Method and device for constructing network security knowledge graph

A network security and knowledge graph technology, applied in neural learning methods, biological neural network models, neural architectures, etc., can solve the problems of reducing the efficiency and low accuracy of network security knowledge graph construction

Active Publication Date: 2020-12-11
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF9 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In practice, it is found that the existing network security knowledge map construction method, the missing relationship between entities is obtained by relying on experience analysis, and the accuracy is low
It can be seen that the existing network security knowledge map construction method has low accuracy, which reduces the construction efficiency of the network security knowledge map.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for constructing network security knowledge graph
  • Method and device for constructing network security knowledge graph
  • Method and device for constructing network security knowledge graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0063] Please see figure 1 , figure 1 A schematic flowchart of a method for constructing a network security knowledge graph is provided for the embodiment of the present application. Among them, the construction method of the network security knowledge graph includes:

[0064] S101. Obtain original relational data used to construct a network security knowledge graph.

[0065] In the embodiment of the present application, when obtaining the original relational data, the security event data may be obtained first, and then the relational extraction processing is performed on the security event data to obtain the original relational data.

[0066] In the embodiment of the present application, the security event data includes various security event data such as phishing event data, remote control Trojan horse data, malware data, exploit data, website backdoor data, DDOS attack data, flow data, domain name data, and URL log data , external threat intelligence data, whois domain n...

Embodiment 2

[0085] Please see figure 2 , figure 2 It is a schematic flow chart of a method for constructing a network security knowledge graph provided in the embodiment of the present application. Such as figure 2 As shown, wherein, the construction method of the network security knowledge graph includes:

[0086] S201. Obtain original relational data used to construct a network security knowledge graph.

[0087] As an optional implementation manner, obtaining the original relational data used to construct the network security knowledge map may include the following steps:

[0088] Obtain network security event data for building a network security knowledge graph;

[0089] The entity relationship extraction process is performed on the network security event data to obtain the original relationship data.

[0090] In the above embodiments, the original relational data includes various security event data such as phishing event data, remote control Trojan horse data, malware data, e...

Embodiment 3

[0149] Please see image 3 , image 3 It is a schematic flow chart of a method for constructing a network security knowledge graph provided in the embodiment of the present application. Such as image 3 As shown, wherein, the construction method of the network security knowledge graph includes:

[0150] S301. Obtain original relational data used to construct a network security knowledge graph.

[0151]S302. Construct an original relationship graph according to the original relationship data.

[0152] S303. Determine target node pairs for which new relationships need to be predicted and relationship paths of the target node pairs according to the original relationship graph.

[0153] After step S303, the following steps are also included:

[0154] S304. Determine the path vector set of the target node pair according to the original relationship graph and the relationship path.

[0155] S305. Perform relational reasoning processing on the set of path vectors through a pre-...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a method and device for constructing a network security knowledge graph, and relates to the technical field of network security. The construction method of thenetwork security knowledge graph comprises the steps: firstly obtaining original relation data for constructing the network security knowledge graph, and constructing an original relation graph according to the original relation data; then performing relationship reasoning processing on an original relationship graph through a pre-constructed relationship reasoning model to obtain a missing relationship set; and finally, performing optimization processing on the original relationship graph according to the missing relationship set to obtain a network security knowledge graph. Visibly, in themethod, the missing relation can be automatically reasoned, the network security knowledge graph can be generated, manual participation is not needed, the accuracy is high, the speed is high, and theconstruction efficiency of the network security knowledge graph can be improved.

Description

technical field [0001] The present application relates to the technical field of network security, in particular, to a method and device for constructing a network security knowledge graph. Background technique [0002] At present, with the development of big data technology and the increasingly complex network environment, cyberspace contains a large amount of valuable network threat intelligence data. The network security knowledge graph can conduct fine-grained in-depth correlation analysis and mining of massive fragmented multi-source heterogeneous threat intelligence data, and then identify network attacks and intrusion behaviors through the network security knowledge graph. The existing network security knowledge graph construction method usually first extracts entities and the relationship between entities from the network threat intelligence data, and then manually infers the missing relationship between entities, and finally according to the extracted entities, the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06N3/04G06N3/08
CPCH04L63/1416G06N3/08G06N3/045
Inventor 鲍青波周晓阳万可
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap