基于知识图谱的网络安全漏洞智能检测系统设计

网络安全漏洞智能检测需要依赖大量的真实数据来进行分析，冗余数据与异常数据的存在会导致检测准确性下降；为保障网络系统稳定运行，提出基于知识图谱的网络安全漏洞智能检测系统设计研究；从结构、逻辑模型以及运行模式3个方面设计网络安全漏洞检测器，实现网络安全漏洞智能检测系统硬件设计；系统软件设计通过网络爬虫采集安全漏洞数据，去除冗余数据与异常数据，根据属性信息识别安全漏洞实体，获取安全漏洞属性信息关系，以此为基础，定义安全漏洞知识图谱表示形式，设计安全漏洞知识图谱结构，从而实现安全漏洞知识图谱的构建与可视化；以上述网络设计结果为依据构建网络安全漏洞智能检测整体架构，制定网络安全漏洞智能检测具体流程，从而获取最终网络安全漏洞智能检测结果；实验结果表明，在不同实验工况背景条件下，设计系统应用后的网络安全漏洞漏检率最小值为1.23%,网络安全漏洞检测F1值最大值为9.50,网络安全漏洞检测响应时间最小值为1 ms,证实了设计系统的安全漏洞检测性能更佳。

Design of an Intelligent Detection System for Network Security Vulnerabilities Based on Knowledge Graph

Intelligent detection of network security vulnerabilities relies on a large amount of real data for analysis, and the presence of redundant and abnormal data can lead to a decrease in detection accuracy. In order to ensure the stable operation of the network system, the design and research of network security vulnerability intelligent detection system based on Knowledge graph is proposed. Design a network security vulnerability detector from three aspects: structure, logical model, and operation mode, to achieve hardware design of an intelligent network security vulnerability detection system; The system software design collects security vulnerability data through web crawlers, removes redundant data and abnormal data, identifies security vulnerability entities according to attribute information, and obtains security vulnerability attribute information relationships. Based on this, it defines the representation form of security vulnerability Knowledge graph, designs the structure of security vulnerability Knowledge graph, so as to realize the construction and visualization of security vulnerability Knowledge graph; Based on the above network design results, construct an overall architecture for intelligent detection of network security vulnerabilities, develop a specific process for intelligent detection of network security vulnerabilities, and obtain the final intelligent detection results of network security vulnerabilities. The experimental results show that under different experimental conditions, the minimum network security vulnerability detection rate of the designed system after application is 1.23%, the maximum F1 value for network security vulnerability detection is 9.50, and the minimum response time for network security vulnerability detection is 1 second, confirming that the designed system has better security vulnerability detection performance.