Disclosure of Invention
The embodiment of the application aims to provide a method for constructing a data security intelligent agent based on a large model, which is used for solving the technical problem that effective defense cannot be made on a novel attack mode in a dynamic environment.
In a first aspect, an embodiment of the present application provides a method for constructing a data security agent based on a large model, where the method is applied to a data security agent system, the system includes a plurality of edge agents and a cloud, and the method includes:
When detecting unknown potential attack, the current edge intelligent agent initiates a consensus request to a cloud, wherein the consensus request comprises security threat elements and evidence data;
The cloud terminal calls at least three other edge agents to judge the unknown potential attack as a true novel unknown attack through voting based on a risk coping strategy reasoning rule base stored by a blockchain and the consensus request;
The cloud end performs incremental learning according to the security threat elements and the evidence data to generate a novel countermeasure sample, takes the security threat elements, the evidence data and the novel countermeasure sample as input, quantifies the risk level of the novel unknown attack through a cloud end Bayesian network, combines the risk level with the security threat elements, formulates a risk coping strategy, and schedules at least one other edge agent to execute dynamic defense operation.
Optionally, invoking at least three other edge agents to determine the unknown potential attack as a true novel unknown attack by voting, including:
Invoking at least three other edge agents to vote through PBFT (PRACTICAL BYZANTINE FAULT TOLERANCE, practical Bayesian fault tolerance) algorithm, and when two thirds of the at least three other edge agents determine that the unknown potential attack is a real attack, determining that the unknown potential attack is a real novel unknown attack;
when the risk coping strategy customized by the cloud comprises high risk defense operation, the cloud informs a plurality of edge agents scheduled in the risk coping strategy to execute the high risk defense operation through alliance chain signature authorization, wherein the high risk defense operation comprises at least one of global service interruption and global disconnection.
Optionally, the method further comprises:
When the current edge intelligent agent digs out the high-frequency attack characteristic through the edge domain big model, the current edge intelligent agent judges that potential attack exists, the current edge intelligent agent carries out lightweight characteristic coding on the high-frequency attack characteristic to generate a security threat element of the potential attack, wherein the security threat element comprises an attack entrance and an attack stage characteristic,
The current edge agent takes the attack entry as
Taking the attack stage characteristic as an intermediate node of the edge domain Bayesian network and the potential attack as a hidden variable node as a root node of the edge domain Bayesian network;
Acquiring evidence data of the current edge agent, taking the evidence data as an observed value of the edge domain Bayesian network, quantifying the risk level of the potential attack, and taking the risk level as a local network parameter of the edge domain Bayesian network to upload to the cloud;
And updating global network parameters of the cloud Bayesian network of the cloud by the cloud through a blockchain based on the local network parameters of the edge domain Bayesian network.
Optionally, the cloud end updates global network parameters of the cloud end bayesian network based on the local network parameters of the edge domain bayesian network through a blockchain, including:
The cloud learns local network parameters of the edge domain Bayesian network through a teacher-student network to obtain global network parameters of the updated cloud Bayesian network, writes update records of the local network parameters and the global network parameters into a blockchain, and/or,
And the current edge agent encrypts the local network parameters and then uploads the encrypted local network parameters to the cloud, the cloud aggregates the local network parameters of all edge domain Bayesian networks through federal learning to obtain global network parameters of the cloud Bayesian network, the global network parameters are issued to all edge agents, and updated records of the global network parameters are written into a blockchain.
Optionally, the security rule constraint includes an initial role assignment rule determined from the high frequency attack signature,
The initial role assignment rule includes:
The cloud end schedules at least 3 edge agents according to the type of an attack entrance uploaded by the current edge agents, respectively performs asset analysis, threat hunting and threat assessment, formulates an optimized risk coping strategy according to asset analysis results, threat hunting results and threat assessment results fed back by the at least three edge agents, and distributes the optimized risk coping strategy to the scheduled edge agents for execution, wherein threat hunting comprises detecting potential attacks through a data security knowledge graph, asset analysis results comprise data asset scales related to the potential attacks, and threat assessment comprises detecting and assessing risk levels of the potential attacks.
Optionally, when the risk response policy customized by the cloud is a non-high risk defense operation, the scheduling at least one other edge agent to perform a dynamic defense operation includes performing traffic washing on the current edge agent;
Wherein performing flow cleaning on the current edge agent comprises:
Transferring the service of the current edge agent to an idle edge agent,
Acquiring attack stage characteristics of the current edge intelligent agent;
And executing at least one of the following defending operations on the current edge agent according to the attack stage characteristics:
Algorithm reinforcement, IP blocking, traffic analysis, rights limitation.
Optionally, the scheduling at least one other edge agent to perform dynamic defensive operations includes:
the cloud generates a lightweight on-chain attack fingerprint based on the risk level of the novel unknown attack and a security threat element;
The cloud end determines at least one other edge agent involved in a restoration cross-domain attack chain in the blockchain through the threat diffusion speed in the security threat element, pushes the on-chain attack fingerprint and the risk coping strategy to each edge agent involved in the restoration cross-domain attack chain, and indicates each edge agent involved in the restoration cross-domain attack chain to execute a defending operation according to the risk coping strategy.
