Research on Network Security Automation and Orchestration Oriented to Electric Power Monitoring System

Nowadays, an electric power monitoring system may cause great damage due to security incidents happened. Furthermore, traditional active defense technologies no longer guarantee the safety and reliability of an electric power monitoring system. Thus, it is urgent to develop a new security defense technology suitable for the electric power monitoring system, the new security defense technology can take precautions against the destructive attacks occurring in the electric power monitoring system. According to the analysis of the network security demands of the electric power monitoring system, we propose an active defense system framework based onsecurityautomation andorchestrationtechnology (i.e., SAOT). The active defense system framework with multi-layer architecture and functional modules integrates modules such as the behavioral feature extraction of typical network security events, the security disposal strategy generation of typical network security events, and the automation orchestration of security disposal strategies. Furthermore, the SAOT active defense system framework simultaneously solves the aspects of the vulnerability and security problems in the electric power monitoring system. Finally, a case study is adopted to further describe and explain the SAOT active defense system framework. Results indicate that the SAOT active defense system framework can ensure the information security of the national power system in cyberspace.