%0 Journal Article
%T User Station Security Protection Method Based on Random Domain Name Detection and Active Defense
%A Hongyan Yin
%A Xiaokang Ren
%A Jinyu Liu
%A Shuo Zhang
%A Wenkun Liu
%J Journal of Information Security
%P 39-51
%@ 2153-1242
%D 2023
%I Scientific Research Publishing
%R 10.4236/jis.2023.141004
%X The
power monitoring system is the most important production management system in
the power industry. As an important part of the power monitoring system, the
user station that lacks grid binding will become an important target of network
attacks. In order to perceive the network attack events on the user station
side in time, a method combining real-time detection and active defense of
random domain names on the user station side was proposed. Capsule network (CapsNet)
combined with long short-term memory network (LSTM) was used to classify the
domain names extracted from the traffic data. When a random domain name is
detected, it sent instructions to routers and switched to update their security
policies through the remote terminal protocol (Telnet), or shut down the service interfaces of routers and
switched to block network attacks. The experimental results showed that the use of CapsNet
combined with LSTM classification algorithm can achieve 99.16% accuracy and 98%
recall rate in random domain name detection. Through the Telnet protocol,
routers and switches can be linked to make active defense without interrupting
services.
%K User Station
%K Random Domain Name Detection
%K Capsule Network
%K Active Defense
%K Long Short Term Memory
%U http://www.scirp.org/journal/PaperInformation.aspx?PaperID=122639