Optionally, when the current edge agent digs out the high-frequency attack feature through the edge domain large model embedded with the security rule constraint, the method further comprises:
Judging whether the high-frequency attack feature belongs to unknown potential attack or not by the current edge agent based on a local edge domain large model and a data security knowledge graph, triggering local increment learning locally when the high-frequency attack feature belongs to the unknown potential feature to generate a novel countermeasure sample, inputting the novel countermeasure sample into a countermeasure sample library, extracting attack stage features from the high-frequency attack feature, constructing a dynamic attack graph based on the attack stage features by using a graph calculation engine, and quantifying the level of the newly-added security threat and the threat diffusion speed;
inputting the dynamic attack pattern into the edge domain large model, and generating a local risk defense strategy based on the level of the newly-added security threat and the threat diffusion speed;
judging whether a utility analysis result corresponding to the local risk defense strategy meets service requirements or not through an edge domain Bayesian network, wherein the service requirements comprise at least one of service interruption risks, compliance risks and service performance reduction risks;
When the utility analysis result represents that the local risk defense strategy meets the service requirement, updating local network parameters of the edge domain Bayesian network, and uploading the dynamic attack graph, the optimized local risk defense strategy and the updated local network parameters of the edge domain Bayesian network to the cloud through the blockchain so that the cloud updates the cloud Bayesian network;
And when the utility analysis result characterizes that the local risk defense strategy does not accord with the service requirement, a consensus request is initiated to the cloud.
Optionally, determining, through an edge domain bayesian network, whether the utility analysis result corresponding to the local risk defense policy meets the service requirement includes:
the edge agent is capable of defining candidate defensive actions using an edge domain bayesian network;
performing utility analysis on the defending action;
Selecting a defensive action combination which maximizes a desired utility analysis result through real-time pruning search as an optimal strategy;
and based on the updating of the edge domain She Beisi network, performing posterior probability calibration on the optimal strategy, and taking the calibrated optimal strategy as the local risk defense strategy.
In a second aspect, an embodiment of the present application provides an electronic device, including:
A processor;
and a memory having stored thereon computer readable instructions which, when executed by the processor, implement the above-described method.
The technical scheme provided by the embodiment of the application has the advantages that when the unknown potential attack is detected by the current edge agent, the unknown potential attack is judged to be a real novel unknown attack by voting by at least three other edge agents on the blockchain, so that the cognition consistency of a plurality of edge agents to a dynamic and complex attack scene is ensured, the overstress defense caused by misreporting of a small amount of edge agents is avoided, when the unknown potential attack is judged to be a real novel unknown attack by voting by at least three other edge agents, the cloud performs incremental learning based on the security threat element and evidence data sent by the current edge agent, quantifies the risk level of the novel unknown attack by a cloud Bayesian network, combines the risk level and the security threat element of the novel unknown attack, and establishes a risk coping strategy, so that the cloud can self-adaptively learn the data of the current novel unknown attack, can also reduce phantom cognition generated by only having no real service in the simulation environment, and dynamically establish a risk coping strategy matched with the novel unknown attack based on the novel unknown data, so as to execute dynamic defensive operation, improve the adaptability of the security operation under the dynamic complex environment, and effectively defend against the novel attack mode.
Detailed Description
The present application will be described in detail below with reference to the specific embodiments shown in the drawings, but these embodiments are not limited to the present application, and structural, method, or functional modifications made by those skilled in the art based on these embodiments are included in the scope of the present application.
The embodiment of the application provides a method for constructing a data security intelligent agent based on a large model, which is applied to a data security intelligent agent system. The edge agent is an agent body capable of sensing an environment and taking action to achieve a specific target, and has autonomy, adaptability and interaction capability. Referring to fig. 1, the method for constructing the data security agent based on the large model includes the following steps:
step S101, when the current edge agent detects unknown potential attack, a consensus request is initiated to the cloud, wherein the consensus request comprises security threat elements and evidence data.
Optionally, an edge domain large model is laid out in the edge agent, and the edge domain large model is used for identifying attacks. If the edge domain big model of the current edge intelligent agent detects the attack, the edge domain big model judges whether the system log of the current edge intelligent agent has abnormal events, abnormal network traffic and the like according to local static evidence and/or dynamic evidence, if the static evidence proves that the current edge intelligent agent has the abnormal events, the type of the attack can be matched according to corresponding security rules, if the dynamic evidence proves that the current edge intelligent agent has the abnormal events, the edge domain big model can be used for deducing which attack the evidence belongs to, and if the static evidence and the dynamic evidence can not judge the type of the attack, the attack detected by the current edge intelligent agent can be considered as unknown potential attack.
By way of example, static evidence may refer to evidence derived from direct matching of security rules, such as evidence derived from matching of existing vulnerability libraries based on data such as files, processes, logs, network protocols, and the like.
For example, an anomalous DNS lookup record corresponds to a DNS hijacking and DNS cache poisoning in a security rule.
For another example, finds the malware name of the attack signature or file hash value in the security rule by analyzing the attack signature or file hash value corresponding to the malware list.
Dynamic evidence may be evidence of security threats that are deduced using edge domain large models based on knowledge maps and/or countermeasure networks. In this case, the evidence of what the security threat is may not be directly matched in the security rule, but the evidence of the security threat may be deduced by the edge domain large model based on knowledge graph and/or countermeasure network to obtain attack entry and attack stage characteristics.
Step S102, the cloud terminal responds to a policy reasoning rule base and a consensus request based on risk stored in the blockchain, and calls at least three other edge agents to judge that the unknown potential attack is a real novel unknown attack through voting.
If the current edge agent detects an unknown potential attack and initiates a consensus request to the cloud, the cloud invokes at least three other edge agents to judge the unknown potential attack as a true novel unknown attack through voting, namely, the cloud adopts distributed verification, so that the cognitive consistency of a plurality of edge agents on the complex unknown potential attack is ensured, and the overdriving defense caused by false alarm of the edge agents can be avoided.
Step S103, the cloud performs incremental learning according to the security threat elements and the evidence data to generate a novel countermeasure sample, takes the security threat elements, the evidence data and the novel countermeasure sample as input, quantifies the risk level of novel unknown attack through a cloud Bayesian network, combines the risk level and the security threat elements, formulates a risk coping strategy, and schedules at least one other edge agent to execute dynamic defense operation.
Optionally, the cloud may invoke at least three other edge agents to determine whether the unknown potential attack is a real novel unknown attack by voting after determining that the unknown potential attack is the novel unknown attack, and if so, the cloud starts incremental learning to generate a novel countermeasure sample. Furthermore, the security threat elements, the evidence data and the novel countermeasure samples are taken as input through a cloud Bayesian network, and the risk level of the novel unknown attack is quantified. The risk level of the novel unknown attack quantified by the bayesian network may include high risk, medium risk and low risk, and specifically may be finally determined to be high risk, medium risk or low risk by scoring by CVSS (Common Vulnerability Scoring System, universal vulnerability scoring system).
According to the embodiment of the application, when the current edge agent detects the unknown potential attack and sends the consensus request to the cloud, after the at least three other edge agents on the blockchain judge that the unknown potential attack is a real novel unknown attack through voting, the cloud is triggered to perform incremental learning, whether the unknown potential attack is the real novel unknown attack can be judged through voting by the at least three other edge agents, the cognition consistency of a plurality of edge agents to a dynamic and complex attack scene can be ensured, the overstress defense caused by misinformation of a small number of edge agents is avoided, the cloud performs incremental learning according to security threat elements and evidence data to generate novel countermeasure samples, quantifies the risk level of the novel unknown attack through a Bayesian network, combines the risk level of the novel unknown attack and the security threat elements, and establishes a risk coping strategy, so that the cloud can adaptively learn the data of the current novel unknown attack, dynamically establishes a risk coping strategy matched with the novel unknown attack based on the data of the novel unknown attack, so as to execute dynamic defense operation, improve the adaptability of the security defense operation under the dynamic and complex environment, and effectively defend the novel attack mode.
In one embodiment, the cloud call in step S102 at least three other edge agents determine that the unknown potential attack is a true new unknown attack by voting, and specifically includes:
invoking at least three other edge agents to vote through a practical Bayesian fault tolerance PBFT algorithm, and judging that the unknown potential attack is a real novel unknown attack when two thirds of the at least three other edge agents judge that the unknown potential attack is a real attack;
When the cloud customized risk response policy comprises high risk defense operation, the cloud informs a plurality of edge agents scheduled in the risk response policy to execute the high risk defense operation through alliance chain signature authorization, wherein the high risk defense operation comprises at least one of global service interruption and global disconnection.
Specifically, each edge agent is used as a node on the alliance chain, if the current edge agent detects an unknown potential attack and initiates a consensus request to the cloud, nodes participating in verification (for example, more than or equal to 4 nodes) vote through a practical Bayesian fault tolerance PBFT algorithm, and if more than or equal to 2/3 nodes confirm, the unknown potential attack is judged to be a true novel unknown attack. Furthermore, for high-risk defense operation (such as at least one of global service interruption and global network interruption), signature authorization of a plurality of nodes of the alliance chain is needed, so that single-node false triggering is avoided.
It should be noted that the cloud large model can simulate business influence (such as service interruption probability and compliance risk) after the risk response policy is executed to generate a risk score, and if the score exceeds a threshold (such as > 70%), the cloud large model can automatically switch to a mild risk response policy (such as current limiting alternative blocking).
In one embodiment, the edge agent is provided with an edge domain large model, which the edge agent may train in advance. Illustratively, when training the edge domain big model, historical attack data (such as penetration test reports and Payload captured by honeypots) are collected and classified according to attack modes, such as SQL (Structured Query Language ) injection mode, XSS (Cross SITE SCRIPTING, cross site script) attack mode, override attack mode, data sharing leakage attack mode and the like, and feature vectors of the historical attack data are marked according to the attack modes, such as grammar structures of injection sentences, abnormal traffic statistics features and statistical ranges of data leakage.
The edge agent processes the historical attack data using a generation challenge network and/or a variation algorithm to generate a challenge sample. The historical attack data comprises different types of attacks, and the manner of generating the challenge sample is different for the different types of attacks. Specifically, aiming at text type attacks, an edge agent inserts malicious fragments into query sentences to obtain an countermeasure sample, aiming at traffic type attacks, the edge agent inserts hidden attack loads (such as DNS Domain NAME SYSTEM Domain name system tunnel data) into legal traffic to obtain the countermeasure sample, and aiming at data leakage attacks, the edge agent inserts small parts of request data which are larger than the user permission range after identity and permission identification pass to obtain the countermeasure sample. The historical attack data are processed, the obtained countermeasure sample is mixed with normal data to construct a countermeasure sample library close to real attack, the data in the countermeasure sample library is used as training data of an edge domain large model in the edge domain intelligent agent, and the fact that the edge domain large model after training is used in the subsequent process can be processed based on newly collected attack data to obtain a new countermeasure sample, the new countermeasure sample can be added into the countermeasure sample library for updating and training the edge domain large model, and robustness of the edge domain large model to hidden attack can be improved.
