<p>With the rapid adoption of distributed cloud computing, containerized services, microservice architectures, and multi-tenant resource orchestration have become fundamental components of modern computing infrastructures. This trend is particularly evident in modern smart grids, where distributed power dispatch clouds handle critical energy management operations. However, the increasing scale, heterogeneity, and dynamicity of distributed cloud environments also introduce a significantly expanded attack surface, making vulnerability discovery and risk identification more challenging than in traditional static systems. Existing vulnerability analysis approaches often rely on handcrafted rules, signature databases, or supervised learning methods, which are limited in their ability to generalize to previously unseen vulnerabilities, evolving system configurations, and complex inter-service dependencies.Furthermore, payload inspection becomes obsolete under the full-scale network encryption (such as SM-based TLS secure tunnels) mandated by power grid security regulations.This paper proposes a multi-view self-supervised vulnerability detection framework for distributed cloud environments. The framework integrates host-level runtime states, network communication patterns, service dependency relationships, and configuration semantics to construct comprehensive representations of cloud system behavior without requiring extensive labeled vulnerability samples. A multi-perspective representation learning strategy based on contrastive consistency learning for aligning different feature views and masked reconstruction is employed to capture intrinsic patterns of normal system operation and potential security weaknesses, effectively filtering out benign physical grid transient disturbances, followed by one-class modeling for vulnerability and risk anomaly identification. An explainability module is further introduced to localize suspicious components and interpret vulnerability sources across different feature dimensions. Experimental results on CIC-IDS2017 and CIRA-CIC-DoHBrw-2020 demonstrate that the proposed framework achieves AUROC values of 96.17% and 95.24%, respectively, outperforming existing unsupervised and deep anomaly detection baselines under encrypted traffic scenarios.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Multi-view self-supervised vulnerability detection for distributed power dispatch clouds

  • Donghua Liu,
  • Chunlei Yi

摘要

With the rapid adoption of distributed cloud computing, containerized services, microservice architectures, and multi-tenant resource orchestration have become fundamental components of modern computing infrastructures. This trend is particularly evident in modern smart grids, where distributed power dispatch clouds handle critical energy management operations. However, the increasing scale, heterogeneity, and dynamicity of distributed cloud environments also introduce a significantly expanded attack surface, making vulnerability discovery and risk identification more challenging than in traditional static systems. Existing vulnerability analysis approaches often rely on handcrafted rules, signature databases, or supervised learning methods, which are limited in their ability to generalize to previously unseen vulnerabilities, evolving system configurations, and complex inter-service dependencies.Furthermore, payload inspection becomes obsolete under the full-scale network encryption (such as SM-based TLS secure tunnels) mandated by power grid security regulations.This paper proposes a multi-view self-supervised vulnerability detection framework for distributed cloud environments. The framework integrates host-level runtime states, network communication patterns, service dependency relationships, and configuration semantics to construct comprehensive representations of cloud system behavior without requiring extensive labeled vulnerability samples. A multi-perspective representation learning strategy based on contrastive consistency learning for aligning different feature views and masked reconstruction is employed to capture intrinsic patterns of normal system operation and potential security weaknesses, effectively filtering out benign physical grid transient disturbances, followed by one-class modeling for vulnerability and risk anomaly identification. An explainability module is further introduced to localize suspicious components and interpret vulnerability sources across different feature dimensions. Experimental results on CIC-IDS2017 and CIRA-CIC-DoHBrw-2020 demonstrate that the proposed framework achieves AUROC values of 96.17% and 95.24%, respectively, outperforming existing unsupervised and deep anomaly detection baselines under encrypted traffic scenarios.