CN117436086A - Knowledge graph-based software supply chain security analysis method and system - Google Patents
Knowledge graph-based software supply chain security analysis method and system Download PDFInfo
- Publication number
- CN117436086A CN117436086A CN202311396519.1A CN202311396519A CN117436086A CN 117436086 A CN117436086 A CN 117436086A CN 202311396519 A CN202311396519 A CN 202311396519A CN 117436086 A CN117436086 A CN 117436086A
- Authority
- CN
- China
- Prior art keywords
- vulnerability
- knowledge graph
- knowledge
- component
- supply chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 29
- 238000013507 mapping Methods 0.000 claims abstract description 18
- 238000001914 filtration Methods 0.000 claims abstract description 8
- 238000000034 method Methods 0.000 claims abstract description 6
- 238000000605 extraction Methods 0.000 claims description 9
- 230000009193 crawling Effects 0.000 claims description 3
- 230000000694 effects Effects 0.000 claims description 3
- 238000009499 grossing Methods 0.000 claims description 3
- 238000012360 testing method Methods 0.000 claims description 3
- 238000012423 maintenance Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000008439 repair process Effects 0.000 description 3
- 230000006872 improvement Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/02—Knowledge representation; Symbolic representation
- G06N5/022—Knowledge engineering; Knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/04—Inference or reasoning models
- G06N5/041—Abduction
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Computational Linguistics (AREA)
- Artificial Intelligence (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Mathematical Physics (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a software supply chain safety analysis method and system based on a knowledge graph, which belong to the technical field of software supply chain safety, wherein the method comprises the following steps: obtaining vulnerability knowledge, component dependency relationship and mapping knowledge between a vulnerability database and a component database; constructing a vulnerability knowledge graph taking a vulnerability as an entity and a component knowledge graph taking a component as an entity, and integrating the vulnerability knowledge graph and the component knowledge graph into a supply chain knowledge graph by utilizing the mapping knowledge; obtaining an inference result of the supply chain knowledge graph through a query statement, wherein the inference result comprises vulnerability information, component information influenced by the vulnerability and a vulnerability propagation path; traversing all vulnerability propagation paths, and filtering noise dependency relationships and redundancy dependency relationships. The invention can construct an automatic tens of millions of level software supply chain knowledge graph, thereby achieving the purposes of improving the accuracy of the software supply chain safety analysis result based on the knowledge graph and maintaining the supply chain safety.
Description
Technical Field
The invention belongs to the technical field of software supply chain safety, and particularly relates to a knowledge graph-based software supply chain safety analysis method and system.
Background
In recent years, as the multiplexing of open source software is increasing, the event of attack to the software supply chain is also increasing frequently, and the security analysis and maintenance of the software supply chain is receiving more and more attention from students. Because of the large and complex loopholes of open sources and component dependency information, most current researches use dependency trees to represent the dependency relationship among components, and it is difficult to construct a complete software supply chain. The existing safety analysis data about the supply chain is limited, and the safety problem of the software supply chain cannot be comprehensively analyzed.
Since the graph is most suitable for representing relationships, the adoption of graph-based knowledge representation and storage has significant advantages in addressing knowledge utilization. For this reason, some researchers begin building vulnerability knowledge maps to support vulnerability-related applications. In the aspect of vulnerability propagation and detection, the knowledge graph can assist a developer in detecting whether software is threatened by vulnerabilities from a vulnerability library or not during software development and maintenance, so that the software security is improved. However, the vulnerability knowledge graph is limited to vulnerability knowledge and cannot provide data for software supply chain security analysis. And most of the current supply chain safety analysis related works based on the knowledge graph directly use the reasoning result of the knowledge graph for analysis, and the redundancy of information in the reasoning result is not considered and filtered. Thus, the result of the supply chain security analysis is not accurate enough, and great inconvenience is brought to the repair of the loopholes in the supply chain.
