计算机科学 ›› 2013, Vol. 40 ›› Issue (9): 120-124.

• 信息安全 • 上一篇    下一篇

基于本体的网络入侵知识库模型研究

吴林锦,武东英,刘胜利,刘龙   

  1. 解放军信息工程大学数学工程与先进计算国家重点实验室 郑州450002;解放军信息工程大学数学工程与先进计算国家重点实验室 郑州450002;解放军信息工程大学数学工程与先进计算国家重点实验室 郑州450002;解放军信息工程大学数学工程与先进计算国家重点实验室 郑州450002
  • 出版日期:2018-11-16 发布日期:2018-11-16
  • 基金资助:
    本文受郑州市科技创新团队项目(10CXTD150)资助

Research on Network Intrusion Knowledge Base Model Based on Ontology

WU Lin-jin,WU Dong-ying,LIU Sheng-li and LIU Long   

  • Online:2018-11-16 Published:2018-11-16

摘要: 在信息安全领域,网络入侵知识库对有效分析和防御网络非法入侵起着重要作用,然而网络入侵知识库的构建是研究的难点之一。本体作为一种能为特定领域提供知识共享的概念模型建模工具,已经在各领域得到广泛应用。针对当前还没有一个完善的网络入侵知识本体,研究基于本体的网络入侵知识库模型,构建了网络入侵知识本体。首先,在深入分析网络入侵技术的基础上,形式化定义了各类网络入侵行为,给出了多层次、多维度的网络入侵知识库分类体系。接着,结合本体建模原则,构建了由网络入侵知识领域本体、任务本体、应用本体和原子本体组成的网络入侵知识本体,并给出它们之间的逻辑关系和组织结构。最后,通过两个网络场景,验证了模型用于获取网络入侵知识的有效性。

关键词: 本体,知识库,网络入侵,网络场景,形式化 中图法分类号TP393.08文献标识码A

Abstract: In the field of information security,network intrusion knowledge base plays an important role in effective analysis and defense of the illegal invasion,but network intrusion knowledge base construction is one of the difficulties of research.As a conceptual modeling tool to provide knowledge sharing for a specific area,ontology has been widely used in various fields.Because there is no complete network intrusion ontology,the paper aimed to study the ontology-based network intrusion knowledge base model and build network intrusion knowledge ontology.Firstly,on the basis of in-depth analysis of network intrusion technology,the paper gave formalized definition of various types of network actions and the multi-level and multi-dimensional network intrusion knowledge base classification system.Then combining with the principles of ontology modeling,the paper built the network intrusion knowledge ontology composed of the network intrusion knowledge domain ontology,task ontology,application ontology and atomic ontology,giving the logical relationship and organizational structure between them.Finally,through two network scenarios the paper verified the validityof the model in the application of network intrusion knowledge acquisition.

Key words: Ontology,Knowledge base,Network intrusion,Network scenario,Formalization

[1] Towards G T.Principles for the Design of Ontologies Used for Knowledge Sharing[J].International Journal of Human-Computer Studies,1995,43(5/6):907-928
[2] Knight K,et al.Filling knowledge gaps in a broad-coverage Machine Translation system[C]∥Proceedings of the 14th International Joint Conference on Artificial Intelligence,IJCAI95.Montréal,Québec,Canada,Morgan Kaufmann,1995(2):1390-1396
[3] Bodenreider O.The unified medical language system(UMLS):integrating biomedical terminology[J].Nucletic Acids Research,2004,32(Database issue D):267-270
[4] Lenat D B,Guha R V.Building Large Knowledge-Based Systems:Representation and Inference in the Cyc Project[D].Reading MA:Addison-Wesley Publishing Company,Inc.,1989
[5] Weibel S.The Dublin Core:A Simple Content Description Model for Electronic Resources[J].Bulletin of the American Society for Information Science and Technology,1997,24(1):9-11
[6] Miller G A.WordNet:a lexical database for English[J].Communications of the ACM,1995,38(11):39-41
[7] 陆汝钤,石纯一,张松懋,等.面向Agent的常识知识库[J].中国科学E辑,2000,30(5):453-463
[8] 曹存根,丰强泽,高颖,等.Progress in the Development of National Knowledge Infrastructure[J].计算机科学技术学报:英文版,2002,17(5):523-534
[9] 金芝.基于本体的需求自动获取[J].计算机学报,2000,23(5):486-492
[10] 钟秀琴,符红光,佘莉,等.基于本体的几何学知识获取及知识表示[J].计算机学报,2010,1(33):167-174
[11] 王前,冯亚军,杨兆民,等.基于本体的网络攻击模型及其应用[J].计算机科学,2010,37(6):114-117
[12] Peng Ning,Yun Cui,Douglas S.Constructing Attack Scenarios through Correlation of Intrusion Alerts[C]∥The 19th ACM Conference on Computer and Communications Security,ACM CCS 2002.Washington:North Carolina State University,2002:245-254
[13] 邓志鸿,唐世渭,张铭,等.Ontology研究综述[J].北京大学学报:自然科学版,2002,38(5):730-738
[14] Studer R,Benjamins V R,Fensel D.Knowledge Engineering,Principles and Methods[J].Data and Knowledge Engineering,1998,25(1/2):161-197
[15] Perez A G,Benjamins V R.Overview of Knowledge Sharing and Reuse Components:Ontologies and Problem-Solving Methods[C]∥Proceedings of the IJCAI-99workshop on Ontologies and Problem-Solving Methods(KRR5).1999:1-15
[16] 诸葛建伟.网络攻防技术与实践[M].北京:电子工业出版社,2011

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!