计算机工程2024,Vol.50Issue(1):145-155,11.DOI:10.19678/j.issn.1000-3428.0067273
基于安全知识图谱与逆向特征的弱点信息补全
Vulnerability Information Completion Based on Security Knowledge Graph and Reverse Features
摘要
Abstract
The open-source network security knowledge base has become an effective source of vulnerability security reinforcement measures.However,because of the difficulty in heterogeneous information collaboration and historical information maintenance,the problem of missing vulnerability information in the open-source network security knowledge base has always existed.VulKGC-RN,a vulnerability information completion method based on security knowledge graph and reverse features,is proposed to address the issue of insufficient learning of different neighborhood features in existing methods for vulnerability information completion.This method constructs a vulnerability security knowledge graph that associates four types of open-source network security knowledge bases(CVE,CWE,CAPEC,and ATT&CK)to capture different neighborhood details.The network structure of security entities in the vulnerability security knowledge graph is analyzed,and reverse neighborhood information is captured using a reverse knowledge graph.A graph attention mechanism is adopted to learn different neighborhood features,and the role features of the forward and reverse neighborhoods of the security entities learned by the graph attention network are fused to complete the information of the vulnerability security knowledge graph.Experiments are conducted on an open-source network security dataset consisting of 5 types of 7 199 security entities and 15 types of 11 817 association relationships.The results show that VulKGC-RN achieves a Mean Ranking(MR)of 179 and a Mean Reciprocal Ranking(MRR)of 0.671 4,which is superior to those of the baseline method.关键词
网络安全知识库/漏洞弱点/安全知识图谱/知识图谱补全/图注意力网络Key words
network security knowledge base/vulnerability/security knowledge graph/knowledge graph completion/graph attention network分类
信息技术与安全科学引用本文复制引用
周莎,申国伟,郭春..基于安全知识图谱与逆向特征的弱点信息补全[J].计算机工程,2024,50(1):145-155,11.基金项目
国家自然科学基金(62062022) (62062022)
贵州省省级科技计划项目(黔科合基础-ZK[2023]重点011). (黔科合基础-ZK[2023]重点011)