Disclosure of Invention
Aiming at the defects and improvement demands of the prior art, the invention provides a software supply chain safety analysis method and system based on a knowledge graph, and aims to solve the technical problem that the safety analysis result of the existing software supply chain based on the knowledge graph is inaccurate.
In order to achieve the above object, in a first aspect, the present invention provides a software supply chain security analysis method based on a knowledge graph, comprising the steps of:
s1, obtaining vulnerability knowledge, component dependency relationship and mapping knowledge between a vulnerability database and a component database;
s2, constructing a vulnerability knowledge graph taking a vulnerability as an entity and a component knowledge graph taking a component as an entity, and integrating the vulnerability knowledge graph and the component knowledge graph into a supply chain knowledge graph by utilizing the mapping knowledge;
s3, obtaining an inference result of the supply chain knowledge graph through a query statement, wherein the inference result comprises vulnerability information, component information influenced by the vulnerability and a vulnerability propagation path;
s4, traversing all vulnerability propagation paths, and filtering noise dependency and redundancy dependency.
Further, the step S4 includes: traversing all the vulnerability propagation paths, filtering out components which are Test and all the components behind the components in the vulnerability propagation paths, and replacing a plurality of continuous components which belong to the same group in the same vulnerability propagation path with the components which are closest to the components and are easily affected by the vulnerability.
Further, after the step S4, the method further includes: detecting whether a hysteresis library exists in the processed vulnerability propagation path, wherein the hysteresis library is a component library with no updated version in expected release time, and reminding a user if the hysteresis library exists; the expected release time T is expressed as:
T=T last +ΔT
wherein T is last Representing the time at which the last version of the component was published; Δt represents the expected distribution time interval; t is t i Representing the time interval between the release of the components of the ith version and the i-1 th version; alpha is a smoothing parameter representing the speed at which the effect of the previous time interval is reduced, and 0<α<1。
Further, the step S1 includes:
s101, crawling data texts from an NVD vulnerability database, a Maven Central component library and a VERACODE vulnerability library by using a crawler technology;
s102, entity extraction, relation extraction and attribute extraction are carried out on the text obtained in the S101 so as to obtain vulnerability knowledge, component dependency relationship and mapping knowledge between a vulnerability database and a component database.
Further, the step S2 includes:
s201, traversing all vulnerability knowledge, creating relations among vulnerability entity nodes, sub-entity nodes and different nodes, and adding the relations to a knowledge graph so as to construct the vulnerability knowledge graph;
s202, traversing all component knowledge, creating component entity nodes and group nodes, building dependency relationships among components and dependency relationships among groups and components, and adding the dependency relationships into a knowledge graph to construct a component knowledge graph;
s203, traversing all mapping knowledge, and establishing an association relationship between the vulnerability knowledge graph and related nodes in the component knowledge graph, thereby constructing a supply chain knowledge graph.
Further, the step S3 includes:
determining a component or a vulnerability to be analyzed in a supply chain, acquiring an entity corresponding to the component or the vulnerability in a supply chain knowledge graph, searching all propagation paths taking the entity as a starting point, and extracting all information on the propagation paths as a reasoning result.
In a second aspect, the present invention provides a knowledge-graph-based software supply chain security analysis system, comprising a computer-readable storage medium and a processor;
the computer-readable storage medium is for storing executable instructions;
the processor is configured to read executable instructions stored in the computer readable storage medium, and execute the software supply chain security analysis method based on the knowledge graph according to the first aspect.
In general, through the above technical solutions conceived by the present invention, the following beneficial effects can be obtained:
according to the method, the vulnerability knowledge graph and the component knowledge graph are constructed by acquiring vulnerability knowledge, component dependency and mapping knowledge between a vulnerability database and a component database, and are integrated into a supply chain knowledge graph; acquiring an inference result of the supply chain knowledge graph through a query statement to obtain a propagation path of the vulnerability in a supply chain; and then filtering the noise dependency relationship and the redundancy dependency relationship, and predicting a hysteresis library to obtain the component information with safety risk. Therefore, more accurate vulnerability propagation influence range information can be obtained, and practical help is brought to the safety analysis and maintenance of the supply chain.
Drawings
FIG. 1 is a schematic flow chart of a software supply chain security analysis method based on a knowledge graph according to an embodiment of the present invention;
FIG. 2 is a diagram of a framework for constructing a vulnerability knowledge graph in the present invention;
FIG. 3 is a diagram of a knowledge graph framework of a building element of the present invention;
FIG. 4 is a diagram of a framework for constructing a supply chain knowledge graph in accordance with the present invention.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention. In addition, the technical features of the embodiments of the present invention described below may be combined with each other as long as they do not collide with each other.
In the present invention, the terms "first," "second," and the like in the description and in the drawings, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order.
As shown in fig. 1, the invention provides a software supply chain security analysis method based on a knowledge graph, which comprises the following steps:
s1, obtaining vulnerability knowledge, component dependency relationship and mapping knowledge between a vulnerability database and a component database.
The method comprises the steps of inputting NVD, maven Central and mapping library data links, firstly, crawling data texts by using an intelligent crawler technology, wherein mapping information between a vulnerability library and a component library solves the problem of non-uniform naming of two database software, and can be used as mapping data for fusing a vulnerability knowledge graph and a component knowledge graph. And the automatic crawler technology is adopted to collect data on a large scale and design automatic updating, so that data support is provided for constructing a software supply chain knowledge graph.
And then analyzing the text to perform entity extraction, relation extraction and attribute extraction. The step is output to store knowledge required for constructing a supply chain knowledge graph, namely vulnerability knowledge, component dependency relationship and mapping knowledge between a vulnerability database and a component database.
S2, constructing a vulnerability knowledge graph taking the vulnerability as an entity and a component knowledge graph taking the component as an entity, and integrating the vulnerability knowledge graph and the component knowledge graph into a supply chain knowledge graph by utilizing the mapping knowledge.
The step of inputting knowledge required for constructing a supply chain knowledge graph, firstly traversing all vulnerability knowledge, creating relations among vulnerability entity nodes, sub-entity nodes and different nodes, and adding the relations to the knowledge graph so as to construct the vulnerability knowledge graph, as shown in fig. 2; then traversing all component knowledge, creating component entity nodes and group nodes, establishing dependency relationships among components and dependency relationships among groups and components, and adding the dependency relationships into a knowledge graph to construct a component knowledge graph, wherein the component knowledge graph is shown in FIG. 3; and finally traversing all mapping knowledge, and establishing the association relation between the vulnerability knowledge graph and the related nodes in the component knowledge graph, thereby constructing a supply chain knowledge graph, as shown in fig. 4. The output of this step is a supply chain knowledge graph.
S3, obtaining an inference result of the supply chain knowledge graph through a query statement, wherein the inference result comprises vulnerability information, component information influenced by the vulnerability and a vulnerability propagation path.
The step is input as a supply chain knowledge graph, and the functions of inquiring nodes and relations are realized by defining and writing inquiry sentences. By means of the reasoning function of the knowledge graph, information such as loopholes, component dependence, loophole propagation paths and the like can be inquired in the knowledge graph. The supply chain knowledge graph reasoning result acquisition method provides a more flexible and deep analysis and understanding mode of the supply chain data, and provides more comprehensive data for the safety analysis of the supply chain. The output of the step is a reasoning result, namely the vulnerability propagation range.
Specifically, a component or a vulnerability to be analyzed in a supply chain is determined, an entity corresponding to the component or the vulnerability is obtained in a supply chain knowledge graph, all propagation paths taking the entity as a starting point are searched, and all information on the propagation paths is extracted as a reasoning result.
S4, traversing all vulnerability propagation paths, and filtering noise dependency and redundancy dependency.
