信息网络安全 ›› 2020, Vol. 20 ›› Issue (9): 82-86.doi: 10.3969/j.issn.1671-1122.2020.09.017

• 入选论文 • 上一篇    下一篇

基于跨领域本体的信息安全分析

刘红1,2(), 谢永恒1, 王国威3, 蒋帅3   

  1. 1. 北京锐安科技有限公司,北京 100192
    2. 北京市网络空间数据分析与应用工程技术中心,北京 100192
    3. 北京市公安局,北京 100055
  • 收稿日期:2020-07-16 出版日期:2020-09-10 发布日期:2020-10-15
  • 通讯作者: 刘红 E-mail:liuhong@bjrun.com
  • 作者简介:刘红(1982—),女,北京,博士,主要研究方向为信息安全|谢永恒(1972—),男,湖北,硕士,主要研究方向为大数据|王国威(1977—),女,北京,硕士,主要研究方向为信息安全|蒋帅(1989—),男,河北,本科,主要研究方向为信息安全
  • 基金资助:
    国家重点研发计划(2019YFC0850201)

Ontology-based Cross-domain Security Analysis

LIU Hong1,2(), XIE Yongheng1, WANG Guowei3, JIANG Shuai3   

  1. 1. Run Technologies Co., Ltd. Beijing, Beijing 100192, China
    2. Beijing Cyberspace Data Analysis and Applied Engineering Technology Research Center, Beijing 100192, China
    3. Beijing Municipal Bureau of Public Security, Beijing 100055, China
  • Received:2020-07-16 Online:2020-09-10 Published:2020-10-15
  • Contact: LIU Hong E-mail:liuhong@bjrun.com

摘要:

当前,硬件安全、信息物理系统安全、供应链安全等跨领域、跨学科的安全问题呈快速增长趋势,缺乏有效手段对其进行统一、系统性的描述,给涉及多学科安全问题的分析、评估和预测造成困难。文章提出通过构建跨领域本体的方法,实现对多领域、多学科信息安全问题进行统一的表示和分析,对相似攻击和防御手段进行融合,形成多学科安全知识库,从而有效发现、预警潜在的安全问题。

关键词: 网络空间安全, 安全本体, 硬件安全, 知识图谱

Abstract:

Today security threats that involve multiple disciplines or research areas, such as hardware security, cyber-physical security, and supply-chain security, are growing rapidly. However, there are no efficient methods to treat multidisciplinary security in a unified and systematical way making it difficult to analyze, evaluate, and predict these security problems. This paper proposes an approach that utilizes cross-domain ontologies to express and analyze security problems that involve several research areas. This method can helps in merging attacks and countermeasures, building multidisciplinary security knowledge base, and discovering new threats.

Key words: cyber-security, security ontology, hardware security, knowledge graph

中图分类号: