关键基础设施保护的管理知识图谱方法:本体设计、信息提取和关系预测

IF 4.1 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection Pub Date : 2023-08-23 DOI:10.1016/j.ijcip.2023.100634

Jiarui Chen, Yiqin Lu, Yang Zhang, Fang Huang, Jiancheng Qin

{"title":"关键基础设施保护的管理知识图谱方法:本体设计、信息提取和关系预测","authors":"Jiarui Chen, Yiqin Lu, Yang Zhang, Fang Huang, Jiancheng Qin","doi":"10.1016/j.ijcip.2023.100634","DOIUrl":null,"url":null,"abstract":"<div>Critical Infrastructures (CI) underpin the basic functioning of society and the economy. Proper governance of CI security management remains a crucial challenge. This study aims to construct a knowledge graph for modeling CI protection. While the previous research has focused on threat intelligence modeling and open knowledge bases, they miss considering the defense side. Accordingly, we propose a knowledge graph for critical infrastructure protection, CIPKG, that extends the management ontology to include the defense side. It addresses the cross-industry and cross-time information gaps that occur in the process of CI protection management, making it more comprehensive in structure than the existing knowledge graph. We employ simplified Structured Threat Information Expression as attack ontology and design a new ontology for the defense side, which could combine with the existing threat ontology to form the CI protection knowledge graph. To dynamically extract information from emerging knowledge, we employ a Bi-directional Long Short-Term Memory and Conditional Random Field model with pre-trained cybersecurity domain-specific Bidirectional Encoder Representations from Transformers to recognize the named entities from CI regulations and standards. To associate the threat part with the management portion of the knowledge graph, we adopt the Knowledge Graph Bidirectional Encoder Representations from Transformer model to capture the semantic information and predict the relationship between threat and management. After information extraction and relation prediction, we build a knowledge graph with 529,360 nodes and about 3,335,000 edges.</div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"43 ","pages":"Article 100634"},"PeriodicalIF":4.1000,"publicationDate":"2023-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A management knowledge graph approach for critical infrastructure protection: Ontology design, information extraction and relation prediction\",\"authors\":\"Jiarui Chen, Yiqin Lu, Yang Zhang, Fang Huang, Jiancheng Qin\",\"doi\":\"10.1016/j.ijcip.2023.100634\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>Critical Infrastructures (CI) underpin the basic functioning of society and the economy. Proper governance of CI security management remains a crucial challenge. This study aims to construct a knowledge graph for modeling CI protection. While the previous research has focused on threat intelligence modeling and open knowledge bases, they miss considering the defense side. Accordingly, we propose a knowledge graph for critical infrastructure protection, CIPKG, that extends the management ontology to include the defense side. It addresses the cross-industry and cross-time information gaps that occur in the process of CI protection management, making it more comprehensive in structure than the existing knowledge graph. We employ simplified Structured Threat Information Expression as attack ontology and design a new ontology for the defense side, which could combine with the existing threat ontology to form the CI protection knowledge graph. To dynamically extract information from emerging knowledge, we employ a Bi-directional Long Short-Term Memory and Conditional Random Field model with pre-trained cybersecurity domain-specific Bidirectional Encoder Representations from Transformers to recognize the named entities from CI regulations and standards. To associate the threat part with the management portion of the knowledge graph, we adopt the Knowledge Graph Bidirectional Encoder Representations from Transformer model to capture the semantic information and predict the relationship between threat and management. After information extraction and relation prediction, we build a knowledge graph with 529,360 nodes and about 3,335,000 edges.</div>\",\"PeriodicalId\":49057,\"journal\":{\"name\":\"International Journal of Critical Infrastructure Protection\",\"volume\":\"43 \",\"pages\":\"Article 100634\"},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2023-08-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Critical Infrastructure Protection\",\"FirstCategoryId\":\"5\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1874548223000471\",\"RegionNum\":3,\"RegionCategory\":\"工程技术\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Critical Infrastructure Protection","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1874548223000471","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 1

