检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:赵扬涛 赵刚[1] 周峰竹 ZHAO Yangtao;ZHAO Gang;ZHOU Fengzhu(School of Information Management,Beijing Information Science&Technology University,Beijing 100192,China)
机构地区:[1]北京信息科技大学信息管理学院,北京100192
出 处:《中国科技论文》2024年第7期831-840,共10页China Sciencepaper
基 金:国家重点研发计划项目(2019YFB1405000)。
摘 要:针对当前攻击预测方法存在适用性差、知识利用率低、难以应对多样化的攻击威胁等问题,提出一种基于知识图谱和强化学习的攻击预测方法。首先,构建网络安全知识图谱和攻击场景知识图谱;其次,融合知识表示学习和深度强化学习方法,提出攻击预测知识推理模型RLBTransE,针对攻击场景网络拓扑和攻击场景知识图谱,分别生成主机间攻击路径和单主机内攻击路径,最终实现完整攻击路径预测。在模拟实验场景数据集上的实验结果表明,RLBTransE相较于目前典型先进方法,平均倒数排名(mean reciprocal rank,MRR)和Hits@1分别提高了10.1%和9.3%。与其他攻击预测方法的对比实验进一步验证了所提方法具有更好的适用性和可解释性。To address the problems of poor applicability,low knowledge utilization and difficulty in dealing with diverse attack threats for current attack prediction methods,an attack prediction method based on knowledge graph and reinforcement learning was proposed.Firstly,a cyber security knowledge graph and an attack scenario knowledge graph were constructed.Secondly,the knowledge representation learning and deep reinforcement learning methods were integrated to propose an attack prediction knowl⁃edge reasoning model RLBTransE.Based on the attack scenario network topology and attack scenario knowledge graph,inter-host attack paths and single-host attack paths were generated respectively,and finally the complete attack path prediction was realized.Experimental results on the simulated experimental scenario data set show that,compared with current typical advanced methods,RLBTransE improves the mean reciprocal rank(MRR)and Hits@1 by 10.1%and 9.3%,respectively.Comparative experiments with other attack prediction methods also verify the better applicability and interpretability of this method.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.221.83.96