The input of the step is a vulnerability propagation range, all vulnerability propagation paths are traversed firstly, components which are Test in the vulnerability propagation paths and all the components behind the components are filtered, the components cannot be affected by the vulnerability in the vulnerability propagation paths, and the components belong to noise dependency relations. Then filtering the internal dependence existing in the vulnerability propagation path, namely, the situation that a plurality of continuous components in the same vulnerability propagation path have dependency relationships with each other and belong to the same group, wherein the internal dependence belongs to a redundant dependency relationship; and replacing a group of continuous internal dependencies in the vulnerability propagation path with the component closest to the components susceptible to the vulnerability, so that initiative of a developer for vulnerability repair is improved.
The final treated vulnerability propagation path may also have libraries that are not updated continuously, and even if the libraries are found to be affected by vulnerabilities, the repair vulnerabilities are not updated immediately, which makes maintenance of supply chain security difficult. It is therefore necessary to predict whether a hysteresis library exists in the vulnerability propagation path after processing, so as to obtain component information with security risk.
If the component has no updated version within the expected release time, the component is judged to be a hysteresis library, and the attention is improved. Through further processing, more accurate data can be provided for the software supply chain safety analysis based on the knowledge graph.
The expected release time T is expressed as:
T=T last +ΔT
wherein T is last Representing the time at which the last version of the component was published; Δt represents the expected distribution time interval; t is t i Representing the time interval between the release of the components of the ith version and the i-1 th version; alpha is a smoothing parameter representing the speed at which the effect of the previous time interval is reduced, and 0<α<1。
The expected release time T can also be expressed in terms of an error threshold as: t=t last +2ΔT。
It will be readily appreciated by those skilled in the art that the foregoing description is merely a preferred embodiment of the invention and is not intended to limit the invention, but any modifications, equivalents, improvements or alternatives falling within the spirit and principles of the invention are intended to be included within the scope of the invention.
Claims (7)
1. The software supply chain safety analysis method based on the knowledge graph is characterized by comprising the following steps of:
s1, obtaining vulnerability knowledge, component dependency relationship and mapping knowledge between a vulnerability database and a component database;
s2, constructing a vulnerability knowledge graph taking a vulnerability as an entity and a component knowledge graph taking a component as an entity, and integrating the vulnerability knowledge graph and the component knowledge graph into a supply chain knowledge graph by utilizing the mapping knowledge;
s3, obtaining an inference result of the supply chain knowledge graph through a query statement, wherein the inference result comprises vulnerability information, component information influenced by the vulnerability and a vulnerability propagation path;
s4, traversing all vulnerability propagation paths, and filtering noise dependency and redundancy dependency.
2. The knowledge-based software supply chain security analysis method according to claim 1, wherein the step S4 comprises: traversing all the vulnerability propagation paths, filtering out components which are Test and all the components behind the components in the vulnerability propagation paths, and replacing a plurality of continuous components which belong to the same group in the same vulnerability propagation path with the components which are closest to the components and are easily affected by the vulnerability.
3. The method for analyzing the security of a software supply chain based on a knowledge graph according to claim 1 or 2, wherein after the step S4, further comprises: detecting whether a hysteresis library exists in the processed vulnerability propagation path, wherein the hysteresis library is a component library with no updated version in expected release time, and reminding a user if the hysteresis library exists; the expected release time T is expressed as:
T=T last +ΔT
wherein T is last Representing the time at which the last version of the component was published; Δt represents the expected distribution time interval; t is t i Representing the time interval between the release of the components of the ith version and the i-1 th version; alpha is a smoothing parameter representing the speed at which the effect of the previous time interval is reduced, and 0<α<1。
4. The knowledge-based software supply chain security analysis method according to claim 1, wherein the step S1 comprises:
s101, crawling data texts from an NVD vulnerability database, a Maven Central component library and a VERACODE vulnerability library by using a crawler technology;
s102, entity extraction, relation extraction and attribute extraction are carried out on the text obtained in the S101 so as to obtain vulnerability knowledge, component dependency relationship and mapping knowledge between a vulnerability database and a component database.
