Shuqin Zhang, Xinyu Su^*, Yunfei Han, Tianhui Du, Peiyu Shi

CMC-Computers, Materials & Continua, Vol.77, No.3, pp. 3993-4023, 2023, DOI:10.32604/cmc.2023.044526

Abstract Advanced Persistent Threat (APT) is now the most common network assault. However, the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks. They cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network threats. To address the above problems, firstly, this paper constructs the multi-source threat element analysis ontology (MTEAO) by integrating multi-source network security knowledge bases. Subsequently, based on MTEAO, we propose a two-layer threat prediction model (TL-TPM) that combines the knowledge graph and the… More >

Shuqin Zhang, Xinyu Su^*, Peiyu Shi, Tianhui Du, Yunfei Han

CMC-Computers, Materials & Continua, Vol.77, No.1, pp. 349-377, 2023, DOI:10.32604/cmc.2023.040964

Abstract Cyber Threat Intelligence (CTI) is a valuable resource for cybersecurity defense, but it also poses challenges due to its multi-source and heterogeneous nature. Security personnel may be unable to use CTI effectively to understand the condition and trend of a cyberattack and respond promptly. To address these challenges, we propose a novel approach that consists of three steps. First, we construct the attack and defense analysis of the cybersecurity ontology (ADACO) model by integrating multiple cybersecurity databases. Second, we develop the threat evolution prediction algorithm (TEPA), which can automatically detect threats at device nodes, correlate and map multi-source threat information,… More >