Method and system for detecting network traffic anomaly of distributed equipment

The invention discloses a method and a system for detecting network traffic anomaly of distributed equipment, and belongs to the technical field of novel power systems. The method comprises the following steps: acquiring network flow data of the novel power system distributed equipment, and preprocessing the network flow data to obtain a target data set; extracting a feature data set of the target data set based on a pre-established neural network; and determining a Mahalanobis distance of the feature data set, and determining whether the Mahalanobis distance exceeds an anomaly detection index based on the anomaly detection index so as to determine whether the network traffic of the distributed device is abnormal. According to the invention, whether the network flow is abnormal can be rapidly and effectively detected. 本发明公开了一种用于分布式设备网络流量异常检测的方法及系统，属于新型电力系统技术领域。本发明方法，包括：获取新型电力系统分布式设备的网络流量数据，对所述网络流量数据进行预处理，得到目标数据集；基于预先建立的神经网络，提取出所述目标数据集的特征数据集；确定所述特征数据集的马哈拉诺比斯距离，并基于异常检测指标，确定所述马哈拉诺比斯距离是否超出异常检测指标，来确定所述分布式设备网络流量是否发