5. The knowledge-based software supply chain security analysis method according to claim 1, wherein the step S2 comprises:
s201, traversing all vulnerability knowledge, creating relations among vulnerability entity nodes, sub-entity nodes and different nodes, and adding the relations to a knowledge graph so as to construct the vulnerability knowledge graph;
s202, traversing all component knowledge, creating component entity nodes and group nodes, building dependency relationships among components and dependency relationships among groups and components, and adding the dependency relationships into a knowledge graph to construct a component knowledge graph;
s203, traversing all mapping knowledge, and establishing an association relationship between the vulnerability knowledge graph and related nodes in the component knowledge graph, thereby constructing a supply chain knowledge graph.
6. The knowledge-based software supply chain security analysis method according to claim 1, wherein the step S3 comprises:
determining a component or a vulnerability to be analyzed in a supply chain, acquiring an entity corresponding to the component or the vulnerability in a supply chain knowledge graph, searching all propagation paths taking the entity as a starting point, and extracting all information on the propagation paths as a reasoning result.
7. A software supply chain safety analysis system based on a knowledge graph, which is characterized by comprising a computer readable storage medium and a processor;
the computer-readable storage medium is for storing executable instructions;
the processor is configured to read executable instructions stored in the computer readable storage medium and execute the knowledge-graph-based software supply chain security analysis method of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311396519.1A CN117436086A (en) | 2023-10-26 | 2023-10-26 | Knowledge graph-based software supply chain security analysis method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311396519.1A CN117436086A (en) | 2023-10-26 | 2023-10-26 | Knowledge graph-based software supply chain security analysis method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117436086A true CN117436086A (en) | 2024-01-23 |
Family
ID=89549364
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311396519.1A Pending CN117436086A (en) | 2023-10-26 | 2023-10-26 | Knowledge graph-based software supply chain security analysis method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117436086A (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110321240A (en) * | 2019-06-28 | 2019-10-11 | 阿里巴巴集团控股有限公司 | A kind of business impact assessment method and apparatus based on time series forecasting |
| CN112381126A (en) * | 2020-11-02 | 2021-02-19 | 安徽华米智能科技有限公司 | Indoor and outdoor scene recognition method and device, electronic equipment and storage medium |
| CN112749396A (en) * | 2021-01-21 | 2021-05-04 | 恒安嘉新(北京)科技股份公司 | Method, device, equipment and storage medium for constructing security vulnerability knowledge graph |
| CN113032794A (en) * | 2021-04-23 | 2021-06-25 | 恒安嘉新(北京)科技股份公司 | Method, device, equipment and storage medium for constructing security vulnerability knowledge graph |
| CN113139192A (en) * | 2021-04-09 | 2021-07-20 | 扬州大学 | Third-party library security risk analysis method and system based on knowledge graph |
| CN113239358A (en) * | 2021-03-11 | 2021-08-10 | 东南大学 | Open source software vulnerability mining method based on knowledge graph |
| CN115033894A (en) * | 2022-08-12 | 2022-09-09 | 中国电子科技集团公司第三十研究所 | Software component supply chain safety detection method and device based on knowledge graph |
| CN115080012A (en) * | 2022-06-27 | 2022-09-20 | 平安银行股份有限公司 | class file conflict recognition method and device, electronic equipment and storage medium |
| CN116804980A (en) * | 2023-06-25 | 2023-09-26 | 软安科技有限公司 | Binary component retrieval method and device |
-
2023
- 2023-10-26 CN CN202311396519.1A patent/CN117436086A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110321240A (en) * | 2019-06-28 | 2019-10-11 | 阿里巴巴集团控股有限公司 | A kind of business impact assessment method and apparatus based on time series forecasting |
