Zhengjun Liu, Zhi Sun, Jianfeng Chen, Yujing Zhou, Tao Yang, Hui Yang, Jie Liu
{"title":"基于stix的网络安全知识图本体建模方法","authors":"Zhengjun Liu, Zhi Sun, Jianfeng Chen, Yujing Zhou, Tao Yang, Hui Yang, Jie Liu","doi":"10.1145/3397056.3397083","DOIUrl":null,"url":null,"abstract":"Network security incidents are complex and unstructured, making them difficult to understand and share. In this paper, we analyzes the commonality between structured threat information representation (STIX) and network security domain knowledge, and proposes a knowledge graph ontology modeling method of network security based on STIX. With the architecture knowledge of STIX, this method generates an ontology schema of network security knowledge graph, through classifying the concepts in the field of network security, describing the attributes of concepts and combing the relationships between concepts. The ontology schema has small redundancy and strong structural hierarchy, and can clearly display the structure of the attack activity and the mutual relationship. Therefore, it can help decision makers to understand security incidents more deeply, and help them make reasonable decisions and share cyber threat intelligence.","PeriodicalId":365314,"journal":{"name":"Proceedings of the 2020 3rd International Conference on Geoinformatics and Data Analysis","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"STIX-based Network Security Knowledge Graph Ontology Modeling Method\",\"authors\":\"Zhengjun Liu, Zhi Sun, Jianfeng Chen, Yujing Zhou, Tao Yang, Hui Yang, Jie Liu\",\"doi\":\"10.1145/3397056.3397083\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Network security incidents are complex and unstructured, making them difficult to understand and share. In this paper, we analyzes the commonality between structured threat information representation (STIX) and network security domain knowledge, and proposes a knowledge graph ontology modeling method of network security based on STIX. With the architecture knowledge of STIX, this method generates an ontology schema of network security knowledge graph, through classifying the concepts in the field of network security, describing the attributes of concepts and combing the relationships between concepts. The ontology schema has small redundancy and strong structural hierarchy, and can clearly display the structure of the attack activity and the mutual relationship. Therefore, it can help decision makers to understand security incidents more deeply, and help them make reasonable decisions and share cyber threat intelligence.\",\"PeriodicalId\":365314,\"journal\":{\"name\":\"Proceedings of the 2020 3rd International Conference on Geoinformatics and Data Analysis\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-04-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2020 3rd International Conference on Geoinformatics and Data Analysis\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3397056.3397083\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2020 3rd International Conference on Geoinformatics and Data Analysis","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3397056.3397083","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Network security incidents are complex and unstructured, making them difficult to understand and share. In this paper, we analyzes the commonality between structured threat information representation (STIX) and network security domain knowledge, and proposes a knowledge graph ontology modeling method of network security based on STIX. With the architecture knowledge of STIX, this method generates an ontology schema of network security knowledge graph, through classifying the concepts in the field of network security, describing the attributes of concepts and combing the relationships between concepts. The ontology schema has small redundancy and strong structural hierarchy, and can clearly display the structure of the attack activity and the mutual relationship. Therefore, it can help decision makers to understand security incidents more deeply, and help them make reasonable decisions and share cyber threat intelligence.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
