Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.The...Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.They cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network threats.To address the above problems,firstly,this paper constructs the multi-source threat element analysis ontology(MTEAO)by integrating multi-source network security knowledge bases.Subsequently,based on MTEAO,we propose a two-layer threat prediction model(TL-TPM)that combines the knowledge graph and the event graph.The macro-layer of TL-TPM is based on the knowledge graph to derive the propagation path of threats among devices and to correlate threat elements for threat warning and decision-making;The micro-layer ingeniously maps the attack graph onto the event graph and derives the evolution path of attack techniques based on the event graph to improve the explainability of the evolution of threat events.The experiment’s results demonstrate that TL-TPM can completely depict the threat development trend,and the early warning results are more precise and scientific,offering knowledge and guidance for active defense.展开更多
Cyber Threat Intelligence(CTI)is a valuable resource for cybersecurity defense,but it also poses challenges due to its multi-source and heterogeneous nature.Security personnel may be unable to use CTI effectively to u...Cyber Threat Intelligence(CTI)is a valuable resource for cybersecurity defense,but it also poses challenges due to its multi-source and heterogeneous nature.Security personnel may be unable to use CTI effectively to understand the condition and trend of a cyberattack and respond promptly.To address these challenges,we propose a novel approach that consists of three steps.First,we construct the attack and defense analysis of the cybersecurity ontology(ADACO)model by integrating multiple cybersecurity databases.Second,we develop the threat evolution prediction algorithm(TEPA),which can automatically detect threats at device nodes,correlate and map multisource threat information,and dynamically infer the threat evolution process.TEPA leverages knowledge graphs to represent comprehensive threat scenarios and achieves better performance in simulated experiments by combining structural and textual features of entities.Third,we design the intelligent defense decision algorithm(IDDA),which can provide intelligent recommendations for security personnel regarding the most suitable defense techniques.IDDA outperforms the baseline methods in the comparative experiment.展开更多
Assays for transposase-accessible chromatin through high-throughput sequencing(ATAC-seq)are effective tools in the study of genome-wide chromatin accessibility landscapes.With the rapid development of single-cell tech...Assays for transposase-accessible chromatin through high-throughput sequencing(ATAC-seq)are effective tools in the study of genome-wide chromatin accessibility landscapes.With the rapid development of single-cell technology,open chromatin regions that play essential roles in epigenetic regulation have been measured at the single-cell level using single-cell ATAC-seq approaches.The application of scATAC-seq has become as popular as that of scRNA-seq.However,owing to the nature of scATAC-seq data,which are sparse and noisy,processing the data requires different methodologies and empirical experience.This review presents a practical guide for processing scATAC-seq data,from quality evaluation to downstream analysis,for various applications.In addition to the epigenomic profiling from scATAC-seq,we also discuss recent studies in which the function of non-coding variants has been investigated based on cell type-specific cis-regulatory elements and how to use the by-product genetic information obtained from scATAC-seq to infer single-cell copy number variants and trace cell lineage.We anticipate that this review will assist researchers in designing and implementing scATAC-seq assays to facilitate research in diverse fields.展开更多
文摘Advanced Persistent Threat(APT)is now the most common network assault.However,the existing threat analysis models cannot simultaneously predict the macro-development trend and micro-propagation path of APT attacks.They cannot provide rapid and accurate early warning and decision responses to the present system state because they are inadequate at deducing the risk evolution rules of network threats.To address the above problems,firstly,this paper constructs the multi-source threat element analysis ontology(MTEAO)by integrating multi-source network security knowledge bases.Subsequently,based on MTEAO,we propose a two-layer threat prediction model(TL-TPM)that combines the knowledge graph and the event graph.The macro-layer of TL-TPM is based on the knowledge graph to derive the propagation path of threats among devices and to correlate threat elements for threat warning and decision-making;The micro-layer ingeniously maps the attack graph onto the event graph and derives the evolution path of attack techniques based on the event graph to improve the explainability of the evolution of threat events.The experiment’s results demonstrate that TL-TPM can completely depict the threat development trend,and the early warning results are more precise and scientific,offering knowledge and guidance for active defense.
文摘Cyber Threat Intelligence(CTI)is a valuable resource for cybersecurity defense,but it also poses challenges due to its multi-source and heterogeneous nature.Security personnel may be unable to use CTI effectively to understand the condition and trend of a cyberattack and respond promptly.To address these challenges,we propose a novel approach that consists of three steps.First,we construct the attack and defense analysis of the cybersecurity ontology(ADACO)model by integrating multiple cybersecurity databases.Second,we develop the threat evolution prediction algorithm(TEPA),which can automatically detect threats at device nodes,correlate and map multisource threat information,and dynamically infer the threat evolution process.TEPA leverages knowledge graphs to represent comprehensive threat scenarios and achieves better performance in simulated experiments by combining structural and textual features of entities.Third,we design the intelligent defense decision algorithm(IDDA),which can provide intelligent recommendations for security personnel regarding the most suitable defense techniques.IDDA outperforms the baseline methods in the comparative experiment.
基金supported by the National Key R&D Program of China(2021YFA1102100 to J.X.)the National Natural Science Foundation of China(32070644)to J.X.,the Guangdong Basic and Applied Basic Research Foundation(2019A1515110387,2019B1515130004 to J.X.)the Fundamental Research Funds for the Central Universities,Sun Yat-sen University(No.22lgqb30 to JX).
文摘Assays for transposase-accessible chromatin through high-throughput sequencing(ATAC-seq)are effective tools in the study of genome-wide chromatin accessibility landscapes.With the rapid development of single-cell technology,open chromatin regions that play essential roles in epigenetic regulation have been measured at the single-cell level using single-cell ATAC-seq approaches.The application of scATAC-seq has become as popular as that of scRNA-seq.However,owing to the nature of scATAC-seq data,which are sparse and noisy,processing the data requires different methodologies and empirical experience.This review presents a practical guide for processing scATAC-seq data,from quality evaluation to downstream analysis,for various applications.In addition to the epigenomic profiling from scATAC-seq,we also discuss recent studies in which the function of non-coding variants has been investigated based on cell type-specific cis-regulatory elements and how to use the by-product genetic information obtained from scATAC-seq to infer single-cell copy number variants and trace cell lineage.We anticipate that this review will assist researchers in designing and implementing scATAC-seq assays to facilitate research in diverse fields.