ABSTRACT
In order to solve the problem that It is difficult for network security operation and maintenance personnel to identify the required data in a timely and accurate manner when analyzing network security events, this paper proposed a recommendation algorithm of network security event based on knowledge graph, it uses the network threat framework ATT&CK to construct an ontology model, establishes a network threat knowledge graph based on the ontology model, extract discrete security data into interrelated security knowledge. This article extracts entity data based on knowledge graph, obtains entity vectors through TransH algorithm, and uses entity vectors to calculate data similarity between entities in network threat data. We extract network security data entities from literature on network security event handling as disposal behaviors, construct a disposal behavior matrix, and use the behavior matrix to achieve vectorized representation of network threat data. it calculates the similarity of network threat data entities based on disposal behaviors. Finally, the similarity between the network threat data and the threat data under network security event handling behavior is fused to form a data recommendation list for network security events, achieving correlation between network threat domains based on user behavior. The algorithm incorporates disposition behavior similarity on the basis of data similarity, which is closer to factual disposition behavior. Compared with other algorithms, this algorithm has a significant advantage in recall rate and accuracy within the range of recommended data volume less than 10.
- Fang Wenting. 2015. Research on semantic retrieval system of ontology in communication domain [D]. Nanchang: Jiangxi Normal University.Google Scholar
- Wen Hui, Xu Kaiyong, Zhao Bin, 2010. Research on correlation analysis and active response mechanism of Network Security events [J]. Journal of Computer Applications and Software, 27(4):4.Google Scholar
- Zhang Shuying. 2012. Research on Network Security Event Correlation Analysis and Situation Evaluation Technology [D]. Jilin University.Google Scholar
- Cuppens F, Miege A. 2002. Alert correlation in a cooperative intrusion detection framework[C]//Security and privacy, 2002. proceedings. 2002 ieee symposium on. IEEE, 202-215.Google Scholar
- Yichao Zang, Tianyang Zhou, Xiaoyue Ge, 2019. An Improved Attack Path Discovery Algorithm Through Compact Graph Planning[J]. IEEE Access, 99):1.Google Scholar
- Li K, Zhou H, Tu Z, 2020. Cskb: A cyber security knowledge base based on knowledge graph[C]//Security and Privacy in Digital Economy: First International Conference, SPDE 2020, Quzhou, China, October 30–November 1, 2020, Proceedings 1. Springer Singapore, 100-113.Google Scholar
- Syed Zareen,Padia Ankur,Finin Tim,et al. 2016. UCO: A Unified Cyber security Ontology[Z].Google Scholar
- Sun Cheng, Hu Hao, Yang Yingjie, A 0day attack path prediction method based on Network defense Knowledge Graph [J]. Journal of Network and Information Security, 2022(001):008Google Scholar
- Wang H, Zhang F, Wang J, Ripplenet: Propagating user preferences on the knowledge graph for recommender systems [C]// Proceedings of the 27th ACM International Conference on Information and Knowledge, 2018: 417-426.Google Scholar
- Wang X, Wang D, Xu C, Explainable reasoning over knowledge graphs for recommendation[C]//Proceedings of the AAAI conference on artificial intelligence. 2019, 33(01): 5329-5336.Google Scholar
- Rendle, S.; Freudenthaler, C.; Gantner, Z.; and Schmidt Thieme, L. 2009. BPR: bayesian personalized ranking from implicit feedback. In UAI, 452–461.Google Scholar
- Zhang F.; Yuan N. J.; Lian D.; Xie X.; and Ma W. Collaborative knowledge base embedding for recommender systems. In SIGKDD, 2016,353–362.Google ScholarDigital Library
- Zhao H, Yao Q, Li J, Meta-graph based recommendation fusion over heterogeneous information networks[C]//Proceedings of the 23rd ACM SIGKDD international conference on knowledge discovery and data mining. 2017: 635-644.Google Scholar
- Xu Zenglin, Sheng Yongpan, He Lirong, Overview of knowledge graph technology [J]. Journal of University of Electronic Science and Technology of China. 2016,45(4).Google Scholar
- Zhou X, Zhu Q, Liu P, Learning knowledge embeddings by combining limit-based scoring loss[C]//Proceedings of the 2017 ACM on Conference on Information and Knowledge Management. 2017: 1009-1018.Google Scholar
- Li Zhongwei, Gao Dong, Liu Xin, A recommendation algorithm for Marine numerical prediction data based on Knowledge graph [J]. Computer Engineering and Design, 2023,44 (5)..Google Scholar
- Rani U, Bidhan K. Comparative Assessment of Extractive Summarization: TextRank, TF-IDF and LDA[J]. Journal of Scientific Research, 2021(01).DOI:10.37398/JSR.2021.650140.Google ScholarCross Ref
- GB/T 20986-2023. Information Security technology Network security incident classification classification guide.[S]Google Scholar
Index Terms
- Improved Recommendation Algorithm Based On Knowledge Graph
Recommendations
A Cyberspace Security Knowledge System Based on Knowledge Graph
Artificial Intelligence and SecurityAbstractKnowledge graph plays an important role in semantic search, data analysis and intelligent decision making, and has made remarkable achievements in many fields. However, it is rarely used in the field of network security, which hinders the ...
Threat Analysis of IoT Security Knowledge Graph Based on Confidence
Emerging Technologies for EducationAbstractThe identification, analysis and application of vulnerabilities and weaknesses exposed after attacks on devices in the IoT security field are imminent. It is very important to combine the concepts of IoT security and knowledge graph to build the ...
Research on Improved Data Encryption Algorithm Based on AES
ICIIP '18: Proceedings of the 3rd International Conference on Intelligent Information ProcessingThe Internet of things makes it possible for people, objects, people and objects to interact with each other, which also makes information security more and more important. Encryption technology plays a vital role in data security for the Internet of ...
Comments