Computer Science ›› 2020, Vol. 47 ›› Issue (7): 292-298.doi: 10.11896/jsjkx.190600156

• Information Security • Previous Articles     Next Articles

Network Representation Learning Algorithm Based on Vulnerability Threat Schema

HUANG Yi1,2, SHEN Guo-wei1,2, ZHAO Wen-bo1, GUO Chun1,2   

  1. 1 Department of Computer Science and Technology,Guizhou University,Guiyang 550025,China
    2 Guizhou Provincial Key Laboratory of Public Big Data,Guizhou University,Guiyang 550025,China
  • Received:2019-06-19 Online:2020-07-15 Published:2020-07-16
  • About author:HUANG Yi,born in 1997,postgraduate,is a member of China Computer Federation.Her main research interests include representation learning and network security.
    SHEN Guo-wei,born in 1986,Ph.D,associate professor,is a member of China Computer Federation.His main research interests include cyberspace security and big data.
  • Supported by:
    This work was supported by the National Natural Science Foundation of China (61802081),National Science and Technology Major Project of the Ministry of Science and Technology of Guizhou Province,China(20183001) and Guizhou Provincial Science and Technology Plan (20161052,20171051)

Abstract: Threat intelligence analysis can provide effective attack and defense information for network attack and defense,and fine-grained mining,that is,the relationship between security entities and entities in network threat intelligence data,is a hotspot of network threat intelligence analysis research.Traditional machine learning algorithms,when applied to large-scale network threat intelligence data analysis,face sparse,high-dimensional and other issues,and thus it is difficult to effectively capture network information.To this end,a network representation learning algorithm based on vulnerability threat schema——HSEN2vec for the classification of network security vulnerabilities is proposed.The algorithm aims to capture the structure and semantic information of the heterogeneous security entity network to the maximum extent,and obtains the low-dimensional vector representation of the security entity.In the algorithm,the structural information of the heterogeneous security entity network is obtained based on the vulnerability threat schema,and then modeled by the Skip-gram model,and the effective prediction is performed by the negative sampling technique to obtain the final vector representation.The experimental results show that in the national security vulnerability data,compared with other methods,the learning algorithm proposed in this paper improves the accuracy of vulnerability classification and other evaluation indicators.

Key words: Network representation learning, Heterogeneous security entity network, Threat schema, Vulnerability

CLC Number: 

