摘要
为提高网络安全告警率、降低数据丢包率,设计了基于知识图谱的网络安全漏洞类型关联分析系统,设计了网络安全漏洞知识库体系结构,更新补丁数据库。根据漏洞信息,自动收集结构采集的相关信息,并依据网络安全知识图谱搜索相关语意,设计漏洞库特征匹配流程,使知识库系统达到一个平衡点。使用Apriori算法,结合最小置信度生成关联规则,确定从事件ID到漏洞ID的指向关系,得到高、中、低3种类型的漏洞危害等级。实验结果表明,该系统网络安全告警率最高为0.99,最高数据丢包率仅为0.32%,具有良好的分析效果。
In order to increase the network security alarm rate and reduce the data packet loss rate,a network security vulnerability type correlation analysis system based on the knowledge graph is designed.Design the network security vulnerability knowledge base system structure and update the patch database.Automatically collect relevant information based on the structure of the vulnerability information,search for relevant semantics based on the network security knowledge graph,and design the feature matching process of the vulnerability database to make the knowledge base system reach a balance point.Using the Apriori algorithm,combined with the minimum confidence to generate association rules,determine the directional relationship from the event ID to the vulnerability ID,and obtain three types of vulnerability hazard levels:high,medium,and low.Experimental results show that the highest network security alarm rate of the system is 0.99,and the highest data packet loss rate is only 0.32%,which has a good analysis effect.
作者
王晓辉
宋学坤
WANG Xiaohui;SONG Xuekun(Henan University of Chinese Medicine,Zhengzhou 450046,China)
出处
《电子设计工程》
2021年第17期85-89,共5页
Electronic Design Engineering
基金
国家自然基金青年项目(61702164,81703946)
河南省科技攻关计划项目(172102310535)。
关键词
知识图谱
网络安全漏洞
关联分析
关联引擎
knowledge map
network security vulnerabilities
correlation analysis
associated with the engine
