The construction of power Internet of things is an important development direction for power grid enterprises. Although power Internet of things is a kind of network, it is denser than the ordinary Internet of things points and more complex equipment types, so it has higher requirements for network security protection. At the same time, due to the special information perception and transmission mode in the Internet of things, the information transmitted in the network is easy to be stolen and resold, and traditional security measures can no longer meet the security protection requirements of the new Internet of things devices. To solve the privacy leakage and security attack caused by the illegal intrusion in the network, this paper proposes to construct a device portrait for terminal devices in the power Internet of things and detect abnormal traffic in the network based on device portrait. By collecting traffic data in the network environment, various network traffic characteristics are extracted, and abnormal traffic is analyzed and identified by the machine learning algorithm. By collecting the traffic data in the network environment, the features are extracted from the physical layer, network layer, and application layer of the message, and the device portrait is generated by a machine learning algorithm. According to the established attack mode, the corresponding traffic characteristics are analyzed, and the detection of abnormal traffic is achieved by comparing the attack traffic characteristics with the device portrait. The experimental results show that the accuracy of this method is more than 90%.

中文翻译：

---

基于设备画像的电力物联网网络流量异常检测

电力物联网建设是电网企业的重要发展方向。电力物联网虽然是一种网络，但比普通的物联网点更密集，设备类型也更复杂，因此对网络安全防护有更高的要求。同时，由于物联网特殊的信息感知和传输方式，网络中传输的信息极易被盗、转卖，传统的安全措施已不能满足新互联网的安全防护要求。的东西设备。解决非法入侵网络造成的隐私泄露和安全攻击，本文提出为电力物联网中的终端设备构建设备画像，并基于设备画像检测网络中的异常流量。通过收集网络环境中的流量数据，提取各种网络流量特征，通过机器学习算法分析识别异常流量。通过采集网络环境中的流量数据，从报文的物理层、网络层、应用层提取特征，通过机器学习算法生成设备画像。根据建立的攻击模式，分析相应的流量特征，通过将攻击流量特征与设备画像进行对比，实现异常流量的检测。