The existence of a large number of multi-source heterogeneous hosts and application service types in various zones of the power monitoring system leads to difficulties in extracting comprehensive host attack trace data and the problem of fine-grained deep threat detection. This study combines network attack traces extracted from multi-source logs and stores them in attack trace styles. An attack event description model based on key attributes and behavior sequences is constructed. Based on the vulnerability scoring system, an algorithm is designed to map a general attack graph into an absorbing Markov chain attack graph, which provides a computational basis for the analysis of network attacks by calculating the state transfer probability matrix of the attack graph. Finally, the performance of this paper’s method for multi-dimensional data feature extraction is explored in a python experimental simulation environment. The simulation results show that the average mapping time of LSTM model for 7 vulnerabilities is 117ms, while the average mapping time of this paper’s algorithm is improved by 37ms compared to the LSTM model.Meanwhile, the accuracy, stability, average false detection rate and positive and negative recall rate also achieve good results, which verifies the validity of this method in the practice of power monitoring system management.
1970-2025 CP (Manitoba, Canada) unless otherwise stated.