基于知识图谱的空管信息系统威胁评估研究

Threat Assessment of Air Traffic Control Information System Based on Knowledge Graph

随着空管信息系统的智能化和开放化发展,风险暴露面正逐渐增大。威胁评估是有效评估空管信息系统脆弱性和安全风险的重要手段,但以往的威胁评估模型大多存在两方面的局限。一方面,通常只关注威胁信息的显性关联关系,导致潜在的攻击路径被忽视或未能被准确地分析;另一方面,在量化威胁时考虑的因素较为粗略,与实际系统环境脱节,导致威胁严重程度和实际情况不符。为此,提出一种基于知识图谱的空管信息系统威胁评估模型。将知识图谱本体模型范围扩展到资产安全属性、缓解措施和被攻陷资产等关键概念,充分融合资产、攻击、漏洞等多源威胁数据构建安全知识图谱,并设计逻辑推理规则弥补知识图谱描述能力的限制;提出推理规则融合广度优先策略的攻击路径识别算法,提取更加全面和准确的攻击路径和攻击关系;基于系统实际运行环境提出细粒度的威胁量化方法,考虑资产外部暴露程度、物理保护和网络防护等因素。实验表明该评估模型有助于识别空管信息系统中多漏洞联合利用形成的潜在攻击路径,同时根据威胁量化对攻击响应进行优先级排序,能有效提高网络安全防御效率。

With the development of intelligent and open air traffic control information system,the risk exposure is gradually increasing.Threat assessment is an important means to effectively assess the vulnerability and security risk of air traffic control information system.However,most of the previous threat assessment models have have two limitations.On the one hand,they usually only focus on the explicit correlation of threat information,which leads to the potential attack path being ignored or not accurately analyzed.On the other hand,the factors taken into account in the quantification of threats are rough and out of line with the actual system environment,resulting in the threat severity not being consistent with the actual situation.Therefore,an air traffic control information system threat assessment model based on knowledge graph is proposed.This paper extends the scope of knowledge graph ontology model to key concepts such as asset security attributes,mitigation measures and compromised assets,fully integrates multi-source threat data such as assets,attacks and vulnerabilities to build security knowledge graph,and designs logical reasoning rules to make up for the limitation of description ability of knowledge graph.An attack path recognition algorithm based on breadth-first strategy combined with inference rules is proposed to extract more comprehensive and accurate attack paths and attack relationships.A fine-grained threat quantification method is proposed based on the actual operating environment of the system,considering the external exposure degree of assets,physical protection and network protection.Experiments show that this evaluation model can help to identify potential attack paths formed by the joint exploitation of multiple vulnerabilities in air traffic control information system,and prioritize attack responses according to threat quantification,which can effectively improve the efficiency of network security defense.