  • TP393.0
[1] YANG P A,WU Y,SU L Y,et al.Overview of Threat Intelligence Sharing Technologies in Cyberspace[J].ComputerScie-nce,2018,45(6):9-18,26.
[2] LI C,ZHOU Y.Analysis on Threat Intelligence in Big Data Environment[J].Journal of Intelligence,2017,36(9):24-30.
[3] QIN Y,SHEN G W,ZHAO W B,et al.Research on the method of network security entity recognition based on deep neural network[J].Journal of Naning University(Natural Science),2019,55(1):29-40.
[4] ZHANG Y C,WEI Q,LIU Z L,et al.Architecture of vulnerabi-lity discovery technique for information systems[J].Journal on Communications,2011,32(2):42-47.
[5] LI J H.Overview of the technologies of threat intelligence sen-sing,sharing and analysis in cyber space[J].Chinese Journal of Network and Information Security,2016,2(2):16-29.
[6] TU C C,YANG C,LIU Z Y,et al.Network representationlearning:an overview[J].Scientia Sinica Informationis,2017,47(8):980-996.
[7] GAO H,HUANG H.Deep Attributed Network Embedding[C]//IJCAI.2018:3364-3370.
[8] LIU Z M,MA H,LIU S X,et al.A Network Representation Learning Algorithm Fusing with Textual Attribute Information of Nodes[J].Computer Engineering,2018(11):165-171.
[9] YIN B C,WANG W T,WANG L C.Review of Deep Learning[J].Journal of Beijing University of Technology,2015,41(1):48-59.
[10] PEROZZI B,AL-RFOU R,SKIENA S.Deepwalk:Online lear-ning of social representations[C]//Proceeding of the 20th ACM SIGKDD international conference on Knowledge discovery and data mining.ACM,2014:701-710.
[11] SHI C,SUN Y Z.Research Progress of Heterogeneous Network Representation Learning[J].Communications of the CCF,2018,14(3):16-20.
[12] SHI C,SUN Y Z,PHILIP S Y.Research Status And Future Development Of Heterogeneous Information Network [J].Communications of the CCF,2017,13(11):36-42.
[13] WANG X,CUI P,ZHU W W.On the Basic Problems in Network Representation Learning[J].Communications of the CCF,2018,14(3):12-15.
[14] MIKOLOV T,SUTSKEVER I,CHEN K,et al.Distributed representations of words and phrases and their compositionality[C]//Advances in neural information processing systems.2013:3111-3119.
[15] SHEN W,HAN J,WANG J,et al.Shine+:A general frame-work for domain-specific entity linking with heterogeneous in-formation networks[J].IEEE Transactions on Knowledge Data Engineering,2018,30(2):353-366.
[16] YANG C,LIU M,HE F,et al.Similarity Modeling on Heterogeneous Networks via Automatic Path Discovery[C]//Joint European Conference on Machine Learning and Knowledge Disco-very in Databases.Springer,2018:37-54.
[17] LIU Y F,LI R F.Graph Regularized Semi-Supervised Learning on Heterogeneous Information Networks[J].Journal of Computer Research and Development,2015,52(3):606-613.
[18] GROVER A,LESKOVEC J.node2vec:Scalable feature learning for networks[C]//Proceedings of the 22nd ACM SIGKDD international conference on Knowledge discovery and data mining.ACM,2016:855-864.
[19] SUN Y,HAN J,YAN X.Pathsim:Meta path-based top-k similarity search in heterogeneous information networks[J].Proceedings of the VLDB Endowment,2011,4(11):992-1003.
[20] DU Y P,LIU J X,ZHANG J L.Multi-semantic Metapath Based Classification Method in Heterogeneous Information Network [J].Pattern Recognition and Artificial Intelligence,2017,30(12):1100-1107.
[21] HUANG L W,LI D Y,MA Y T,et al.A Meta Path-Based Link Prediction Model for Heterogeneous Information Networks[J].Chinese Journal of Computers,2014,37(4):848-858.
[22] DONG Y,CHAWLA N V,SWAMI A.metapath2vec:Scalable representation learning for heterogeneous networks[C]//Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.ACM:135-144.
[23] TANG J,QU M,MEI Q.Pte:Predictive text embeddingthrough large-scale heterogeneous text networks[C]//Procee-dings of the 21th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.ACM,2015:1165-1174.
[24] RONG X.word2vec parameter learning explained[J].arXiv:1141.2378.
[1] DING Yu, WEI Hao, PAN Zhi-song, LIU Xin. Survey of Network Representation Learning [J]. Computer Science, 2020, 47(9): 52-59.
[2] JIANG Zong-li, LI Miao-miao, ZHANG Jin-li. Graph Convolution of Fusion Meta-path Based Heterogeneous Network Representation Learning [J]. Computer Science, 2020, 47(7): 231-235.
[3] GONG Kou-lin, ZHOU Yu, DING Li, WANG Yong-chao. Vulnerability Detection Using Bidirectional Long Short-term Memory Networks [J]. Computer Science, 2020, 47(5): 295-300.
[4] ZHANG Hu, ZHOU Jing-jing, GAO Hai-hui, WANG Xin. Network Representation Learning Method on Fusing Node Structure and Content [J]. Computer Science, 2020, 47(12): 119-124.
[5] LIU Qiang,KUANG Xiao-hui,CHEN Hua,LI Xiang,LI Guang-ke. Vulnerability Discovery Approach Based on Similarity Matching of Program Slicing [J]. Computer Science, 2019, 46(7): 126-132.
[6] YE Zhong-lin, ZHAO Hai-xing, ZHANG Ke, ZHU Yu. Network Representation Learning Based on Multi-view Ensemble Algorithm [J]. Computer Science, 2019, 46(1): 117-125.
[7] LI Jia-li, CHEN Yong-le, LI Zhi, SUN Li-min. Mining RTSP Protocol Vulnerabilities Based on Traversal of Protocol State Graph [J]. Computer Science, 2018, 45(9): 171-176.
[8] WANG Wei, YANG Ben-chao, LI Guang-song, SI Xue-ming. Security Analysis of Heterogeneous Redundant Systems [J]. Computer Science, 2018, 45(9): 183-186.
[9] SUO Yan-feng, WANG Shao-jie, QIN Yu, LI Qiu-xiang, FENG Da-jun and LI Jing-chun. Summary of Security Technology and Application in Industrial Control System [J]. Computer Science, 2018, 45(4): 25-33.
[10] ZHANG Ya-feng, HONG Zheng, WU Li-fa, ZHOU Zhen-ji and SUN He. Protocol State Based Fuzzing Method for Industrial Control Protocols [J]. Computer Science, 2017, 44(5): 132-140.
[11] MIAO Xu-dong, WANG Yong-chun, CAO Xing-chen and FANG Feng. Detection Approach for Security Vulnerability Based on Pattern Matching [J]. Computer Science, 2017, 44(4): 109-113.
[12] WAN Yan, ZHAO Xi and WANG Guo-lin. Android Vulnerability Detection and Assessment System Based on OVAL [J]. Computer Science, 2017, 44(4): 79-81.
[13] ZHU Kai-long, LU Yu-liang and YANG Bin. Study on Invulnerability of Router-level Internet Based on MapReduce [J]. Computer Science, 2017, 44(11): 168-174.
[14] CHENG Cheng and ZHOU Yan-hui. Findding XSS Vulnerabilities Based on Fuzzing Test and Genetic Algorithm [J]. Computer Science, 2016, 43(Z6): 328-331.
[15] WAN Xue-lian and ZHANG Jing-he. Research on Comprehensive Assessment Method of Information System Security Based on System Attack and Defense [J]. Computer Science, 2016, 43(Z6): 322-327.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75 .
[2] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[3] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[4] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[5] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99 .
[6] ZHOU Yan-ping and YE Qiao-lin. L1-norm Distance Based Least Squares Twin Support Vector Machine[J]. Computer Science, 2018, 45(4): 100 -105 .
[7] LIU Bo-yi, TANG Xiang-yan and CHENG Jie-ren. Recognition Method for Corn Borer Based on Templates Matching in Muliple Growth Periods[J]. Computer Science, 2018, 45(4): 106 -111 .
[8] GENG Hai-jun, SHI Xin-gang, WANG Zhi-liang, YIN Xia and YIN Shao-ping. Energy-efficient Intra-domain Routing Algorithm Based on Directed Acyclic Graph[J]. Computer Science, 2018, 45(4): 112 -116 .
[9] CUI Qiong, LI Jian-hua, WANG Hong and NAN Ming-li. Resilience Analysis Model of Networked Command Information System Based on Node Repairability[J]. Computer Science, 2018, 45(4): 117 -121 .
[10] WANG Zhen-chao, HOU Huan-huan and LIAN Rui. Path Optimization Scheme for Restraining Degree of Disorder in CMT[J]. Computer Science, 2018, 45(4): 122 -125 .