基于知识图谱推理的工控漏洞利用关系预测方法OA北大核心CSTPCD
Prediction of Industrial Control System Vulnerability Exploitation Relationships Based on Knowledge Graphreasoning
工业控制系统漏洞数量呈快速增长态势,人工分析漏洞利用需要花费的时间与经济成本不断增加,当前推理方法存在信息利用不充分、可解释性差等缺陷.针对上述问题,提出了一种基于知识图谱推理的工控漏洞利用关系预测方法.该方法首先使用路径筛选算法约简漏洞利用路径,然后通过关键关系路径聚合获取路径信息,通过邻居关系信息融合获取邻居信息,最终预测漏洞利用关系.基于安全知识数据与工控场景数据构建了一个包含57 333个实体的工控安全知识图谱,进行漏洞利用关系预测实验.结果表明,提出的方法预测准确率达到99.0%,可以辅助工控漏洞利用预测.
With the rapid growth in the number of vulnerabilities in Industrial Control Systems,the time and economic costs required for manual analysis of vulnerability exploitation are constantly increasing,and current reasoning methods have many deficiencies such as insufficient utilization of information and poor interpretability.To address these problems,a prediction method for exploitation relationships of ICS vulnerabilities is proposed,which is based on knowledge graph reasoning.First,a path filtering algorithm is utilized to minimize the vulnerability exploitation paths.Then,path information is obtained by aggregating key relation paths,and neighbor information is acquired by integrating neighbor relation information.Finally,the exploitation relationships of vulnerabilities are predicted.An experiment on predicting exploit relationships was conducted using a knowledge graph for ICS security,which was built based on security knowledge data and ICS scenario data,and consisted of 57 333 entities.The results indicate that the proposed method can assist in predicting the exploitability of ICS vulnerabilities with an accuracy rate of 99.0%.
梁超;王子博;张耀方;姜文瀚;刘红日;王佰玲
哈尔滨工业大学(威海)计算机科学与技术学院 山东威海 264200哈尔滨工业大学(威海)计算机科学与技术学院 山东威海 264200||威海天之卫网络空间安全科技有限公司 山东威海 264200
计算机与自动化
工业控制系统漏洞利用关系预测知识图谱推理路径筛选
industrial control systems(ICS)vulnerability exploitationrelationship predictionknowledge graph reasoningpath filtering
《信息安全研究》 2024 (006)
498-505 / 8
国家重点研发计划项目(2021YFB2012400)
评论