Research on Network Intrusion Knowledge Base Model Based on Ontology

In the field of information security,network intrusion knowledge base plays an important role in effective analysis and defense of the illegal invasion,but network intrusion knowledge base construction is one of the difficulties of research.As a conceptual modeling tool to provide knowledge sharing for a specific area,ontology has been widely used in various fields.Because there is no complete network intrusion ontology,the paper aimed to study the ontology-based network intrusion knowledge base model and build network intrusion knowledge ontology.Firstly,on the basis of indepth analysis of network intrusion technology,the paper gave formalized definition of various types of network actions and the multi-level and multi-dimensional network intrusion knowledge base classification system.Then combining with the principles of ontology modeling,the paper built the network intrusion knowledge ontology composed of the network intrusion knowledge domain ontology,task ontology,application ontology and atomic ontology,giving the logical relationship and organizational structure between them.Finally,through two network scenarios the paper verified the validity of the model in the application of network intrusion knowledge acquisition.