计算机科学 ›› 2015, Vol. 42 ›› Issue (5): 173-177.doi: 10.11896/j.issn.1002-137X.2015.05.035
司 成,张红旗,汪永伟,杨英杰
SI Cheng, ZHANG Hong-qi, WANG Yong-wei and YANG Ying-jie
摘要: 针对现有方法无法统一表达、共享和复用网络安全态势信息的问题,提出了一种基于本体的网络安全态势要素知识库模型的解决方案。首先,结合网络安全态势要素知识的多源异构特点,对其进行分类和提取;其次,按照本体构建原则,构建由领域本体、应用本体和原子本体组成的网络安全态势要素知识库本体模型;最后,通过态势场景分析,验证了模型能够有效获取网络安全态势知识。
[1] Elshoush H T,Osman I M.Alert correlation in collaborative in-telligent intrusion detection systems—a survey[J].Applied Soft Computing,2011,12(4):4349-4365 [2] Stroeh K,Madeira E R M,Goldenstein S K.An approach to thecorrelation of security events based on machine learning techniques[J].Journal of Internet Services and Applications,2013,4(7):1-16 [3] Morin B,Mé L,Debar H,et al.A logic-based model to supportalert correlation in intrusion detection[J].Information Fusion,2009,1(5):285-299 [4] Kˇremen P,Kouba Z.Ontology-driven information system design[J].IEEE Transactions on Systems,Man and Cybernetics,2012,42(3):334-344 [5] Sadighian A,Fernandez J M,Lemay A,et al.ONTIDS:A highly flexible context-aware and ontology-based alert correlation framework[C]∥Foundation & Practice of Security.Switzerland:Springer-Verlag,2014:161-177 [6] Kotenko I,Saenko I,Polubelova O,et al.The ontology of metrics for security evaluation and decision support in SIEM systems[C]∥International Conference on Availability,Reliability and Security.Regensburg:IEEE,2013:638-645 [7] Brahmkstri K,Thomas D,Sawant S T,et al.Ontology basedmulti-agent intrusion detection system for Web service attacks using self learning[C]∥Networks and Communications.Switzerland:Springer-Verlag,2014:265-274 [8] 王前,冯亚军,杨兆民,等.基于本体的网络攻击模型及其应用[J].计算机科学,2010,37(6):114-117 [9] 吴林锦,武东英,刘胜利,等.基于本体的网络入侵知识库模型研究[J].计算机科学,2013,40(9):120-124 [10] Staab S,Studer R.Handbook on ontologies(2nd ed)[M].Germany:Springer,2009:2 [11] Saad S,Traore I.Semantic aware attack scenarios reconstruction[J].Information Security and Applications,2013,8(2):53-67 |
No related articles found! |
|