摘要

关键基础设施是社会和经济基本运作的基础。CI安全管理的适当治理仍然是一个关键挑战。本研究旨在构建一个用于CI保护建模的知识图。虽然之前的研究侧重于威胁情报建模和开放知识库，但他们没有考虑防御方面。因此，我们提出了一个用于关键基础设施保护的知识图CIPKG，它扩展了管理本体以包括防御端。它解决了CI保护管理过程中出现的跨行业、跨时间的信息缺口，使其在结构上比现有的知识图更全面。我们采用简化的结构化威胁信息表达作为攻击本体，并为防御方设计了一个新的本体，该本体可以与现有的威胁本体相结合，形成CI保护知识图。为了从新兴知识中动态提取信息，我们使用双向长短期记忆和条件随机场模型，该模型具有来自Transformers的预先训练的网络安全领域特定双向编码器表示，以识别CI法规和标准中的命名实体。为了将威胁部分与知识图的管理部分相关联，我们采用Transformer模型中的知识图双向编码器表示来捕获语义信息，并预测威胁与管理之间的关系。经过信息提取和关系预测，我们构建了一个具有529360个节点和大约3335000条边的知识图。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A management knowledge graph approach for critical infrastructure protection: Ontology design, information extraction and relation prediction

Critical Infrastructures (CI) underpin the basic functioning of society and the economy. Proper governance of CI security management remains a crucial challenge. This study aims to construct a knowledge graph for modeling CI protection. While the previous research has focused on threat intelligence modeling and open knowledge bases, they miss considering the defense side. Accordingly, we propose a knowledge graph for critical infrastructure protection, CIPKG, that extends the management ontology to include the defense side. It addresses the cross-industry and cross-time information gaps that occur in the process of CI protection management, making it more comprehensive in structure than the existing knowledge graph. We employ simplified Structured Threat Information Expression as attack ontology and design a new ontology for the defense side, which could combine with the existing threat ontology to form the CI protection knowledge graph. To dynamically extract information from emerging knowledge, we employ a Bi-directional Long Short-Term Memory and Conditional Random Field model with pre-trained cybersecurity domain-specific Bidirectional Encoder Representations from Transformers to recognize the named entities from CI regulations and standards. To associate the threat part with the management portion of the knowledge graph, we adopt the Knowledge Graph Bidirectional Encoder Representations from Transformer model to capture the semantic information and predict the relationship between threat and management. After information extraction and relation prediction, we build a knowledge graph with 529,360 nodes and about 3,335,000 edges.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Critical Infrastructure Protection COMPUTER SCIENCE, INFORMATION SYSTEMS-ENGINEERING, MULTIDISCIPLINARY

CiteScore

8.90

自引率

5.60%

发文量

审稿时长

>12 weeks

期刊介绍： The International Journal of Critical Infrastructure Protection (IJCIP) was launched in 2008, with the primary aim of publishing scholarly papers of the highest quality in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology, law and policy to craft sophisticated yet practical solutions for securing assets in the various critical infrastructure sectors. These critical infrastructure sectors include: information technology, telecommunications, energy, banking and finance, transportation systems, chemicals, critical manufacturing, agriculture and food, defense industrial base, public health and health care, national monuments and icons, drinking water and water treatment systems, commercial facilities, dams, emergency services, nuclear reactors, materials and waste, postal and shipping, and government facilities. Protecting and ensuring the continuity of operation of critical infrastructure assets are vital to national security, public health and safety, economic vitality, and societal wellbeing. The scope of the journal includes, but is not limited to: 1. Analysis of security challenges that are unique or common to the various infrastructure sectors. 2. Identification of core security principles and techniques that can be applied to critical infrastructure protection. 3. Elucidation of the dependencies and interdependencies existing between infrastructure sectors and techniques for mitigating the devastating effects of cascading failures. 4. Creation of sophisticated, yet practical, solutions, for critical infrastructure protection that involve mathematical, scientific and engineering techniques, economic and social science methods, and/or legal and public policy constructs.