| CN112381126A (en) * | 2020-11-02 | 2021-02-19 | 安徽华米智能科技有限公司 | Indoor and outdoor scene recognition method and device, electronic equipment and storage medium |
| CN112749396A (en) * | 2021-01-21 | 2021-05-04 | 恒安嘉新(北京)科技股份公司 | Method, device, equipment and storage medium for constructing security vulnerability knowledge graph |
| CN113239358A (en) * | 2021-03-11 | 2021-08-10 | 东南大学 | Open source software vulnerability mining method based on knowledge graph |
| CN113139192A (en) * | 2021-04-09 | 2021-07-20 | 扬州大学 | Third-party library security risk analysis method and system based on knowledge graph |
| CN113032794A (en) * | 2021-04-23 | 2021-06-25 | 恒安嘉新(北京)科技股份公司 | Method, device, equipment and storage medium for constructing security vulnerability knowledge graph |
| CN115080012A (en) * | 2022-06-27 | 2022-09-20 | 平安银行股份有限公司 | class file conflict recognition method and device, electronic equipment and storage medium |
| CN115033894A (en) * | 2022-08-12 | 2022-09-09 | 中国电子科技集团公司第三十研究所 | Software component supply chain safety detection method and device based on knowledge graph |
| CN116804980A (en) * | 2023-06-25 | 2023-09-26 | 软安科技有限公司 | Binary component retrieval method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP7030707B2 (en) | Systems and methods for generating metadata-driven external interfaces for application programming interfaces | |
| US7606784B2 (en) | Uncertainty management in a decision-making system | |
| CN109522312B (en) | Data processing method, device, server and storage medium | |
| Chen et al. | Temporal representation for mining scientific data provenance | |
| Awad et al. | On efficient processing of BPMN-Q queries | |
| Kondylakis et al. | Ontology evolution: assisting query migration | |
| Luo et al. | Combination of research questions and methods: A new measurement of scientific novelty | |
| Rashid et al. | Completeness and consistency analysis for evolving knowledge bases | |
| Hartmann et al. | Model-driven analytics: Connecting data, domain knowledge, and learning | |
| Yonai et al. | Mercem: Method name recommendation based on call graph embedding | |
| Izsó et al. | Towards precise metrics for predicting graph query performance | |
| Fadlallah et al. | Context-aware big data quality assessment: a scoping review | |
| Zhengxin et al. | Mlops spanning whole machine learning life cycle: A survey | |
| Ba et al. | Integration of web sources under uncertainty and dependencies using probabilistic XML | |
| Movchan et al. | Constructing an Automation System to Implement Intelligence-Led Policing Into the National Police of Ukraine | |
| CN117436086A (en) | Knowledge graph-based software supply chain security analysis method and system | |
| CN114329454B (en) | Threat analysis method and system based on application software big data | |
| Sassi et al. | Supporting ontology adaptation and versioning based on a graph of relevance | |
| Pernischová | The butterfly effect in knowledge graphs: Predicting the impact of changes in the evolving web of data | |
| Esmaeilpour et al. | Design pattern mining using distributed learning automata and DNA sequence alignment | |
| Adnan et al. | Towards Improved Data Analytics Through Usability Enhancement of Unstructured Big Data | |
| CN117217392B (en) | Method and device for determining general equipment guarantee requirement | |
| Kareshk | Predicting Textual Merge Conflicts | |
| US11137989B1 (en) | Constructing a data flow graph for a computing system of an organization | |
| Chen et al. | A multi-source heterogeneous spatial big data fusion method based on multiple similarity and voting decision |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Sun Mingyuan Inventor after: Cheng Hao Inventor after: Li Chaofan Inventor after: Wang Hu Inventor after: Hu Yutao Inventor after: Zou Deqing Inventor before: Cheng Hao Inventor before: Li Chaofan Inventor before: Wang Hu Inventor before: Hu Yutao Inventor before: Sun Mingyuan Inventor before: Zou Deqing |