摘要
物联网(Internet of Things,IoT)技术的快速发展带来了巨大的市场潜力,同时也带来了安全和隐私问题。传统的安全方法已不能应对新的网络威胁,威胁情报和安全态势感知等主动防御策略应运而生。知识图谱技术为解决威胁情报的提取、整合和分析提供了新的思路。首先回顾了物联网安全本体的构建,包括通用安全本体和特定领域安全本体。接着,梳理了威胁情报信息抽取的关键技术,包括基于规则匹配、统计学习和深度学习的方法。然后,探讨了物联网威胁情报知识图谱的构建框架,涉及数据源、信息抽取、本体构建等方面。最后,讨论了物联网威胁情报知识图谱的应用情景,并指出当前研究面临的挑战,展望了未来的研究方向。
The rapid development of Internet of Things(IoT)technology has brought enormous market potential,but it has also brought about security and privacy issues.Traditional security methods are no longer sufficient to address emerging network threats.Proactive defense strategies,such as threat intelligence and security situational awareness,have emerged as effective alternatives.Knowledge graph technology offers innovative approaches for extracting,integrating,and analyzing threat intelligence.Firstly,the construction of IoT security ontology,including the general security ontology and domain-specific security ontology was reviewed.Next,the key technologies for extracting threat intelligence information were summarized,including methods based on rule matching,statistical learning,and deep learning.Then the construction framework of the IoT threat intelligence knowledge graph was explared,which included data sources,information extraction,ontology construction,and other aspects.Finally,the application scenarios of the IoT threat intelligence knowledge graph were discussed,the current research challenges were highlighted,and the future research directions were anticipated.
作者
李昌建
于晗
陈恺
赵晓娟
韩跃
李爱平
LI Changjian;YU Han;CHEN Kai;ZHAO Xiaojuan;HAN Yue;LI Aiping(School of Computer Science,National University of Defense Technology,Changsha 410073,China;Hunan University of Humanities,Science and Technology,Loudi 417000,China)
基金
国家重点研发计划(2022YFB3104103)。
关键词
物联网安全
威胁情报
知识图谱
信息抽取
本体构建
知识图谱构建
internet of things security
threat intelligence
knowledge graph
information extraction
ontology construction
knowledge graph construction
