Abstract
The Cyber-Physical System covers a wide range of applications, many of which are involved in critical infrastructure, and the cybersecurity attacks on them become more and more threatening. Currently, most of the comprehensive analysis of compound attacks depend on the experience of security analysts. To improve the efficiency and accuracy of compound attack research, this paper introduces a knowledge graph into compound attack detection and constructs a cybersecurity knowledge graph based on the knowledge of known attacks. The cybersecurity knowledge graph can carry out correlation analysis on real-time data to restore the attack process. The main work of this paper is to construct the cybersecurity knowledge graph and to apply mining found compound attacks automatically. Besides, a multi-dimensional data association analysis algorithm based on dynamic clustering mechanism, and an attack chain complementation-pruning method based on optimal reaching path queries are proposed to solve the problem of low efficiency in correlation analysis caused by redundant data and the problem of missing and misunderstandings in the collection data. Experiments show that the cyber security knowledge graph construction method and attack chain optimization-pruning method proposed in this paper improve the accuracy and efficiency of attack chain mining.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.