软件导刊2025,Vol.24Issue(5):179-185,7.DOI:10.11907/rjdk.241277
面向APT的网络威胁情报知识图谱构建研究
Research on the Construction of Network Threat Intelligence Knowledge Graph for APT
宋国宝1
作者信息
- 1. 江西理工大学 信息工程学院,江西 赣州 341000
- 折叠
摘要
Abstract
Aiming at the problem of ineffective utilization of Advanced Persistent Threat(APT)intelligence and the lack of automated meth-ods to generate structured knowledge and construct APT attack knowledge graphs,a method for automatic extraction of APT attack knowledge combining entity recognition and relationship extraction is proposed.Firstly,design 11 entity categories and 9 relationship categories based on the characteristics of APT attacks;Secondly,the CySecBERT-BiLSTM-ATTN-NCRF entity recognition model and the CySecBERT-ATLOP document level relationship extraction model are proposed separately for entity and relationship extraction in APT intelligence;Finally,con-struct an APT threat intelligence knowledge graph to clearly present entities and their relationships.The experimental results showed that com-pared to the baseline model,this method improved the F1 scores in entity recognition and relationship extraction by 4.65 and 14.52,respec-tively;The knowledge graph presented in Neo4j also proves its effectiveness.关键词
知识图谱/实体识别/关系抽取/威胁情报Key words
knowledge graph/entity recognition/relationship extraction/threat intelligence分类
计算机与自动化引用本文复制引用
宋国宝..面向APT的网络威胁情报知识图谱构建研究[J].软件导刊,2025,24(5):179-185,7.
