Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network security domain knowledge graph construction method and device for dynamic threat analysis

A technology of network security and domain knowledge, applied in the field of network security and network security of dynamic threat analysis, can solve the problems of quantitative deviation of threat transfer probability, difficulty in applying threat risk analysis, affecting threat path and accuracy of probability measurement, etc., to achieve The effect of strong practicality and operability

Active Publication Date: 2019-08-09
PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU +1
View PDF6 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] At present, there are mainly the following methods for network dynamic threat analysis: (1) The network security analysis method based on the growth of the attacker's ability, by deducing the threat path and combining the threat transition probability to quantify network security, however, the existing attribute attack graph only describes The threat changes caused by system vulnerabilities are not described, and the threat transfer caused by the access relationship between network business applications is not described, which leads to deviations in the quantification of threat transfer probability; (2) the state attack graph method, which represents the vertex as the host, and Edges represent transitions between states. Due to the state space explosion problem in the state attack graph, it is difficult to apply to the threat risk analysis in a large-scale network environment; (3) the attribute attack graph method, which takes the security elements in the network as Independent attribute vertices. The same vulnerability on the same host only corresponds to one attribute vertex in the graph. Directed edges represent the relationship between nodes. Relative state attack graphs can overcome the problem of state space explosion. However, currently generated attack graphs generally have threats Delivery loop issues, affecting the accuracy of threat paths and probability metrics
Knowledge Graph has received widespread attention due to its superior visualization effects. In the field of natural language processing, the construction technology and application of knowledge graphs are very mature, but in the field of network security, there is no high-quality large-scale open knowledge graph.
How to use the knowledge map to analyze threat dynamics has not yet emerged a mature application method. Combined with the real network environment to generate a threat pattern library, describe the threat transfer caused by the access relationship between network business applications, and accurately measure the threat transfer probability between nodes, it has become Technical problems to be solved urgently in the construction of network threat knowledge graph

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network security domain knowledge graph construction method and device for dynamic threat analysis
  • Network security domain knowledge graph construction method and device for dynamic threat analysis
  • Network security domain knowledge graph construction method and device for dynamic threat analysis

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] In order to make the purpose, technical solution and advantages of the present invention more clear and understandable, the present invention will be further described in detail below in conjunction with the accompanying drawings and technical solutions. The technical term involved in the embodiment is as follows:

[0033] Knowledge graph, also known as scientific knowledge graph, is called knowledge domain visualization or knowledge domain mapping map in the library and information industry. Resources and their carriers, mining, analyzing, constructing, mapping and displaying knowledge and their interconnections. By combining the theories and methods of applied mathematics, graphics, information visualization technology, information science and other disciplines with metrology citation analysis, co-occurrence analysis and other methods, and using visual maps to vividly display the core structure, development history, and frontiers of disciplines The modern theory that...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of network security, and particularly relates to a network security domain knowledge graph construction method and device for dynamic threat analysis, andthe method comprises the steps: describing a threat transfer relation caused by a system vulnerability and a network service; constructing a network dynamic threat analysis knowledge graph model by utilizing graph theory knowledge; calculating a threat transfer probability by combining a general vulnerability evaluation standard and Bayesian; and generating a network threat knowledge map by utilizing association rules among threats, vulnerabilities and services, and carrying out loop resolution. According to the invention, network attacks, system vulnerabilities and business applications influence each other; the network threat transfer probability is analyzed in combination with the general vulnerability scoring standard and the Bayesian formula, the constructed knowledge graph is corrected, the threat transfer loop among multiple nodes is eliminated, the attack full view can be completely displayed, the network evidence obtaining efficiency is improved, and a basis is provided for threat clue discovery and traceability evidence obtaining.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a method and device for constructing a knowledge graph in the network security field for dynamic threat analysis. Background technique [0002] The inherent vulnerability of the network information system makes it inevitable to face the impact of external threats. To carry out effective analysis of external dynamic and changing threats, how to quantitatively analyze the threat transfer probability according to the time, importance, environment and other factors of network node vulnerabilities , which plays an important supporting role in the implementation of targeted defense decisions. [0003] At present, there are mainly the following methods for network dynamic threat analysis: (1) The network security analysis method based on the growth of the attacker's ability, by deducing the threat path and combining the threat transition probability to quantify netw...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/145H04L63/1441
Inventor 胡浩张玉臣冷强李杰刘玉岭赵昌军鲍旭华王恺王佳宁谢鹏程
Owner PLA STRATEGIC SUPPORT FORCE INFORMATION ENG UNIV PLA SSF IEU
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com