测控技术2025,Vol.44Issue(9):61-67,7.DOI:10.19708/j.ckjs.2025.04.222
基于多源异构图数据的工业网络漏洞关联检测方法研究
Research on Industrial Network Vulnerability Correlation Detection Method Based on Multi-Source Heterogeneous Graph Data
摘要
Abstract
The industrial network environment is extremely complex,covering multiple different protocols,de-vices,and systems.In addition,the diversity of these devices and systems leads to various forms of vulnerability manifestations,making it difficult to conduct unified correlation analysis.The massive amount of data generated in industrial networks increases the difficulty of detection,and the accuracy and completeness of the data also vary,further interfering with correlation detection.Traditional methods only detect vulnerability types through the calculation of feature similarity,which cannot correctly identify the meta paths corresponding to their fea-ture vectors,resulting in deviations in the calculated feature similarity and a decrease in the accuracy of the de-tection results.Therefore,a vulnerability correlation detection method for industrial networks based on multi-source heterogeneous graph data is proposed.By defining the mapping relationship between nodes and edges in an industrial network directed graph,a corresponding star shaped heterogeneous graph is constructed.The het-erogeneous graph data from different sources in the network is sliced separately,and an encoder with Bernstein polynomials as the core is adopted to extract the graph features of the heterogeneous graphs.The similarity of the extracted features is calculated,and a loss function is introduced to constrain the alignment process of fea-ture vector element paths,in order to associat with known vulnerability libraries to obtain vulnerability detection results.The experimental results show that the method exhibits a false alarm rate of only 3.72%and a false a-larm rate of only 2.49%.The detection results have high accuracy and can provide effective assistance for the operation and maintenance of industrial networks.关键词
漏洞检测/网络漏洞/工业网络/多源异构图数据/关联检测Key words
vulnerability detection/network vulnerabilities/industrial network/multi-source heterogeneous graph data/correlation detection分类
信息技术与安全科学引用本文复制引用
王启蒙,龚亮华,陶松,徐华邵..基于多源异构图数据的工业网络漏洞关联检测方法研究[J].测控技术,2025,44(9):61-67,7.基金项目
国家重点研发计划项目(2023YFB3107300) (2023YFB3107300)