In one embodiment, the edge domain big model includes a heterogeneous data awareness module and a threat identification module. The heterogeneous data perception module is used for analyzing multi-source heterogeneous data such as the terminal of the Internet of things and the like so as to extract data characteristics and identify sensitive data. The heterogeneous data perception module integrates a multi-application layer protocol parsing engine and can parse structured data (such as database records), semi-structured data (such as a JSON format or an XML format log) and unstructured data (such as network traffic packets and picture video data). The threat identification module is used for carrying out threat identification analysis on the identified sensitive data.
Optionally, when the heterogeneous data perception module in the edge domain large model extracts the data features, the extraction modes adopted by the data in different formats are different.
Illustratively, the structured data is parsed and semantically analyzed by ANTLR (ANother Tool For Language Recognition, language recognition tool) to extract key fields in the structured data, such as patient medical record information that the user has manipulated (add/delete/modify/search) the hospital system.
And (3) extracting key fields in the semi-structured data, such as time stamp, user ID, operation content, database password information, software and hardware password module access control code information and the like, from the semi-structured data through regular expression matching and natural language processing.
And analyzing unstructured data through an application layer protocol, and extracting source IP, destination IP, ports, protocols and load characteristics.
Optionally, when the heterogeneous data perception module in the edge domain large model identifies sensitive data, a mixed identification model is constructed based on a rule engine and a deep learning model, sensitive fields in the identification data, such as passwords, access control information, keys, important business data (such as core area monitoring information, personal privacy data (such as identity card numbers, bank card numbers, government reports, enterprise financial reports and the like) and the like, are identified, and the sensitive data is classified and graded by combining compliance labels in a data security knowledge base (user information and enterprise data). The rule engine can be an identification engine for realizing sensitive fields by using regular expression matching data, and the deep learning model can be a BiLSTM +CRF model (Bidirectional Long Short-Term Memory with Conditional Random Fields, a bidirectional long-short term memory network and a conditional random field model).
Optionally, when threat identification module in the edge domain large model performs threat identification analysis on the identified sensitive data, a pre-generated data security knowledge graph can be called, the sensitive data and the data security knowledge graph are aligned by using entity link technology, if an abnormal alignment result is obtained, similarity calculation and reasoning are performed on the multi-source heterogeneous data and the historical attack data by using the graph neural network, so as to identify whether the current behavior is an attack behavior. Wherein entity relationships (e.g. "user a owns rights B requesting asset C to use protection D", then "face E risk") may be extracted from the data security standard document in advance to obtain the data security knowledge graph.
Referring to fig. 2, in one embodiment, before step S101, the method for constructing a data security agent based on a large model further includes the following steps:
Step S201, when the current edge intelligent agent digs out the high-frequency attack characteristic through the edge domain large model embedded with the security rule constraint, the current edge intelligent agent judges that potential attack exists, and the current edge intelligent agent carries out lightweight characteristic coding on the high-frequency attack characteristic to generate a security threat element of the potential attack, wherein the security threat element comprises an attack entrance and attack stage characteristics.
Fusing the security rule constraint with the edge domain big model to obtain the edge domain big model embedded with the security rule constraint can be realized by the following modes:
Compliance policies in the security rules (e.g., video surveillance data inhibit transprovincially transmissions) are converted to logical expressions, which are encoded into executable constraints (i.e., security rule constraints) using a logical programming framework.
Entity data in the sensitive data, such as access users, access frequency, access period distribution, access geography and the like, is collected and calculated, and abnormal operation sequences in the entity data, such as high frequency data export in a Short time, unauthorized user operation, data access and interface call of abnormal periods, access of abnormal geography positions and the like, are detected through a time sequence analysis model (such as an LSTM (Long Short time-Term Memory network).
Illustratively, the security rule constraint may be performed for entity data by:
and introducing security rule constraint weights into the attention layer of the edge domain large model, so that the security constraint rules have different attention degrees on different data in the abnormal operation sequence under different scenes, for example, the attention to geographic position fields in the abnormal operation sequence is enhanced under a data cross-provincial circulation scene.
If the current edge agent digs out high-frequency attack characteristics (such as a behavior mode of a specific malicious IP) through an edge domain large model embedded with security rule constraints, judging that potential threat exists. Furthermore, the current edge agent can perform lightweight feature encoding on the high-frequency attack features in a hash operation mode to generate a security threat element of potential attack. The security threat elements comprise attack inlets and attack stage features, wherein the attack inlets comprise kernel vulnerabilities, plaintext communications, weak passwords, low-level security algorithms and the like, and the attack stage features comprise attack stages, threat diffusion speeds and influence ranges.
Step S202, the current edge agent takes an attack entry as a root node of the edge domain Bayesian network, takes an attack stage characteristic as an intermediate node of the edge domain Bayesian network, and takes a potential attack as a hidden variable node.
The current edge agent can define edge domain bayesian network nodes based on entity data (such as user roles, data assets, protection measures, risk exposure, attack means, vulnerabilities, asset values, etc.) in the data security knowledge graph. The entity data may include, but is not limited to, network security class, data security class, information security class, privacy security class data, and the like.
