Research On Construction Of Vulnerability Knowledge Graph And Vulnerability Situation Awareness

With the popularization and development of Internet technology,the related security vulnerabilities become more and more prominent.According to the statistics of China Internet Information Center,16193 security vulnerabilities of information system were collected and sorted out in 2019,an increase of 14%compared with that in 2018.The existence of security vulnerabilities threatens users' property and privacy at any time.How to better manage security vulnerabilities and conduct situation awareness for security vulnerabilities has gradually become the focus of security research.Vulnerability situation awareness technology is a technology that mines and analyzes a large number of security vulnerability data and evaluates the situation,and predicts the future situation of security vulnerabilities.The current vulnerability situation awareness relies on the traditional vulnerability database.However,the vulnerability database has weak correlation between vulnerabilities,and has insufficient coverage of the rich relationship among vulnerabilities,and the problem of information island.Because of its unique relational network data structure,knowledge graph provides the ability to analyze problems from the perspective of relationship,and provides a new idea for the research of vulnerability situation awareness.Therefore,in order to better research vulnerability situation awareness technology,this thesis manages security vulnerabilities by constructing vulnerability knowledge graph,mining vulnerability association information,and predicting security vulnerability situation.The work accomplished in this thesis is as follows:1)Research on the construction of vulnerability knowledge graph:by analyzing the security vulnerability information and data structure in multiple vulnerability databases at home and abroad,a vulnerability ontology containing vulnerability,software,patch,news and other information is constructed,and then vulnerability knowledge graph is constructed through data cleaning,information extraction,information fusion,information storage and other technologies.At present,there are 1245157 entities and 19565923 triples.2)Research on vulnerability situation assessment technology:by analyzing vulnerability situation elements,it is divided into dynamic situation elements and static situation elements,and vulnerability situation assessment is carried out through vulnerability situation elements.3)Research on vulnerability situation prediction technology:using PRA and other machine learning technology to predict the potential impact range of vulnerability and exploitable vulnerability.Firstly,vulnerability knowledge graph is constructed to provide data basis for vulnerability situation awareness;secondly,vulnerability situation assessment method is proposed to realize hierarchical situation assessment by analyzing the factors influencing vulnerability situation;finally,vulnerability situation prediction is realized by extracting vulnerability entity and relationship between entities in vulnerability atlas.This work expands the research field of vulnerability situation awareness and provides new ideas.