基于本体的网络入侵知识库模型研究

发布时间：2018-04-20 14:15

本文选题：本体 + 知识库　；参考：《计算机科学》2013年09期

【摘要】：在信息安全领域,网络入侵知识库对有效分析和防御网络非法入侵起着重要作用,然而网络入侵知识库的构建是研究的难点之一。本体作为一种能为特定领域提供知识共享的概念模型建模工具,已经在各领域得到广泛应用。针对当前还没有一个完善的网络入侵知识本体,研究基于本体的网络入侵知识库模型,构建了网络入侵知识本体。首先,在深入分析网络入侵技术的基础上,形式化定义了各类网络入侵行为,给出了多层次、多维度的网络入侵知识库分类体系。接着,结合本体建模原则,构建了由网络入侵知识领域本体、任务本体、应用本体和原子本体组成的网络入侵知识本体,并给出它们之间的逻辑关系和组织结构。最后,通过两个网络场景,验证了模型用于获取网络入侵知识的有效性。
[Abstract]:In the field of information security, the network intrusion knowledge base plays an important role in the effective analysis and prevention of the network illegal intrusion. However, the construction of the network intrusion knowledge base is one of the difficulties in the research. Ontology, as a conceptual modeling tool that can provide knowledge sharing for a specific domain, has been widely used in various fields. In view of the fact that there is not a perfect network intrusion knowledge ontology at present, this paper studies the network intrusion knowledge base model based on ontology, and constructs the network intrusion knowledge ontology. Firstly, based on the in-depth analysis of network intrusion technology, various types of network intrusion behaviors are formally defined, and a multi-level and multi-dimensional classification system of network intrusion knowledge base is presented. Then, based on the ontology modeling principle, the network intrusion knowledge ontology which is composed of network intrusion knowledge domain ontology, task ontology, application ontology and atomic ontology is constructed, and the logical relationship and organization structure between them are given. Finally, two network scenarios are used to verify the effectiveness of the model for acquiring network intrusion knowledge.
【作者单位】：解放军信息工程大学数学工程与先进计算国家重点实验室;
【基金】：郑州市科技创新团队项目(10CXTD150)资助
【分类号】：TP393.08

【参考文献】