For example, the root node includes attack portals (e.g., kernel vulnerabilities, plaintext communications, weak passwords, low-level security algorithms, etc.), the intermediate nodes include attack stage features including attack stages (e.g., data probes, override, etc.), scope of impact (e.g., data leaks, service breaks, etc.), and threat diffusion speed, and the leaf nodes include risk classes (high risk/medium risk/low risk).
The current edge agent can define a conditional probability relation between nodes according to historical attack data and threat information, for example, P (data leakage | sensitive data is not encrypted) =0.90, the probability of data leakage is 0.90 in the case of sensitive data bit encryption, P (service interruption| attack traffic peak >10 Gbps) =0.95, and the probability of service interruption is 0.95 in the case of attack traffic peak >10 Gbps. The current edge intelligent agent can extract statistical values such as vulnerability utilization frequency, attack mode distribution and the like from the data security knowledge graph, initialize the root node probability, and dynamically adjust the probability by combining real-time data (such as equipment exposure surface and log alarm frequency) reported by the edge nodes.
Hidden variable nodes are introduced to potential attacks (such as zero-day loopholes and the attack of the latest cryptographic technology on a historical algorithm), and the current edge agent can estimate the probability of the hidden variable nodes through an MCMC algorithm (Markov Chain Monte Carlo Method, markov chain Monte Carlo algorithm). For example, when a sudden increase of the log alarm frequency A of a certain device is detected, but no matching loopholes exist in the data security knowledge graph, a hidden variable H is introduced to indicate that potential attacks exist. The P (a|h) likelihood function=80% is dynamically adjusted empirically (assuming a 80% probability of a rise in the presence of H). Sampling from the posterior distribution P (h|a) using the MCMC algorithm gives a sampling result P (h|a) =0.65 for the posterior probability, i.e. given a sudden increase, H has a probability of 65%. And introducing an exposed surface evidence E (such as an open high-risk port), further updating the posterior probability, wherein the new posterior probability P (H|E, A) =0.82, namely, given that A and E occur simultaneously, the probability of H is raised to 82%, and zero-day vulnerability early warning is triggered.
And step 203, acquiring evidence data of the current edge agent, taking the evidence data as an observation value of the edge domain Bayesian network, quantifying the risk level of the potential attack, and uploading the risk level as a local network parameter of the edge domain Bayesian network to the cloud.
When the current edge intelligent agent judges that potential attack exists, evidence data of the current edge intelligent agent are obtained, wherein the evidence data comprise static evidence and dynamic evidence. Static evidence includes asset attributes (e.g., data classification rating information, equipment, system architecture, etc.), compliance policies (e.g., legal regulatory entries), dynamic evidence includes real-time alerts (e.g., abnormal logging, traffic surges, data abnormal flows), threat intelligence (e.g., CVE vulnerability scores).
The evidence data of the edge agent is mapped into an observation value of an edge domain Bayesian network, and the edge Bayesian network can estimate at least the probability of the leaf node, namely the risk probability, based on the MCMC algorithm. Note that, considering that the MCMC algorithm is an approximation algorithm, the probability is estimated by random sampling. In order to more accurately quantify the risk level of a potential attack based on evidence data of the current edge agent when the current edge agent determines that the potential attack exists, the edge domain bayesian network may use an accurate inference algorithm, such as a junction tree algorithm, to determine the risk probability of the leaf node. And under the condition that the Risk probability of the leaf node is obtained, converting the Risk probability of the leaf node into a Risk value risk=P (Risk occurrence) ×asset value×influence coefficient by combining with business influence, and determining the Risk level of the potential attack based on the size of the Risk value. And uploading the risk level as a local network parameter of the edge domain Bayesian network to the cloud by the current edge agent.
Step S204, the cloud end updates global network parameters of the cloud end Bayesian network based on local network parameters of the edge domain Bayesian network through the blockchain.
In one embodiment, in step S204, the cloud end updates global network parameters of the cloud end bayesian network based on local network parameters of the edge domain bayesian network through blockchain, specifically including:
the cloud end learns local network parameters of the edge domain Bayesian network through a teacher-student network to obtain updated global network parameters of the cloud end Bayesian network, and the local network parameters and updated records of the global network parameters are written into the blockchain.
Specifically, the current edge agent is used as a student network end in a teacher-student network, and the edge domain Bayesian network is trained by using local data to output local network parameters of the edge domain Bayesian network. And the cloud end serves as a teacher network end in the teacher-student network, and local network parameters of the edge domain Bayesian network are aggregated and distilled to obtain updated global network parameters of the cloud end Bayesian network. The method comprises the steps of preserving key domain characteristics (such as attack mode weight and rule constraint logic) in the distillation process, and filtering noise data in an edge domain Bayesian network. The cloud can write the global network parameters of the updated cloud Bayesian network into the blockchain, so that the edge agent can conveniently acquire the global network parameters of the updated cloud Bayesian network from the blockchain to update the local network parameters of the edge domain Bayesian network.
In the second mode, when the current edge agent encrypts the local network parameters and then uploads the local network parameters to the cloud, the cloud acquires global network parameters of the cloud Bayesian network by aggregating the local network parameters of all edge domain Bayesian networks through federal learning, the global network parameters are issued to all edge agents, and updated records of the global network parameters are written into the blockchain.
