CSKB: A Cyber Security Knowledge Base Based on Knowledge Graph

The access of massive terminal devices has brought new security risks to the existing Internet, so traditional cybersecurity data sets are difficult to reflect the modern and complex network attack environment. Therefore, how to realize the standardization and integration of cybersecurity data, so as to continuously store and update malicious traffic information under massively connected terminals, has become a critical issue to be solved urgently. Therefore, based on the knowledge graph, we built a standardized cybersecurity ontology, and introduced the implementation process of the cybersecurity knowledge base (CSKB) from five stages of knowledge acquisition, knowledge fusion/extraction, know-ledge storage, knowledge inference, and knowledge update, aiming at providing a reliable basis for real-time cybersecurity protection solutions. Experiments prove that the knowledge stored in CSKB can effectively realize the specification and integration of security data.

[1]  Muhammad Ali Babar,et al.  An Ontology-Driven Approach to Automating the Process of Integrating Security Software Systems , 2019, 2019 IEEE/ACM International Conference on Software and System Processes (ICSSP).

[2]  Nour Moustafa,et al.  UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set) , 2015, 2015 Military Communications and Information Systems Conference (MilCIS).

[3]  Wanlei Zhou,et al.  Modeling malicious activities in cyber space , 2015, IEEE Network.

[4]  Song Guo,et al.  Discriminating DDoS Attacks from Flash Crowds Using Flow Correlation Coefficient , 2012, IEEE Transactions on Parallel and Distributed Systems.

[5]  Minyi Guo,et al.  A Feasible IP Traceback Framework through Dynamic Deterministic Packet Marking , 2016, IEEE Transactions on Computers.

[6]  Shui Yu,et al.  Big Privacy: Challenges and Opportunities of Privacy Study in the Age of Big Data , 2016, IEEE Access.

[7]  Hongke Zhang,et al.  Locator/Identifier Split Networking: A Promising Future Internet Architecture , 2017, IEEE Communications Surveys & Tutorials.

[8]  Ali A. Ghorbani,et al.  Developing Realistic Distributed Denial of Service (DDoS) Attack Dataset and Taxonomy , 2019, 2019 International Carnahan Conference on Security Technology (ICCST).

[9]  Hongke Zhang,et al.  HetNet: A Flexible Architecture for Heterogeneous Satellite-Terrestrial Networks , 2017, IEEE Network.

[10]  Yan Jia,et al.  Cyber Security Knowledge Graph Based Cyber Attack Attribution Framework for Space-ground Integration Information Network , 2018, 2018 IEEE 18th International Conference on Communication Technology (ICCT).

[11]  Zhiyong Feng,et al.  Network Security Situation Awareness Based on Semantic Ontology and User-Defined Rules for Internet of Things , 2017, IEEE Access.

[12]  Sanming Zhou,et al.  Networking for Big Data: A Survey , 2017, IEEE Communications Surveys & Tutorials.