|
|
面向网络安全事件的事理图谱构建方法研究
|
Abstract:
网络安全形势近年来呈现复杂化、广泛化等特点,对响应决策提出更高要求。现有的网络安全知识图谱只能提供静态的专业知识,无法呈现网络安全事件的动态演变。事理图谱通过追踪分析事件演化路径能为网络安全领域提供更好的决策支持。本文基于网络安全事件特征和相关标准分类构建了事理本体模型,采用模板匹配与依存句法分析获取事件表达,进行事件与事件关系抽取,并使用Gephi工具可视化呈现网络安全事理图谱。最后基于事理图谱数据实现网络安全态势预测和响应方案等决策支持。网络安全事理图谱能有效呈现网络安全事件演化的可能性,能为网络安全治理和应急响应决策提供一定参考。本文面向网络安全事件构建事理图谱,扩大了事理图谱的应用领域。
The situation of cybersecurity has become complicated and extensive in recent years, which puts forward higher requirements for response decision-making. The existing cybersecurity knowledge graph can only provide static expertise, but cannot present the dynamic evolution of cybersecurity events. Event evolutionary graph provides better decision support for cybersecurity by tracking and analyzing event evolution path. First, the event ontology model was constructed based on the characteristics of cybersecurity events and related standard classification, then the event expression was obtained by using template matching and dependency parsing to extract event and event relationship, and the cybersecurity event evolutionary graph was visualized by using Gephi. Finally, the decision support of cybersecurity situation prediction and response scheme were realized based on the event evolutionary graph data. The cybersecurity event evolutionary graph can effectively present the possibility of the evolution of cybersecurity events, and provide some reference for cybersecurity governance and emergency response decision-making. This paper builds the event evolutionary graph based on cybersecurity events which expands its application field.
| [1] | 桂畅旎, 刘星. 2023年国际网络空间形势回顾及发展动向[J]. 中国信息安全, 2023(12): 19-23. |
| [2] | 中国网络安全产业联盟. 中国网络安全产业分析报告[R]. 中国网络安全产业联盟, 2023. |
| [3] | 贾焰, 亓玉璐, 尚怀军, 等. 一种构建网络安全知识图谱的实用方法[J]. 工程(英文), 2018, 4(1): 117-133. |
| [4] | 王通, 艾中良, 张先国. 基于深度学习的威胁情报知识图谱构建技术[J]. 计算机与现代化, 2018(12): 21-26. |
| [5] | 刘善玲, 祁正华. 基于知识图谱的恶意域名检测[J]. 南京邮电大学学报(自然科学版), 2023, 43(3): 96-102. |
| [6] | 王晓狄, 黄诚, 刘嘉勇. 面向网络安全开源情报的知识图谱研究综述[J]. 信息网络安全, 2023, 23(6): 11-21. |
| [7] | 刘如, 周京艳, 李佳娱, 等. 基于数据科学思维的情报事理逻辑揭示与科学解读[J]. 情报理论与实践, 2018, 41(8): 22-27. |
| [8] | 杨纪星, 杨波, 朱剑林, 等. 金融领域事件因果关系发现及事理图谱构建与应用[J]. 中文信息学报, 2023, 37(7): 131-142. |
| [9] | 单晓红, 庞世红, 刘晓燕, 等. 基于事理图谱的政策影响分析方法及实证研究[J]. 复杂系统与复杂性科学, 2019, 16(1): 74-82. |
| [10] | 朱福勇, 刘雅迪, 高帆, 等. 基于图谱融合的人工智能司法数据库构建研究[J]. 扬州大学学报(人文社会科学版), 2019, 23(6): 89-96. |
| [11] | 赵文正, 王羽, 姜晓夏, 等. 军事事理图谱构建与交互式分析工具[J]. 指挥信息系统与技术, 2022, 13(3): 59-64. |
| [12] | 王翊臻, 云红艳, 李正民. 旅游顺承事理图谱的构建及应用研究[J]. 青岛大学学报(自然科学版), 2022, 35(1): 34-39+47. |
| [13] | 高昂, 程越, 李进, 等. 网络新闻事件分类体系及事件本体建模语料库标准化研究[J]. 情报工程, 2017, 3(5): 43-52. |
| [14] | 全国网络安全标准化技术委员会. 信息安全技术网络安全事件分类分级指南: GB/T 20986-2023 [S]. 北京: 中国标准出版社, 2023: 2-6. |
| [15] | 朱艺娜, 曹阳, 钟靖越, 等. 事件抽取技术研究综述[J]. 计算机科学, 2022, 49(12): 264-273. |
| [16] | 马春明, 李秀红, 李哲, 等. 事件抽取综述[J]. 计算机应用, 2022, 42(10): 2975-2989. |
| [17] | Chieu, H.L. and Ng, H.T. (2002) A Maximum Entropy Approach to Information Extraction from Semi-Structured and Free Text. American Association for Artificial Intelligence, 786-791. |
| [18] | Fu, J., Liu, Z., Zhong, Z. and Shan, J. (2009) Chinese Event Extraction Based on Feature Weighting. Information Technology Journal, 9, 184-187. https://doi.org/10.3923/itj.2010.184.187 |
| [19] | Chen, Y., Xu, L., Liu, K., Zeng, D. and Zhao, J. (2015) Event Extraction via Dynamic Multi-Pooling Convolutional Neural Networks. Proceedings of the 53rd Annual Meeting of the Association for Computational Linguistics and the 7th International Joint Conference on Natural Language Processing, Volume 1, 167-176. https://doi.org/10.3115/v1/p15-1017 |
| [20] | 李旭晖, 程威, 唐小雅, 等. 基于多层卷积神经网络的金融事件联合抽取方法[J]. 图书情报工作, 2021, 65(24): 89-99. |
| [21] | Consortium, L.D. (2005) ACE (Automatic Content Extraction) English Annotation Guidelines for Events. |
| [22] | 刘炜, 王旭, 张雨嘉, 等. 一种面向突发事件的文本语料自动标注方法[J]. 中文信息学报, 2017, 31(2): 76-85. |
| [23] | Satyapanich, T., Ferraro, F. and Finin, T. (2020) CASIE: Extracting Cybersecurity Event Information from Text. Proceedings of the AAAI Conference on Artificial Intelligence, 34, 8749-8757. https://doi.org/10.1609/aaai.v34i05.6401 |
| [24] | Trong, H.M.D., Le, D.T., Veyseh, A.P.B., Nguyen, T. and Nguyen, T.H. (2020) Introducing a New Dataset for Event Detection in Cybersecurity Texts. Proceedings of the 2020 Conference on Empirical Methods in Natural Language Processing (EMNLP), November 2020, 5381-5390. |