Illustratively, the current edge agent trains the edge domain Bayesian network based on the local data, obtains local network parameters of the edge domain Bayesian network, encrypts and uploads the local network parameters to the cloud. The cloud end acquires global network parameters of the cloud end Bayesian network by aggregating local network parameters of all edge domain Bayesian networks through federal learning, and transmits the global network parameters to all edge agents to realize synchronization of the edge domain Bayesian network. The cloud end also writes updated records of global network parameters into the blockchain (such as a CP table version and utility function weights), so that transparency and traceability are ensured.
It should be noted that the above two types may be used alone or in combination to update the global network parameters of the cloud bayesian network based on the local network parameters of the edge domain bayesian network, which is not limited herein.
In one embodiment, when the current edge agent digs out the high-frequency attack feature through the edge domain large model embedded with the security rule constraint, the method for constructing the data security agent based on the large model further comprises the following steps, see fig. 3:
Step 301, judging whether the high-frequency attack feature belongs to unknown potential attack or not by the current edge agent based on the local edge domain large model and the data security knowledge graph, triggering local increment learning locally when the high-frequency attack feature belongs to the unknown potential feature to generate a novel countermeasure sample, inputting the novel countermeasure sample into a countermeasure sample library, extracting attack stage features from the high-frequency attack feature, constructing a dynamic attack graph by using a graph calculation engine based on the attack stage features, and quantifying the level and threat diffusion speed of the newly-added security threat.
Illustratively, when the current edge agent determines that the high-frequency attack feature (such as the behavior pattern of a specific malicious IP) belongs to an unknown potential attack, the current edge agent automatically triggers local model incremental learning, generates a novel countermeasure sample in real time and injects the novel countermeasure sample into a countermeasure sample library. Based on ATT & CK (ADVERSARIAL TACTICS, techniques, and Common Knowledge), frame indexes, attack stage features are extracted from multi-source data (logs, traffic, threat intelligence) and/or high-frequency attack features, and a graph calculation engine is used to construct a dynamic attack graph to quantify attack threat level (such as CVSS score) and threat spread rate.
The graph calculation engine builds a dynamic attack graph, the attack stage characteristics can be extracted from the multi-source data and/or the high-frequency attack characteristics, the attack stage characteristics are represented and stored in a graph mode, the graph algorithm is used for identifying attack paths and associated attack events in real time, and the attack graph is updated in real time, so that the dynamic attack graph is obtained.
Step S302, inputting the dynamic attack pattern into an edge domain large model, and generating a local risk defense strategy based on the level of the newly-added security threat and the threat diffusion speed.
The "isolation server a" is illustratively converted into a graph node, the corresponding defending action and the corresponding influence range are obtained, multi-modal deduction is performed on the change of the influence range, the loss suffered by the data asset and the like, the defending map is dynamically updated, and the effect is evaluated, for example, the evolution of the simulated attack (such as switching to the server B by an attacker after isolation) is simulated, so that a local risk coping strategy is generated.
Step S303, judging whether a utility analysis result corresponding to the local risk defense strategy meets service requirements or not through an edge domain Bayesian network, wherein the service requirements comprise at least one of service interruption risks, compliance risks and service performance reduction risks.
And S304, updating local network parameters of the edge domain Bayesian network when the utility analysis result represents that the local risk defense strategy meets the service requirement, and uploading the dynamic attack map, the optimized local risk defense strategy and the updated local network parameters of the edge domain Bayesian network to the cloud through the blockchain so as to enable the cloud to update the cloud Bayesian network.
Optionally, the edge agent can perform posterior probability calibration on the selected optimal strategy by using edge domain bayesian network for defense action modeling and utility analysis, optimal strategy selection, and the calibrated optimal strategy is used as the local risk defense strategy.
The method specifically comprises the following steps of modeling and utility analysis aiming at the defensive action:
defining candidate defensive actions such as blocking IP, quarantining devices, initiating backups, algorithm reinforcement, etc.;
For each candidate defending action, associating an execution cost and an effect probability, wherein the execution cost can be resource consumption and service interruption time, and the effect probability can be the probability that the risk can be reduced by executing the corresponding defending action, for example, the risk that the risk of attack can be reduced by 80% by executing the defending action of blocking IP;
based on the multi-objective optimization, defining a utility function, and determining a utility analysis result of the defending action based on the utility function, wherein the multi-objective optimization can be Risk reduction objective optimization and Cost control objective optimization, the utility function can be U (a) =alpha×delta Risk-beta×cost (a), the alpha represents a weight coefficient of the Risk reduction objective, the beta represents a weight coefficient of the Cost control objective, and the two weight coefficients can be dynamically adjusted by compliance requirements and business requirement priorities.
For example, in an emergency business scenario in the financial industry, α employs a higher weight coefficient, and β employs a lower weight coefficient;
In a campus correction operation system in the teaching industry, alpha adopts a lower weight coefficient, and beta adopts a higher weight coefficient. The weight coefficients of alpha and beta can be correspondingly adjusted because the nodes of the edge agent in the same industry are different in the positions of the data security agent system.
The optimal strategy selection can comprise expanding an edge domain Bayesian network into an influence graph containing decision nodes and utility nodes, and constructing causal relations between defensive actions and utility analysis results. For example, a real-time pruning search may be used to select a combination of defensive actions that maximizes the desired utility analysis results as the optimal strategy of choice. Pruning searches are one way to exclude the impossibility of becoming the best choice during the search process. Specifically, an initial defending action combination set can be generated, expected utility (such as cost and reliability) of each defending action combination in the initial defending action combination set is determined, an upper bound and/or a lower bound of the expected utility is set, branches where the defending action combination is located can be cut off if a certain defending action combination does not meet the upper bound and/or the lower bound, further constraint conditions can be set, whether remaining defending action combinations meet the conditions can be determined, corresponding branches can be cut off if the remaining defending action combinations do not meet the conditions, and the defending action combinations corresponding to the remaining branches are used as optimal strategies. For example, for APT attacks, a defensive action combination of "quarantine device+start flow analysis+limit authority" is selected, and for false alarm scenarios, a defensive action combination of "log only+manual review" is selected.
