摘要
为应对高级持续性威胁(APT)等复杂网络攻击,本文提出并实现了一种融合ATT&CK框架与图神经网络(GNN)的智能网络安全防御系统。该系统利用ATT&CK构建标准化攻击知识图谱,通过GNN对多源异构安全数据进行动态图建模与深度关联分析,实现复杂攻击链的实时识别与潜在攻击路径预测,显著提升威胁检测精度与响应速度。
In order to deal with complex network attacks such as Advanced Persistent Threats(APT),this paper proposes and implements an intelligent network security defense system that integrates ATT&CK framework and graph neural network(GNN).The system uses ATT&CK to construct a standardized attack knowledge graph,and uses GNN to perform dynamic graph modeling and deep association analysis on multi-source heterogeneous security data to identify complex attack chains in real time and predict potential attack paths,which significantly improves the accuracy and response speed of threat detection.
作者
刘乃先
LIU Naixian(Xi'an Changsheng Xin'an Information Technology Co.,Ltd.,Xi'an 710000,China)
