数据与计算发展前沿 ›› 2021, Vol. 3 ›› Issue (3): 9-18.

doi: 10.11871/jfdc.issn.2096-742X.2021.03.002

• 网络通信与安全专刊 • 上一篇    下一篇

网络安全知识图谱关键技术

李序1,2,*(),连一峰2(),张海霞2(),黄克振2()   

  1. 1.中国科学院大学,北京 100049
    2.中国科学院软件研究所,可信计算与信息保障实验室,北京 100190
  • 收稿日期:2021-05-27 出版日期:2021-06-20 发布日期:2021-07-09
  • 通讯作者: 李序
  • 作者简介:李序,中国科学院软件研究所,硕士研究生,主要研究兴趣为网络安全态势感知。
    本文中负责总体统稿、知识图谱技术调研和综述。
    LI Xu is currently a postgraduate of Institute of software, Chinese Academy of Sciences. Her current research interest is cyber security situation awareness.
    In this paper, she is responsible for the overall draft as well as the survey and summary of knowledge graph technology.
    E-mail: lixu2019@iscas.ac.cn|连一峰,中国科学院软件研究所,研究员,博士生导师,主要研究方向包括网络安全态势感知技术、网络攻防技术、安全测评技术、等级保护关键技术等,主持承担国家863计划、国家自然科学基金、国家高技术产业化等20余项重要科技项目,发表学术论文50余篇,出版专著4部,发明专利14项,编制国家技术标准3项。
    本文中负责网络安全知识图谱技术架构分析。
    LIAN Yifeng, researcher and doctoral supervisor of Institute of software, Chinese Academy of Sciences, focuses on cyber security situation awareness technology, cyber attack and defense technology, security evaluation technology, key tech-nology of classified protection, etc. He has presided over and undertaken more than 20 important scientific and technological projects such as national 863 plan, National Natural Science foundation of China and national high-tech industrialization, and published more than 50 academic papers, four monographs, 14 invention patents, and 3 national technical standards.
    In this paper, he is responsible for the cyber security knowledge graph technology architecture analysis.
    E-mail: lianyifeng@iscas.ac.cn|张海霞,中国科学院软件研究所,高级工程师,博士,长期从事网络及信息安全技术研究、规划设计与工程建设工作,主要研究方向包括信息安全测评技术、等级保护关键技术、网络安全监测预警技术等,先后承担国家863计划、国家发改委、公安部、国家测评中心、认证中心等国家级、部委级重要科技项目20余项,在核心学术期刊发表论文多篇,申请国家发明专利多项。
    本文中负责网络安全知识图谱本体构建指导。
    ZHANG Haixia, doctor of engineering, is a senior engineer of Institute of software, Chinese Academy of Sciences. She has long been engaged in cyber and information security technology research, planning, design and engineering construction. Her key research directions include information security evaluation technology, classified protection key technology, network security monitoring and Pre-warning Technology, etc. She has successively undertaken the National 863 program, and more than 20 other national and ministerial level important science and technology projects from national development and Reform Commission, Ministry of public security, and national evaluation center Certification Center. She has published many papers in core academic journals, and applied for a number of national invention patents.
    In this paper, she is responsible for guiding the noumenon definition of cyber security knowledge graph.
    E-mail: zhanghaixia@iscas.ac.cn|黄克振,中国科学院软件研究所,工程师,主要研究方向包括网络安全态势感知技术、网络攻防技术等,参与国家863计划、国家自然科学基金、国家高技术产业化等20余项重要科技项目,发表学术论文多篇,申请国家发明专利多项。主要研究兴趣为网络安全威胁感知技术,在国内重要期刊及会议上发表学术论文10余篇。
    本文中承担信息抽取技术分析。
    HUANG Kezhen, the engineer of Institute of software, Chinese Academy of Sciences, focuses on cyber security situation awareness technology, network attack and defense technology, etc. He has participated in more than 20 important scientific and technological projects such as national 863 plan, National Natural Science Foundation of China and national high-tech industrialization, published many scientific papers and applied for many national invention patents. His main research interest is cyber security threat perception technology, and he has published more than 10 academic papers in important domestic journals and conferences.
    In this paper, he is responsible for the analysis of information extraction technology.
    E-mail: huangkezhen@iscas.ac.cn
  • 基金资助:
    国家重点研发计划“网络空间地理图谱构建与智能认知关键技术研究”(2020YFB806500);课题四“基于网络空间地理图谱的网络安全行为智能认知技术研究”(2020YFB806504)

Key Technologies of Cyber Security Knowledge Graph

LI Xu1,2,*(),LIAN Yifeng2(),ZHANG Haixia2(),HUANG kezhen2()   

  1. 1. University of Chinese Academy of Sciences, Beijing 100049, China
    2. Trusted Computing and Information Assurance Laboratory, Institute of Software Chinese Academy of Sciences, Beijing 100190, China
  • Received:2021-05-27 Online:2021-06-20 Published:2021-07-09
  • Contact: LI Xu

摘要:

【目的】 复杂多变的网络攻击活动对网络安全工作带来了严峻挑战。将知识图谱引入网络安全领域,有助于刻画展现安全态势,支持安全决策和预警预测。【方法】 本文综述了目前国内外知识图谱相关技术的研究进展及其在网络安全领域的应用现状。【结果】 在此基础上,阐述了构建网络安全知识图谱的技术架构,定义了网络安全本体模型,采用深度学习的方法进行实体抽取和关系抽取,利用基于规则和基于知识表示学习的方法进行图谱推理,实现网络安全知识补全和分析挖掘。

关键词: 网络安全, 知识图谱, 深度学习, 威胁情报

Abstract:

[Objective] Complex and changeable network attack activities bring severe challenges to network security. Introducing the knowledge graph into the field of network security is helpful to security situation depiction, security decision-making support, and early warning prediction. [Methods] This paper summarizes the research progress of knowledge graph technology at home and abroad and its application in the field of network security. [Results] On this basis, this paper expounds the technical framework of constructing the network security knowledge graph, defines the network security ontology model, uses the method of deep learning to extract entities and relations, uses rule-based and knowledge-based representation methods to carry out graph reasoning, and achieves the network security knowledge complement and analysis mining.

Key words: cyber security, knowledge graph, deep learning, threat intelligence