Design And Implementation Of A Security Vulnerability Intelligence Platform For The Internet Of Things

With the development of Internet of Things technology,more and more devices are connected to the network,which brings great convenience to people’s production and life.However,the number of IoT devices is huge,with long life cycles and complicated software and hardware upgrades.When security holes appear on the devices,they are vulnerable to attacks and exploits by hackers.Therefore,in order to reduce the impact of vulnerabilities on IoT devices,the first task is to identify IoT devicerelated vulnerabilities from publicly disclosed vulnerabilities so that security researchers can take corresponding mitigation measures.In addition,information in the field of network security is distributed in fragments,and newly disclosed vulnerabilities are often not analyzed in detail.Therefore,it is particularly important to organize fragmented information to help security researchers analyze vulnerabilities and provide early warnings for new vulnerabilities based on existing knowledge..In view of the above problems,the main work of this paper is as follows:First,an IoT vulnerability identification method based on TF-IDF and random forest is designed.For newly disclosed vulnerabilities,if the rule matching cannot be determined as an IoT vulnerability,the vulnerability description is vectorized by TF-IDF,and random The forest classifies the vulnerabilities,solves the problem of manual screening of IoT vulnerabilities,and verifies the effectiveness of the method through experimental data.Second,a method for constructing a knowledge map of security vulnerabilities in the Internet of Things is proposed,and an ontology conceptual model is designed,and instance data is extracted based on the conceptual model and stored in the graph database Neo4j.This method makes the model universal and scalable.The visualization improves the query efficiency,and the effectiveness of the method is verified by experiments.Third,a vulnerability early warning mechanism based on subgraph matching is designed.By setting the structure and attributes of the query graph,all subgraphs are matched from the existing knowledge graph for newly disclosed vulnerabilities,and the similarity is calculated.According to In this way,security researchers can use similar historical vulnerabilities to analyze new vulnerabilities to improve their analysis efficiency.This paper demonstrates the effectiveness of the method through a practical case.Finally,the IoT security vulnerability intelligence platform is designed and implemented to realize the complete process of collecting,identifying,fusing and warning of vulnerabilities and other security data,realizing vulnerability management,knowledge graph management and intelligence.warning management,and the practicality of the platform is verified through testing of each core functional module.