Key Technologies of Cyber Security Knowledge Graph

doi:10.11871/jfdc.issn.2096-742X.2021.03.002

Abstract

Abstract:

[Objective] Complex and changeable network attack activities bring severe challenges to network security. Introducing the knowledge graph into the field of network security is helpful to security situation depiction, security decision-making support, and early warning prediction. [Methods] This paper summarizes the research progress of knowledge graph technology at home and abroad and its application in the field of network security. [Results] On this basis, this paper expounds the technical framework of constructing the network security knowledge graph, defines the network security ontology model, uses the method of deep learning to extract entities and relations, uses rule-based and knowledge-based representation methods to carry out graph reasoning, and achieves the network security knowledge complement and analysis mining.

Key words: cyber security, knowledge graph, deep learning, threat intelligence

LI Xu,LIAN Yifeng,ZHANG Haixia,HUANG kezhen. Key Technologies of Cyber Security Knowledge Graph[J]. Frontiers of Data and Computing, 2021, 3(3): 9-18.

Figures/Tables 3

References 26

[1]	郭启全, 张海霞. 关键信息基础设施安全保护技术体系[J]. 信息网络安全, 2020, 20(11):1-9.
[2]	Berners-Lee T, Handler J, Lassila O. The Semantic Web[J]. Scientific American, 2003, 284(5):34-43.
[3]	杨玉基, 许斌, 胡家威, 等. 一种准确而高效的领域知识图谱构建方法[J]. 软件学报, 2018, 029(010):2931-2947.
[4]	Razzaq A, Anwar Z, Ahmad H F, et al. Ontology for attack detection: An intelligent approach to web application security[J]. Computers & Security, 2014, 45(sep.):124-146. doi: 10.1016/j.cose.2014.05.005
[5]	Undercoffer J, Pinkston J, Joshi A, et al. A Target-Centric Ontology for Intrusion Detection[C]. Proceedings of the IJCAI-03 Workshop on Ontologies and Distributed Systems, 2003: 101-108.
[6]	HERZOG Almut; SHAHMEHRI Nahid; DUMA Claudiu. An ontology of information security[J]. International Journal of Information Security and Privacy (IJISP), 2007, 4:1-23.
[7]	Michael Iannacone, Shawn Bohn, Grant Nakamura, et al. Developing an Ontology for Cyber Security Knowledge Graphs[C]. Proceedings of the 10th Annual Cyber and Information Security Research Conference on - CISR '15, 2015:1-4.
[8]	Syed Z, Padia A, Finin T, et al. UCO: A Unified Cyberse-curity Ontology[C]// AAAI Workshop on Artificial Inte-lligence for Cyber Security, 2016: 14-21.
[9]	贾焰, 亓玉璐, 尚怀军, 等. 一种构建网络安全知识图谱的实用方法[J]. Engineering, 2018, 4(01):117-133.
[10]	王通, 艾中良, 张先国. 基于深度学习的威胁情报知识图谱构建技术[J]. 计算机与现代化, 2018, 280(12):25-30.
[11]	Balduccini M, Kushner S, Speck J. Ontology-Driven Data Semantics Discovery for Cyber-Security[C]// Interna-tional Symposium on Practical Aspects of Declarative Lan-guages. Springer International Publishing, 2015: 1-16.
[12]	Liao X, Kan Y, Wang X F, et al. Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence[C]// Acm Sigsac Con-ference on Computer & Communications Security. ACM, 2016: 755-766.
[13]	Joshi A, Lal R, Finin T, et al. Extracting Cybersecurity Related Linked Data from Text[C]// Semantic Computing (ICSC), 2013 IEEE Seventh International Conference on. IEEE, 2013: 252-259.
[14]	Huang Z, Wei X, Kai Y . Bidirectional LSTM-CRF Models for Sequence Tagging[J]. IEEE Intelligent Systems, 2017, 32(6):74-80.
[15]	Houssem Gasmi, Abdelaziz Bouras, Jannik Laval. LSTM recurrent neural networks for cybersecurity named entity recognition[C]. The Thirteenth International Conference on Software Engineering Advances, 2018: 1-6.
[16]	Mintz M, Bills S, Snow R, et al. Distant supervision for relation extraction without labeled data[C]// ACL 2009, Proceedings of the 47th Annual Meeting of the Association for Computational Linguistics and the 4th International Joint Conference on Natural Language Processing of the AFNLP, 2-7 August 2009, Singapore. Association for Computational Linguistics, 2009: 1003-1011.
[17]	Zeng D, Liu K, Lai S, et al. Relation classification via convolutional deep neural network[C]// Proceedings of COLING 2014, the 25th international conference on computational linguistics: technical papers. 2014: 2335-2344.
[18]	Miwa M, Bansal M. End-to-End Relation Extraction using LSTMs on Sequences and Tree Structures[C]// Pro-ceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers). 2016: 1105-1116.
[19]	Pingle A, Piplai A, Mittal S, et al. RelExt: Relation Extra-ction using Deep Learning approaches for Cybersecurity Knowledge Graph Improvement[C]// 2019 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). IEEE, 2020: 879-886.
[20]	绿盟科技. 基于知识图谱的 APT 组织追踪治理[EB/OL].[2020-12-30]. https://mp.weixin.qq.com/s/CluHeu1oy7DneBuR0cXZSQ.
[21]	瑞星. 瑞星发布威胁情报及网安知识图谱[EB/OL]. [2019-05-21]. https://wenku.baidu.comview/fd935990bc23482fb4daa58da0116c175e0e1e44.
[22]	Qi Y, Jiang R, Jia Y, et al. Association Analysis Algorithm Based on Knowledge Graph for SPACE-Ground Integrated Network[C]// 2018 IEEE 18th International Conference on Communication Technology (ICCT). IEEE, 2018: 222-226.
[23]	Wei W, Rong J, Yan J, et al. KGBIAC: Knowledge Graph Based Intelligent Alert Correlation Framework[J]. Springer, Cham, 2017: 523-530.
[24]	Narayanan S, Ganesan A, Joshi K, et al. Cognitive Techni-ques for Early Detection of Cybersecurity Events[Z]. arXiv preprint arXiv: 2018, 1808.00116.
[25]	陶源, 黄涛, 李末岩, 等. 基于知识图谱驱动的网络安全等级保护日志审计分析模型研究[J]. 信息网络安全, 2020, 20(1):46-51.
[26]	Zeng,Kang L, Chen Y, et al. Distant Supervision for Relation Extraction via Piecewise Convolutional Neural Networks[C]// Conference on Empirical Methods in Natural Language Processing, 2015: 1753-1762.