基于图神经网络的异构网络信息安全漏洞深度检测方法
费圣翔1陈子龙2王 冲2王 睿3刘新鹏4

1.山东九州信泰信息科技股份有限公司,济南 250101;2.山东慢雾信息技术有限公司,济南 250102;3.国网山东省电力公司电力科学研究院,济南 250003;4.恒安嘉新(北京)科技股份公司,北京 100080

图神经网络;异构网络;安全漏洞;检测方法;检测精度

Depth Detection Method for Information Security Vulnerabilities in Heterogeneous Networks Based on Graph Neural Network
FEI Shengxiang1,CHEN Zilong2,WANG Chong2,WANG Rui3,LIU Xinpeng4

1.Shandong Jiuzhou Xintai Information Technology Co.,Ltd.,Jinan 250101,China;2.Shandong Slow Mist Information Technology Co.,Ltd.,Jinan 250102,China;3.Electric Power Research Institute of State Grid Shandong Electric Power Company , Jinan 250003, China;4.Hengan Jiaxin(Beijing)Technology Co., Ltd., Beijing 100080, China

Graph neural network; Heterogeneous network; Security vulnerabilities; Detection method;Detection accuracy

DOI: 10.13512/j.hndz.2024.03.20

备注

受到连接设备多样性以及互操作性特点的影响,异构网络节点之间的关联关系较为复杂,因此在进行安全漏洞检测时,通常会引起缺乏对节点关联关系的有效捕捉而导致检测精度不佳。对此,提出基于图神经网络的异构网络信息安全漏洞深度检测方法。以异构网络实体作为图节点,并以不同实体之间的关联关系作为边,将异构网络转换为图表示,并分别采用邻接矩阵以及权重矩阵对节点以及边信息进行提取。采用图神经网络领域中的GraphSAGE网络模型对异构网络的节点和边进行处理,并引入注意力机制以学习节点特征表示。将异构网络中节点和边的特征向量作为数据输入,结合随机森林算法构建一个分类器,并通过对其进行训练,使其能够根据边和节点的属性信息对是否存在安全漏洞进行判断,最后结合投票法对输入样本的所属类别进行确定。在实验中,对提出的方法进行了检测精度的检验。最终的测试结果表明,采用提出的方法对异构网络安全漏洞进行检测时,漏洞风险等级的匹配度较高,具备较为理想的检测精度。
Influenced by the diversity and interoperability of connected devices,the relationship between hetero⁃geneous network nodes is complex. Therefore,it usually leads to the lack of effective capture of the relationship be⁃tween nodes when detecting security vulnerabilities, resulting in poor detection accuracy. To solve this problem,this paper proposed a depth detection method for information security vulnerabilities in heterogeneous networks based on a graph neural network. Heterogeneous network entities were regarded as graph nodes,and the relation⁃ship between different entities was regarded as edges. The heterogeneous network was transformed into a graph repre⁃sentation,and the node and edge information were extracted by adjacency matrix and weight matrix,respectively. GraphSAGE network model in the field of graph neural network was used to deal with the nodes and edges in the het⁃erogeneous network,and an attention mechanism was introduced to learn the feature representation of nodes. The feature vectors of nodes and edges in the heterogeneous network were used as data inputs,and a classifier was con⁃structed by using the random forest algorithm and trained to make it determine whether there are security vulnerabili⁃ties based on the attribute information of edges and nodes. Finally,the input samples were classified by voting meth⁃od. In the experiment, the detection accuracy of the proposed method was tested. The final test results show that when the proposed method is used to detect security vulnerabilities in the heterogeneous network,the matching de⁃gree of vulnerability risk levels is high,and the detection accuracy is ideal.
·