Shuqin Zhang, Xinyu Su, Peiyu Shi, Tianhui Du, Yunfei Han
{"title":"基于多源攻防知识的威胁建模及应用研究","authors":"Shuqin Zhang, Xinyu Su, Peiyu Shi, Tianhui Du, Yunfei Han","doi":"10.32604/cmc.2023.040964","DOIUrl":null,"url":null,"abstract":"Cyber Threat Intelligence (CTI) is a valuable resource for cybersecurity defense, but it also poses challenges due to its multi-source and heterogeneous nature. Security personnel may be unable to use CTI effectively to understand the condition and trend of a cyberattack and respond promptly. To address these challenges, we propose a novel approach that consists of three steps. First, we construct the attack and defense analysis of the cybersecurity ontology (ADACO) model by integrating multiple cybersecurity databases. Second, we develop the threat evolution prediction algorithm (TEPA), which can automatically detect threats at device nodes, correlate and map multi-source threat information, and dynamically infer the threat evolution process. TEPA leverages knowledge graphs to represent comprehensive threat scenarios and achieves better performance in simulated experiments by combining structural and textual features of entities. Third, we design the intelligent defense decision algorithm (IDDA), which can provide intelligent recommendations for security personnel regarding the most suitable defense techniques. IDDA outperforms the baseline methods in the comparative experiment.","PeriodicalId":93535,"journal":{"name":"Computers, materials & continua","volume":"134 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Threat Modeling and Application Research Based on Multi-Source Attack and Defense Knowledge\",\"authors\":\"Shuqin Zhang, Xinyu Su, Peiyu Shi, Tianhui Du, Yunfei Han\",\"doi\":\"10.32604/cmc.2023.040964\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyber Threat Intelligence (CTI) is a valuable resource for cybersecurity defense, but it also poses challenges due to its multi-source and heterogeneous nature. Security personnel may be unable to use CTI effectively to understand the condition and trend of a cyberattack and respond promptly. To address these challenges, we propose a novel approach that consists of three steps. First, we construct the attack and defense analysis of the cybersecurity ontology (ADACO) model by integrating multiple cybersecurity databases. Second, we develop the threat evolution prediction algorithm (TEPA), which can automatically detect threats at device nodes, correlate and map multi-source threat information, and dynamically infer the threat evolution process. TEPA leverages knowledge graphs to represent comprehensive threat scenarios and achieves better performance in simulated experiments by combining structural and textual features of entities. Third, we design the intelligent defense decision algorithm (IDDA), which can provide intelligent recommendations for security personnel regarding the most suitable defense techniques. IDDA outperforms the baseline methods in the comparative experiment.\",\"PeriodicalId\":93535,\"journal\":{\"name\":\"Computers, materials & continua\",\"volume\":\"134 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers, materials & continua\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.32604/cmc.2023.040964\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers, materials & continua","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.32604/cmc.2023.040964","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Threat Modeling and Application Research Based on Multi-Source Attack and Defense Knowledge
Cyber Threat Intelligence (CTI) is a valuable resource for cybersecurity defense, but it also poses challenges due to its multi-source and heterogeneous nature. Security personnel may be unable to use CTI effectively to understand the condition and trend of a cyberattack and respond promptly. To address these challenges, we propose a novel approach that consists of three steps. First, we construct the attack and defense analysis of the cybersecurity ontology (ADACO) model by integrating multiple cybersecurity databases. Second, we develop the threat evolution prediction algorithm (TEPA), which can automatically detect threats at device nodes, correlate and map multi-source threat information, and dynamically infer the threat evolution process. TEPA leverages knowledge graphs to represent comprehensive threat scenarios and achieves better performance in simulated experiments by combining structural and textual features of entities. Third, we design the intelligent defense decision algorithm (IDDA), which can provide intelligent recommendations for security personnel regarding the most suitable defense techniques. IDDA outperforms the baseline methods in the comparative experiment.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