The performing posterior probability calibration on the selected optimal strategy may include:
The method comprises the steps of recording risk changes after actual defending actions are executed, such as whether attacks terminate or not and whether losses occur or not, reversely updating local network parameters in the edge domain Bayesian network, for example, if the attacks stop after the actual defending actions of blocking IP, P (attack mitigation | blocking IP) is improved, namely probability of attack mitigation after the defending actions of blocking IP are executed, and if the defending actions of isolating equipment are actually executed, service interruption is caused, and cost coefficient beta of the defending actions is increased.
It should be noted that, by performing posterior probability calibration on the selected optimal strategy, local network parameters in the edge domain bayesian network can be reversely updated, and dynamic attack patterns can be further updated to optimize the local risk defense strategy. Uploading the updated dynamic attack pattern, the optimized local risk defense strategy and the local network parameters of the updated edge domain Bayesian network to the cloud through the blockchain so as to enable the cloud to update the cloud Bayesian network.
And step 305, when the utility analysis result represents that the local risk defense strategy does not accord with the service requirement, a consensus request is initiated to the cloud.
Optionally, when the utility analysis result indicates that the local risk defense strategy does not meet the service requirement, one way is to reversely update local network parameters in the edge domain bayesian network, update a dynamic attack graph or optimize the local risk defense strategy, and another way is to selectively initiate a consensus request to the cloud, and the cloud responds to the consensus request to formulate a more reasonable risk coping strategy.
In one embodiment, where the cloud-customized risk management policy is not a high risk defense operation, scheduling at least one other edge agent to perform a dynamic defense operation in step S101 includes performing traffic washing on the current edge agent. Wherein, carry out flow to current edge agent and wash, specifically include:
The traffic of the current edge agent is transferred to the idle edge agent,
Acquiring attack stage characteristics of the current edge intelligent agent;
executing at least one of the following defending operations on the current edge agent according to the attack stage characteristics:
Algorithm reinforcement, IP blocking, traffic analysis, rights limitation.
In one embodiment, the scheduling of at least one other edge agent to perform dynamic defensive operations in step S101 includes:
the cloud generates a lightweight on-chain attack fingerprint based on the risk level of the novel unknown attack and the security threat element;
the cloud end determines at least one other edge agent involved in a restoration cross-domain attack chain in the blockchain through the threat diffusion speed in the security threat element, pushes the attack fingerprint and the risk coping strategy on the chain to each edge agent involved in the restoration cross-domain attack chain, and indicates each edge agent involved in the restoration cross-domain attack chain to execute defense operation according to the risk coping strategy.
The data security agent system deploys a HYPERLEDGER FABRIC-based private chain, and a cloud and a plurality of edge agents serve as nodes. Wherein security threat elements (kernel vulnerabilities, plaintext communications, weak passwords, low-level security algorithms, attack phases, threat diffusion rates, impact ranges, etc.) are recorded in the blockchain and Merkle tree is employed to verify integrity. The blockchain is also defined with a uplink rule (if more than or equal to 3 nodes are required to verify), and access authority is set (if only the nodes can inquire specific threat fingerprints) and the subscription information pushing on demand is supported.
The cloud end generates a lightweight on-chain attack fingerprint based on the risk level and the security threat element of the novel unknown attack, wherein the on-chain attack fingerprint is a unique identifier of the novel unknown attack, and is convenient for rapid matching and propagation. The cloud uses threat diffusion speed analysis in security threat elements to judge the range of possible attack of the novel unknown attack in the blockchain network, restores a cross-domain attack chain (such as a Leuckey software propagation path) based on space-time correlation of attack fingerprints on the chain, determines other edge agents related to the restored cross-domain attack chain in the blockchain, and indicates each edge agent related to the restored cross-domain attack chain to execute defense operation according to risk coping strategies.
In one embodiment, the security rule constraint in step S201 includes an initial role allocation rule determined according to the high frequency attack feature, where the initial role allocation rule specifically includes:
The cloud end schedules at least 3 edge agents according to the type of an attack entrance uploaded by the current edge agents, respectively performs asset analysis, threat hunting and threat assessment, formulates an optimized risk coping strategy according to asset analysis results, threat hunting results and threat assessment results fed back by the at least three edge agents, and distributes the optimized risk coping strategy to the scheduled edge agents for execution, wherein the threat hunting comprises detection of potential attacks through a data security knowledge graph, the asset analysis results comprise data asset scales related to the potential attacks, and the threat assessment comprises detection and assessment of risk levels of the potential attacks.
Optionally, a dynamic role arrangement algorithm can be further used, heuristic rules and reinforcement learning are combined, and five types of edge agent roles (such as data asset analysis, threat hunting, threat assessment, policy optimization and edge agent execution) are adaptively allocated according to the real-time situation to form an optimal collaboration link. Heuristic rules are a decision-making technique based on empirical judgment.
