Data-Driven Cybersecurity Knowledge Graph Construction for Industrial Control System Security
Industrial control systems (ICS) involve many key industries, which once attacked will cause heavy losses. However, traditional passive defense methods of cybersecurity have difficulty effectively dealing with increasingly complex threats; a knowledge graph is a new idea to analyze and process data...
Main Authors: | , , , , , |
---|---|
Format: | Article |
Language: | English |
Published: |
Hindawi-Wiley
2020-01-01
|
Series: | Wireless Communications and Mobile Computing |
Online Access: | http://dx.doi.org/10.1155/2020/8883696 |
id |
doaj-048fa7068a1d4738b17ffa5b9ce7c45c |
---|---|
record_format |
Article |
spelling |
doaj-048fa7068a1d4738b17ffa5b9ce7c45c2021-01-11T02:21:11ZengHindawi-WileyWireless Communications and Mobile Computing1530-86772020-01-01202010.1155/2020/8883696Data-Driven Cybersecurity Knowledge Graph Construction for Industrial Control System SecurityGuowei Shen0Wanling Wang1Qilin Mu2Yanhong Pu3Ya Qin4Miao Yu5Guizhou Provincial Key Laboratory of Public Big DataGuizhou Provincial Key Laboratory of Public Big DataBig Data Application on Improving Government Governance Capabilities National Engineering LaboratoryBig Data Application on Improving Government Governance Capabilities National Engineering LaboratoryGuizhou Provincial Key Laboratory of Public Big DataInstitute of Information EngineeringIndustrial control systems (ICS) involve many key industries, which once attacked will cause heavy losses. However, traditional passive defense methods of cybersecurity have difficulty effectively dealing with increasingly complex threats; a knowledge graph is a new idea to analyze and process data in cybersecurity analysis. We propose a novel overall framework of data-driven industrial control network security defense, which integrated fragmented multisource threat data with an industrial network layout by a cybersecurity knowledge graph. In order to better correlate data to construct a knowledge graph, we propose a distant supervised relation extraction model ResPCNN-ATT; it is based on a deep residual convolutional neural network and attention mechanism, reduces the influence of noisy data in distant supervision, and better extracts deep semantic features in sentences by using deep residuals. We empirically demonstrate the performance of the proposed method in the field of general cybersecurity by using dataset CSER; the model proposed in this paper achieves higher accuracy than other models. And then, the dataset ICSER was used to construct a cybersecurity knowledge graph (CSKG) on the basis of analyzing specific industrial control scenarios, visualizing the knowledge graph for further security analysis to the industrial control system.http://dx.doi.org/10.1155/2020/8883696 |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Guowei Shen Wanling Wang Qilin Mu Yanhong Pu Ya Qin Miao Yu |
spellingShingle |
Guowei Shen Wanling Wang Qilin Mu Yanhong Pu Ya Qin Miao Yu Data-Driven Cybersecurity Knowledge Graph Construction for Industrial Control System Security Wireless Communications and Mobile Computing |
author_facet |
Guowei Shen Wanling Wang Qilin Mu Yanhong Pu Ya Qin Miao Yu |
author_sort |
Guowei Shen |
title |
Data-Driven Cybersecurity Knowledge Graph Construction for Industrial Control System Security |
title_short |
Data-Driven Cybersecurity Knowledge Graph Construction for Industrial Control System Security |
title_full |
Data-Driven Cybersecurity Knowledge Graph Construction for Industrial Control System Security |
title_fullStr |
Data-Driven Cybersecurity Knowledge Graph Construction for Industrial Control System Security |
title_full_unstemmed |
Data-Driven Cybersecurity Knowledge Graph Construction for Industrial Control System Security |
title_sort |
data-driven cybersecurity knowledge graph construction for industrial control system security |
publisher |
Hindawi-Wiley |
series |
Wireless Communications and Mobile Computing |
issn |
1530-8677 |
publishDate |
2020-01-01 |
description |
Industrial control systems (ICS) involve many key industries, which once attacked will cause heavy losses. However, traditional passive defense methods of cybersecurity have difficulty effectively dealing with increasingly complex threats; a knowledge graph is a new idea to analyze and process data in cybersecurity analysis. We propose a novel overall framework of data-driven industrial control network security defense, which integrated fragmented multisource threat data with an industrial network layout by a cybersecurity knowledge graph. In order to better correlate data to construct a knowledge graph, we propose a distant supervised relation extraction model ResPCNN-ATT; it is based on a deep residual convolutional neural network and attention mechanism, reduces the influence of noisy data in distant supervision, and better extracts deep semantic features in sentences by using deep residuals. We empirically demonstrate the performance of the proposed method in the field of general cybersecurity by using dataset CSER; the model proposed in this paper achieves higher accuracy than other models. And then, the dataset ICSER was used to construct a cybersecurity knowledge graph (CSKG) on the basis of analyzing specific industrial control scenarios, visualizing the knowledge graph for further security analysis to the industrial control system. |
url |
http://dx.doi.org/10.1155/2020/8883696 |
work_keys_str_mv |
AT guoweishen datadrivencybersecurityknowledgegraphconstructionforindustrialcontrolsystemsecurity AT wanlingwang datadrivencybersecurityknowledgegraphconstructionforindustrialcontrolsystemsecurity AT qilinmu datadrivencybersecurityknowledgegraphconstructionforindustrialcontrolsystemsecurity AT yanhongpu datadrivencybersecurityknowledgegraphconstructionforindustrialcontrolsystemsecurity AT yaqin datadrivencybersecurityknowledgegraphconstructionforindustrialcontrolsystemsecurity AT miaoyu datadrivencybersecurityknowledgegraphconstructionforindustrialcontrolsystemsecurity |
_version_ |
1714949967225815040 |