计算机科学
网络威胁
计算机安全
智慧城市
异常检测
网络攻击
人工智能
物联网
作者
Yan Jia,Zhaoquan Gu,Lei Du,Yu Long,Ye Wang,Jianxin Li,Yanchun Zhang
标识
DOI:10.1016/j.knosys.2023.110781
摘要
Smart cities have attracted a lot of attention from interdisciplinary research, and plenty of artificial intelligence based solutions have been proposed. However, cyber security has always been a serious problem, and it is becoming more and more severe in smart cities. The existing attack defense methods are not suitable for detecting multi-step attacks since the detection rules are limited and the efficiency is limited by a large number of false security alarms. Hence, an advanced solution is urgently needed to improve cyber security defense capability. In this paper, we propose a novel attack detection framework called ACAM. To better represent the cyber security knowledge, the framework is based on the MDATA model, which can represent dynamic and temporal-spatial knowledge better than the knowledge graph. The framework consists of the knowledge extraction module, the subgraph generation module, the alarm correlation module, and the attack detection module. These modules can remove false alarms and improve the detection capabilities of multi-step attacks. We implement the framework and conduct experiments on the cyber range platform, the experimental results validate the good performance of attack detection accuracy and efficiency. The framework can greatly improve the cyber security defense capabilities for smart cities.
科研通智能强力驱动
Strongly Powered by AbleSci AI