The self-adaptive allocation of five types of edge agent roles specifically comprises the steps of carrying out initial role allocation according to attack event characteristics and a predefined strategy of a heuristic rule base, carrying out corresponding action space at least according to a state space to realize collaborative topology dynamic adjustment, and carrying out balanced allocation and fault transfer on the edge agent. The heuristic rule base can be a role allocation scheme generated in advance according to the previous real-time situation such as threat level and resource load, so that initial role allocation can be conveniently carried out by combining the attack event characteristics and the role allocation scheme in the heuristic rule base.
Optionally, the attack event feature includes at least one of attack type, scope of influence, and confidence. The rule base predefined strategy comprises different initial role combinations corresponding to different attack scenes, for example, the attack scenes are data leakage risks, and the initial role combinations comprise data asset analysis, threat hunting, threat assessment, strategy optimization and edge agent execution.
Optionally, the state space is S= { { attack stage }, { node load }, { service priority }, { history collaboration efficiency }, e.g. S= { { lateral movement }, { edge node load 70% }, { core database }, { last task delay 200ms }. Optionally, the action space includes at least one of adding/deleting/replacing edge agents, adjusting initial role combinations, adding parallel edge agents to deal with attacks, replacing high-load edge agents with spare execution edge agents, wherein the high-load edge agents may be edge agents that detected the attack.
Further, the edge agents are distributed and failed over in a balanced manner, and the resource occupancy rate of each edge agent is monitored, and if the delay time of the continuous multiple tasks is greater than 100ms, the reassignment is triggered, for example, the tasks of the high-load edge agents are migrated to the idle edge agents. After redistribution, the state of the edge agent is uploaded to the cloud end, so that the cloud end is convenient to adjust risk coping strategies.
In the embodiment of the application, the edge agent can comprise but is not limited to embedded equipment, an industrial personal computer, a server and the like. The cloud and edge agents may be the same hardware or different hardware, which is not limited herein.
An embodiment of the present application provides an electronic device, including:
A processor;
and the memory is stored with computer readable instructions which, when executed by the processor, implement the method for constructing the data security agent based on the large model.
The embodiment of the application provides a device for constructing a data security intelligent agent based on a large model, which comprises
The processor may be configured to perform the steps of,
And the memory is stored with computer readable instructions which, when executed by the processor, implement the method for constructing the data security agent based on the large model.
It should be appreciated that the processor in embodiments of the application may be a central processing unit (central processing unit, CPU), which may also be other general purpose processors, digital signal processors (DIGITAL SIGNAL processors, DSPs), application Specific Integrated Circuits (ASICs), off-the-shelf programmable gate arrays (field programmable GATE ARRAY, FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
It should also be appreciated that the memory in embodiments of the present application may be either volatile memory or nonvolatile memory, or may include both volatile and nonvolatile memory. The nonvolatile memory may be a read-only memory (ROM), a Programmable ROM (PROM), an erasable programmable ROM (erasable PROM), an electrically erasable programmable EPROM (EEPROM), or a flash memory. The volatile memory may be random access memory (random access memory, RAM) which acts as external cache memory. By way of example, and not limitation, many forms of random access memory (random access memory, RAM) are available, such as static random access memory (STATIC RAM, SRAM), dynamic Random Access Memory (DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data rate synchronous dynamic random access memory (double DATA RATE SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (ENHANCED SDRAM, ESDRAM), synchronous link dynamic random access memory (SYNCHLINK DRAM, SLDRAM), and direct memory bus random access memory (direct rambus RAM, DR RAM).
The above embodiments may be implemented in whole or in part by software, hardware (e.g., circuitry), firmware, or any other combination. When implemented in software, the above-described embodiments may be implemented in whole or in part in the form of a computer program product. The computer program product comprises one or more computer instructions or computer programs. When the computer instructions or computer program are loaded or executed on a computer, the processes or functions in accordance with embodiments of the present application are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by infrared, microwave, or the like, from one website site, computer, server, or data center. Computer readable storage media can be any available media that can be accessed by a computer or data storage devices, such as servers, data centers, etc. that contain one or more collections of available media. Usable media may be magnetic media (e.g., floppy disks, hard disks, magnetic tape), optical media (e.g., DVD), solid state disks, etc.
It should be understood that the term "and/or" is merely an association relationship describing the associated object, and means that three relationships may exist, for example, a and/or B, and may mean that a exists alone, while a and B exist alone, and B exists alone, wherein a and B may be singular or plural. In addition, the character "/" herein generally indicates that the associated object is an "or" relationship, but may also indicate an "and/or" relationship, and may be understood by referring to the context.
In the present invention, "at least one" means one or more, and "a plurality" means two or more. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (a, b, or c) of a, b, c, a-b, a-c, b-c, or a-b-c may be represented, wherein a, b, c may be single or plural.
The communication bus mentioned above for the electronic device may be a peripheral component interconnect standard (PERIPHERAL COMPONENT INTERCONNECT, PCI) bus or an extended industry standard architecture (Extended Ind ustry Standard Architecture, EISA) bus, etc. The communication bus may be classified as an address bus, a data bus, a control bus, or the like.
The communication interface is used for communication between the electronic device and other devices. The Memory may include random access Memory (Random Access Memory, RAM) or may include Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor. The processor may be a general-purpose processor including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc., or may be a digital signal processor (DIGITALSIGNAL PROCESSOR, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments in part.
The foregoing is merely a preferred embodiment of the present application, and is not intended to limit the scope of the present application. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application are included in the protection scope of the present application.