Yongfu Wang, Ying Zhou, Xiaohai Zou, Quanqiang Miao, Wei Wang
{"title":"The analysis method of security vulnerability based on the knowledge graph","authors":"Yongfu Wang, Ying Zhou, Xiaohai Zou, Quanqiang Miao, Wei Wang","doi":"10.1145/3442520.3442535","DOIUrl":null,"url":null,"abstract":"Given the increasingly prominent network security issues, it is of great significance to deeply analyze the vulnerability of network space software and hardware resources. Although the existing Common Vulnerabilities and Exposures (CVE) security vulnerability database contains a wealth of vulnerability information, the information is poorly readable, the potential correlation is difficult to express intuitively, and the degree of visualization is insufficient. To solve the current problems, a method of constructing a knowledge graph of CVE security vulnerabilities is proposed. By acquiring raw data, ontology modeling, data extraction and import, the knowledge graph is imported into the Neo4j graph database to complete the construction of the CVE knowledge graph. Based on the knowledge graph, the in-depth analysis is performed from the cause dimension, time dimension and association dimension, and the results are displayed visually. Experiments show that this analysis method can intuitively and effectively mine the intrinsic value of CVE security vulnerability data.","PeriodicalId":340416,"journal":{"name":"Proceedings of the 2020 10th International Conference on Communication and Network Security","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2020 10th International Conference on Communication and Network Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3442520.3442535","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 4
Abstract
Given the increasingly prominent network security issues, it is of great significance to deeply analyze the vulnerability of network space software and hardware resources. Although the existing Common Vulnerabilities and Exposures (CVE) security vulnerability database contains a wealth of vulnerability information, the information is poorly readable, the potential correlation is difficult to express intuitively, and the degree of visualization is insufficient. To solve the current problems, a method of constructing a knowledge graph of CVE security vulnerabilities is proposed. By acquiring raw data, ontology modeling, data extraction and import, the knowledge graph is imported into the Neo4j graph database to complete the construction of the CVE knowledge graph. Based on the knowledge graph, the in-depth analysis is performed from the cause dimension, time dimension and association dimension, and the results are displayed visually. Experiments show that this analysis method can intuitively and effectively mine the intrinsic value of CVE security vulnerability data.
在网络安全问题日益突出的今天,深入分析网络空间软硬件资源的脆弱性具有十分重要的意义。现有的CVE (Common Vulnerabilities and Exposures)安全漏洞数据库虽然包含了丰富的漏洞信息,但信息可读性差,潜在的相关性难以直观表达,可视化程度不足。针对目前存在的问题,提出了一种构建CVE安全漏洞知识图的方法。通过获取原始数据、本体建模、数据提取和导入,将知识图导入到Neo4j图形数据库中,完成CVE知识图的构建。在知识图谱的基础上,从原因维度、时间维度和关联维度进行深入分析,并以可视化的方式显示分析结果。实验表明,该分析方法能够直观有效地挖掘CVE安全漏洞数据的内在价值。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
