, et al. Artificial intelligence enabled cyber security defense for smart cities:a novel attack detection framework based on the MDATA model[J]. Knowledge-Based Systems, 2023, 276:110781.

    [81]

    BELHAJJAME K, B’FAR R, CHENEY J, et al. PROVDM:the PROV data model[J]. W3C Recommendation,2013, 14:15-16.

    [82] 张亮,屈刚,李慧星,等.智能电网电力监控系统网络安全态势感知平台关键技术研究及应用[J].上海交通大学学报,2021,55(增刊2):103-109.

    ZHANG Liang, QU Gang, LI Huixing, et al. Research and application of key technologies of network security situation awareness for smart grid power control systems[J]. Journal of Shanghai Jiao Tong University, 2021, 55(Supplement 2):103-109.

    [83]

    GAO Y L, LI X Y, PENG H, et al. HinCTI:a cyber threat intelligence modeling and identification system based on heterogeneous information network[J]. IEEE Transactions on Knowledge and Data Engineering, 2022, 34(2):708-722.

    [84]

    BARTWAL U, MUKHOPADHYAY S, NEGI R, et al.Security orchestration, automation, and response engine for deployment of behavioural honeypots[C]//2022 IEEE Conference on Dependable and Secure Computing(DSC),June 22-24, 2022, Edinburgh, UK:1-8.

    [85] 赵粤征,叶建伟,贠珊,等.基于SOAR的安全运营自动化关键技术构建及未来演进方向[J].信息技术与网络安全,2021,40(3):19-27.

    ZHAO Yuezheng, YE Jianwei, YUN Shan, et al. Key technology construction and future evolution direction of security operation automation based on SOAR[J]. Information Techology and Network Security, 2021, 40(3):19-27.

    [86]

    ULLAH I, RAZA B, ALI S, et al. Software defined network enabled fog-to-things hybrid deep learning driven cyber threat detection system[J]. Security and Communication Networks,2021, 2021:1-15.

    [87]

    DONG F, WANG L, NIE X, et al. DISTDET:a costeffective distributed cyber threat detection system[C]//USENIX Security Symposium, August 9-11, 2023,Anaheim, USA.

    [88] 赵静,陈元谋.云网融合背景下智能网卡的产业发展及趋势分析[J].信息通信技术与政策,2022,48(11):69-78.

    ZHAO Jing, CHEN Yuanmou. Industry development and trend analysis of smart NICs under the background of cloud-network convergence[J]. Information and Communications Technology and Policy, 2022, 48(11):69-78.

    [89] 王宏鼎,蔺旋,李长连.基于SD-WAN的SASE云安全资源池方案研究[J].邮电设计技术,2022(9):49-54.

    WANG Hongding, LIN Xuan, LI Changlian. Research on SASE cloud security resource pool scheme based on SD-WAN[J]. Designing Techniques of Posts and Telecommunications,2022(9):49-54.

    [90]

    YOU L Z, ZHANG J H, JIN Y L, et al. Fast configuration change impact analysis for network overlay data center networks[J]. IEEE/ACM Transactions on Networking, 2022, 30(1):423-436.

    [91]

    WANG W T, TAMMANA P, CHEN A, et al. Grasp the root causes in the data plane:diagnosing latency problems with SpiderMon[C]//Proceedings of the Symposium on SDN Research, March 3, 2020, San Jose, USA:55-61.

    [92]

    DATTA T, FEAMSTER N, REXFORD J, et al. SPINE:surveillance protection in the network elements[C]//USENIX Security Symposium, August 14-16, 2019, Santa Clara,USA.

    [93]

    JUNG C, KIM S, JANG R, et al. A scalable and dynamic ACL system for In-network defense[C]//Proceedings of the2022 ACM SIGSAC Conference on Computer and Communications Security, November 7-11, 2022, Los Angeles, USA:1679-1693.

    [94] 刘洪鑫,徐非非,黄剑.基于蜜罐机制的电力调度信息加密传输方法研究[J].电子设计工程,2023,31(7):32-35.

    LIU Hongxin, XU Feifei, HUANG Jian. Research on encrypted transmission method of electric power dispatch information based on honeypot mechanism[J]. Electronic Design Engineering, 2023, 31(7):32-35.

    [95] 蒋屹新,许爱东,张宇南,等.电力物联网网络安全的主动防御技术研究与实践[M]//中国电机工程学会电力通信专业委员会第十三届学术会议论文集.北京:人民邮电出版社,2022.JIANG Yixin, XU Aidong, ZHANG Yunan, et al. Research and practice of active defense technology for power Internet of Things network security[M]//Proceedings of the 13th Academic Conference of Chinese Society for Electrical Engineering Power Communication Professional Committee.Beijing:People’s Posts and Telecommunications Press, 2022.
    [96] 于欣越,孙刚,张亚伟.基于零信任的软件定义边界网络隐身技术研究[J].通信技术,2021,54(5):1229-1234.

    YU Xinyue, SUN Gang, ZHANG Yawei. Research on software-defined-perimeter network stealth technology based on zero trust[J]. Communications Technology, 2021, 54(5):1229-1234.

    [97]

    HAN S, JANG J. MyTEE:own the trusted execution environment on embedded devices[C]//Proceedings of 2023Network and Distributed System Security Symposium,February 27-March 3, 2023, San Diego, USA.

    [98] 于青,王芳,徐彬.DPU系统部署面临的问题以及方案探讨[J].电信工程技术与标准化,2022,35(11):21-27.

    YU Qing, WANG Fang, XU Bin. DPU system deployment problems and solutions[J]. Telecom Engineering Technics and Standardization, 2022, 35(11):21-27.

    [99]

    ZHOU G M, LIU Z T, FU C P, et al. An efficient design of intelligent network data plane[C]//USENIX Security Symposium, August 9-11, 2023, Anaheim, USA.

    [100]

    WANG H, SOULÉR, DANG H T, et al. P4FPGA:a rapid prototyping framework for P4[C]//Proceedings of the Symposium on SDN Research, April 3-4, 2017, Santa Clara, USA:122-135.

    [101]

    HOGAN M, FEIBISH S L, ARASHLOO M T, et al.Modular switch programming under resource constraints[C]//USENIX Symposium on Networked Systems Design and Implementation, April 4-6, 2022, Renton, USA.

计量
  • 文章访问数:  0
  • HTML全文浏览量:  0
  • PDF下载量:  0
  • 被引次数: 0
出版历程
  • 收稿日期:  2023-06-28

目录

    /

    返回文章
    返回