Open Access iconOpen Access

ARTICLE

crossmark

Application Research on Two-Layer Threat Prediction Model Based on Event Graph

Shuqin Zhang, Xinyu Su*, Yunfei Han, Tianhui Du, Peiyu Shi

School of Computer Science, Zhongyuan University of Technology, Zhengzhou, HEN037, China

* Corresponding Author: Xinyu Su. Email: email

Computers, Materials & Continua 2023, 77(3), 3993-4023. https://doi.org/10.32604/cmc.2023.044526

Abstract

Advanced Persistent Threat (APT) is now the most common network assault. However, the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks. They cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network threats. To address the above problems, firstly, this paper constructs the multi-source threat element analysis ontology (MTEAO) by integrating multi-source network security knowledge bases. Subsequently, based on MTEAO, we propose a two-layer threat prediction model (TL-TPM) that combines the knowledge graph and the event graph. The macro-layer of TL-TPM is based on the knowledge graph to derive the propagation path of threats among devices and to correlate threat elements for threat warning and decision-making; The micro-layer ingeniously maps the attack graph onto the event graph and derives the evolution path of attack techniques based on the event graph to improve the explainability of the evolution of threat events. The experiment’s results demonstrate that TL-TPM can completely depict the threat development trend, and the early warning results are more precise and scientific, offering knowledge and guidance for active defense.

Keywords


Cite This Article

APA Style
Zhang, S., Su, X., Han, Y., Du, T., Shi, P. (2023). Application research on two-layer threat prediction model based on event graph. Computers, Materials & Continua, 77(3), 3993-4023. https://doi.org/10.32604/cmc.2023.044526
Vancouver Style
Zhang S, Su X, Han Y, Du T, Shi P. Application research on two-layer threat prediction model based on event graph. Comput Mater Contin. 2023;77(3):3993-4023 https://doi.org/10.32604/cmc.2023.044526
IEEE Style
S. Zhang, X. Su, Y. Han, T. Du, and P. Shi "Application Research on Two-Layer Threat Prediction Model Based on Event Graph," Comput. Mater. Contin., vol. 77, no. 3, pp. 3993-4023. 2023. https://doi.org/10.32604/cmc.2023.044526



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 270

    View

  • 142

    Download

  • 0

    Like

Share Link