Construction of network security domain knowledge graph for network attack detection
Authors: 
Yu Chen, Jian Liu, Ming Xian, Huimei Wang, Yuxiang Zhang, Jiujiang Han, Renfei Zhang, Lei ZhangAuthors Info & Claims
Pages 1171 - 1178
Abstract
The introduction of knowledge graph technology in the field of network security can enable network security personnel to better grasp the network security situation, detect network attacks, analyze and determine the network attack chain, and then take targeted preventive measures to continuously improve the security of network space. This paper proposes a method of constructing knowledge graph based on network security domain ontology. Aiming at the multi-source heterogeneous network security data, extracting the association relation and designing the network security domain ontology model. Through knowledge extraction of massive structured, semi-structured and unstructured data, the network security domain knowledge graph is constructed according to the top-down construction method, and the knowledge is stored, displayed and queried through the Neo4j graph database. The constructed domain knowledge graph implements association analysis of multi-source heterogeneous data from six dimensions of network security-related, including asset dimension, attack dimension, vulnerability dimension, weakness dimension and alarm dimension, laying a foundation for network attack analysis and detection.
References
[1]
LIU M Y. Knowledge graph indirect reasoning based on reinforcement learning [D]. Beijing: Beijing University of Posts and Telecommunications, 2020.
[2]
JU A K. Research on key technologies of targeted cyber attacks detection based on multi-source heterogeneous data [D]. Zhenzhou: PLA Strategic Support Force Information Engineering University, 2020.
[3]
JIA Y, QI Y, SHANG H, A practical approach to constructing a knowledge graph for cybersecurity [J]. Engineering. 2018, 4(1): 53-60.
[4]
QIN Y. Research on key technologies of network security knowledge graph construction [D]. Guizhou: Guizhou University, 2019.
[5]
WANG X H, SONG X K. Design of network security vulnerability association analysis system based on knowledge graph [J]. Electronic Design Engineering, 2021, 29(17): 85-89.
[6]
DONG C, JIANG B, LU ZH. Knowledge graph for cyberspace security intelligence: a survey [J]. Journal of Cyber Security, 2020, 5(05): 56-76.
[7]
YE Z W, GUO Y B, LI T. Extended attack graph generation method based on knowledge graph [J]. Computer Science, 2019, 46(12): 165-17.
[8]
LIU Z, SUN Z, CHEN J, STIX-based network security knowledge graph ontology modeling method [C]// Proceedings of the 2020 3rd International Conference on Geoinformatics and Data Analysis. ACM, 2020: 152–157.
[9]
DING Z Y, LIU K, LIU B, ZHU X X. Survey of cyber security knowledge graph [J]. Journal of Huazhong University of Science and Technology (Natural Science Edition), 2021, 49(07): 79-91
Index Terms
- Construction of network security domain knowledge graph for network attack detection
Recommendations
STIX-based Network Security Knowledge Graph Ontology Modeling Method
ICGDA '20: Proceedings of the 2020 3rd International Conference on Geoinformatics and Data AnalysisNetwork security incidents are complex and unstructured, making them difficult to understand and share. In this paper, we analyzes the commonality between structured threat information representation (STIX) and network security domain knowledge, and ...
A Cyberspace Security Knowledge System Based on Knowledge Graph
Artificial Intelligence and SecurityAbstractKnowledge graph plays an important role in semantic search, data analysis and intelligent decision making, and has made remarkable achievements in many fields. However, it is rarely used in the field of network security, which hinders the ...
An Approach for Security Assessment of Network Configurations Using Attack Graph
NETCOM '09: Proceedings of the 2009 First International Conference on Networks & CommunicationsWith increasing network security threats, the network vulnerability must consider exploits in the context of multistage, multi-host attack scenarios. The general approach to this problem is to construct an attack graph for a given network configuration. ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
October 2022
1999 pages
ISBN:9781450397148
DOI:10.1145/3573428
Copyright © 2022 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 15 March 2023
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
EITCE 2022
EITCE 2022: 2022 6th International Conference on Electronic Information Technology and Computer Engineering
October 21 - 23, 2022
Xiamen, China
Acceptance Rates
Overall Acceptance Rate 508 of 972 submissions, 52%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 110Total Downloads
- Downloads (Last 12 months)56
- Downloads (Last 6 weeks)5
Reflects downloads up to 13 Nov 2024
Other Metrics
Citations
Cited By
View allView Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format