Vulnerability Information Completion Based on Security Knowledge Graph and Reverse Features
The open-source network security knowledge base has become an effective source of vulnerability security reinforcement measures.However,because of the difficulty in heterogeneous information collaboration and historical information maintenance,the problem of missing vulnerability information in the open-source network security knowledge base has always existed.VulKGC-RN,a vulnerability information completion method based on security knowledge graph and reverse features,is proposed to address the issue of insufficient learning of different neighborhood features in existing methods for vulnerability information completion.This method constructs a vulnerability security knowledge graph that associates four types of open-source network security knowledge bases(CVE,CWE,CAPEC,and ATT&CK)to capture different neighborhood details.The network structure of security entities in the vulnerability security knowledge graph is analyzed,and reverse neighborhood information is captured using a reverse knowledge graph.A graph attention mechanism is adopted to learn different neighborhood features,and the role features of the forward and reverse neighborhoods of the security entities learned by the graph attention network are fused to complete the information of the vulnerability security knowledge graph.Experiments are conducted on an open-source network security dataset consisting of 5 types of 7 199 security entities and 15 types of 11 817 association relationships.The results show that VulKGC-RN achieves a Mean Ranking(MR)of 179 and a Mean Reciprocal Ranking(MRR)of 0.671 4,which is superior to those of the baseline method.
国家科技期刊平台
NSTL
万方数据
维普
