Research On The Construction And Application Of IoT Security Knowledge Grap

The rapid development of the Internet of Things(IoT)is regarded as a double-edged sword,which promotes the rapid development of digital and smart economy and brings great impetus to economic growth and social progress,but also generates numerous security threats and vulnerabilities.Research on security defense has gradually become one of the important research directions in the field of IoT,but the research in the whole field is still in its initial stages,and the existing security defense technologies and solutions are still unable to meet the rapid development of IoT applications and the continuous evolution of network threats.In order to achieve automation and intelligence of security defense and provide data support for it to better secure networks and information,we need a mechanism to correlate threat intelligence scattered in different data sources by type or time distribution.As a new threat intelligence processing and analysis method with powerful semantic processing and open interconnection capabilities,knowledge graph technology has unique advantages for largescale data analysis and decision-making.Compared with the traditional IoT security analysis methods,IoT security knowledge graph can collect and analyze threat intelligence more comprehensively,accurately,intelligently and efficiently.Therefore,with the help of knowledge mapping technology,the work of this paper focuses on the following:(1)The security problems and threats faced by IoT are studied and described based on the IoT architecture,and a method of using IoT security knowledge graph to solve these problems is proposed.The open security enumerations in the IoT domain are also summarized and analyzed.By sorting out the structural characteristics of these security enumerations,categorizing and analyzing them,the core concepts and fine-grained correlations among the security enumerations are explored.It provides valuable data support for the subsequent tasks of IoT security knowledge graph construction,knowledge graph complementation,and security analysis.(2)A knowledge management method that can fine-grained correlate IoT security data is proposed.A top-down approach to construct the IOTEKG of IoT security knowledge graph is investigated.Firstly,the schema layer of IoT security knowledge graph,i.e.,ontology construction,is constructed based on the analysis results of public security enumeration to obtain the semantic relationships among knowledge.Then the data layer is constructed based on the mapping of ontology implementation to public enumeration data,focusing on entity extraction and relationship extraction.Finally,Neo4 j,a graph database,is used for storage and visualization analysis.(3)A knowledge representation learning method FTSPC that fuses information from multiple sources is proposed for the knowledge graph complementation task.To improve the accuracy of knowledge inference and provide more semantic information,the method combines triad information and semantic path combination information in IOTEKG.The potential information of triad information as well as semantic path combinations is obtained and trained to fuse their encoded representations,thus improving the representation of entities and relations.Finally,a link prediction task is performed using the FTSPC model.(4)A knowledge graph-based downstream task to implement IoT security analysis tasks is investigated,and a data-driven IoT security analysis framework is proposed,which provides data support for IoT security analysis by constructing and complementing IOTEKGs.Subsequently,the alerts generated by Snort IDS are correlated with IOTEKG using similarity calculation techniques to achieve IoT security posture analysis,grasp IoT security posture in a more fine-grained manner,and take more accurate security measures.