Abstract
In general, multiple domain cyberspace security assessments are very important for data center security and can be implemented by reasoning user's permissions. However, while existing methods include some information from the physical and social domains, they do not provide a comprehensive representation of cyberspace. Existing reasoning methods are also based on expert given rules, resulting in inefficiency and a low degree of intelligence. To address this challenge, we create a Knowledge Graph (KG) of multiple domain cyberspace in order to provide a standard semantic description of the multiple domain cyberspace. Following that, we proposed a user's permissions reasoning method based on reinforcement learning. All permissions in cyberspace are represented as nodes, and an agent is trained to find all permissions that user can have according to user's initial permissions and cyberspace KG. We set 10 reward setting rules based on the features of cyberspace KG in the reinforcement learning of reward information setting, so that the agent can better locate user's all permissions and avoid blindly finding user's permissions. The results of the experiments showed that the proposed method can successfully reason about user's permissions and increase the intelligence level of the user's permissions reasoning method. At the same time, the F1 value of the proposed method is 6% greater than that of the Translating Embedding (TransE) method.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bai, W., Pan, Z., Guo, S., Chen, Z., Xia, S.: MDC-checker: A novel network risk assessment framework for multiple domain conjurations. Comput. Secur. 86(Sep.), 388–401 (2019)
Eder, J.S.: Knowledge graph based search system. US (2012)
Guo, L., Wen, S., Wang, D., Wang, S., Wang, Q., Liu, H.: Overview of cyber threat intelligence description. In: International Conference on Applications and Techniques in Cyber Security and Intelligence, pp. 343–350. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-79197-1
Zhao, H.: Knowledge graph oriented information extraction. Hans J. Data Mining 10(4), 282–302 (2020)
Wang, X., Zou, L., Wang, C., Peng, P., Feng, Z.: Research on knowledge graph data management: a survey. J. Softw. 30(7), 2140 (2019)
Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 113–135. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45248-5_7
Joshi, A., Lal, R., Finin, T., Joshi, A.: Extracting cybersecurity related linked data from text. In: 2013 IEEE Seventh International Conference on Semantic Computing, pp. 252–259. IEEE (2013)
More, S., Matthews, M., Joshi, A., Finin, T.: A knowledge-based approach to intrusion detection modeling. In: 2012 IEEE Symposium on Security and Privacy Workshops (2012)
Yang, Y., Xu, B., Hu, J., Tong, M., Zhang, P., Zheng, L.: Accurate and ancient method for constructing domain knowledge graph. J. Softw. 29(10), 2931–2947 (2018)
He, Z.H.: Research on knowledge extraction method for Chinese knowledge graph construction, Doctoral thesis. National University of Defense Technology (2017)
Lal, R.: Information extraction of cyber security related terms and concepts from unstructured text. Ph.D. thesis, University of Maryland, Baltimore County (2013)
Mulwad, V., Li, W., Joshi, A., Finin, T., Viswanathan, K.: Extracting information about security vulnerabilities from web text. In: 2011EEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology, vol. 3, pp. 257–260. IEEE (2011)
Hui-Xiang, G.U., Yong, Y.U.: Domain ontology and knowledge inference based semantic web application. J. Shanghai Jiaotong Univ. (Chin. Ed.) 38(4), 583–585 (2004)
Paulheim, H., Bizer, C.: Type inference on noisy RDF data. In: Alani, H., et al. (eds.) ISWC 2013. LNCS, vol. 8218, pp. 510–525. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41335-3_32
Gangemi, A., Nuzzolese, A.G., Presutti, V., Draicchio, F., Musetti, A., Ciancarini, P.: Automatic typing of dbpedia entities. In: Cudré-Mauroux, P., et al. (eds.) ISWC 2012. LNCS, vol. 7649, pp. 65–81. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-35176-1_5
Kliegr, T.: Linked hypernyms: enriching dbpedia with targeted hypernym discovery. J. Web Semant. 31, 59–69 (2015)
Xiong, W., Hoang, T.-L.-G., Wang, W.Y.: Deeppath: a reinforcement learning method for knowledge graph reasoning. In: EMNLP (2017)
Quan, W., Jing, L., Luo, Y., Wang, B., Lin, C.Y.: Knowledge base completion via coupled path ranking. In: Meeting of the Association for Computational Linguistics (2016)
Acknowledgements
This work was supported by the National Science Foundation for Young Scientists of China (No. 62106281).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Pan, Y. et al. (2022). User's Permission Reasoning Method Based on Knowledge Graph Reward Guidance Reinforcement Learning in Data Center. In: Tan, Y., Shi, Y. (eds) Data Mining and Big Data. DMBD 2022. Communications in Computer and Information Science, vol 1744. Springer, Singapore. https://doi.org/10.1007/978-981-19-9297-1_4
Download citation
DOI: https://doi.org/10.1007/978-981-19-9297-1_4
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-9296-4
Online ISBN: 978-981-19-9297-1
eBook Packages: Computer ScienceComputer Science (R0)