基于知识图谱的电网安全漏洞扩展攻击图研究

传统电网安全漏洞攻击图存在预测误差大、耗时长的问题,导致电网运行成本较高。为此,提出基于知识图谱的电网安全漏洞扩展攻击图研究方法。建立电网安全漏洞的挖掘关联规则与漏洞判断矩阵,获取出现安全漏洞概率最大的路径;追踪出现安全漏洞的异常数据来源;对电网安全漏洞处拓扑扫描与漏洞扫描,生成电网安全漏洞扩展攻击图。研究结果表明:在不同漏洞样本数、不同攻击路径的情况下,所提方法的安全漏洞定位误差较小、耗时较短,说明该方法的应用性较好。

Research on the network security vulnerability expansion attack graph based on knowledge map

The traditional grid security vulnerability attack diagram has the problems of large error and time-consuming,which leads to high operating cost of the power grid.Therefore,a knowledge graph based extended attack graph method for power network security vulnerabilities is proposed.Association rules and vulnerability judgment matrix for power network security vulnerability mining are established,and the path with maximum probability of security vulnerability is obtained,based on which trace the abnormal data source of the security vulnerability.The topology scan and vulnerability scan of power network security vulnerabilities are carried out to generate power network security vulnerability expansion attack graph.The results show that under the conditions of different vulnerability samples and different number of attack paths,the proposed method has a smaller error of vulnerability location and a shorter time,which indicates that the method has a good applicability.