Building a Cybersecurity Knowledge Graph with CyberGraph
Pages 29 - 36
Abstract
Software engineers and security professionals rely on a variety of sources of information, including known vulnerabilities, newly identified weaknesses, and threats, as well as attack patterns and current mitigations. Such information, spread across different places, results in an increased effort for developers in following all the cross-referenced data and finding appropriate solutions to their security issues in a timely manner. Software developers cannot have a good knowledge of the breadth of the different issues and vulnerabilities that are constantly increasing in time; the raising number of security issues to tackle cannot be matched by software developers which need more help from intelligent tools. Therefore, in this work, we present CyberGraph, a tool to automatically build and update a single, easily queryable cybersecurity knowledge graph by automatically linking heterogeneous data from different public repositories. The resulting unique integrated dataset, thanks to its magnitude, allows the execution of sophisticated queries that can quickly provide new insights and valuable perspectives.
References
[1]
Benjamin Ampel, Sagar Samtani, Steven Ullman, and Hsinchun Chen. 2021. Linking common vulnerabilities and exposures to the mitre att&ck framework: A self-distillation approach. arXiv preprint arXiv:2108.01696 (2021).
[2]
Laura Banarescu, Claire Bonial, Shu Cai, Madalina Georgescu, Kira Griffitt, Ulf Hermjakob, Kevin Knight, Philipp Koehn, Martha Palmer, and Nathan Schneider. 2013. Abstract meaning representation for sembanking. In Proceedings of the 7th linguistic annotation workshop and interoperability with discourse. 178--186.
[3]
Sean Barnum. 2012. Standardizing cyber threat intelligence information with the structured threat information expression (stix). Mitre Corporation 11 (2012), 1--22.
[4]
Cataldo Basile, Daniele Canavese, Leonardo Regano, Paolo Falcarin, and Bjorn De Sutter. 2019. A meta-model for software protections and reverse engineering attacks. Journal of Systems and Software 150 (2019), 3--21.
[5]
Cagatay Catal, Alper Ozcan, Emrah Donmez, and Ahmet Kasif. 2023. Analysis of cyber security knowledge gaps based on cyber security body of knowledge. Education and Information Technologies 28, 2 (2023), 1809--1831.
[6]
M. Ceccato, P. Tonella, C. Basile, B. Coppens, B. De Sutter, P. Falcarin, and M. Torchiano. 2017. How Professional Hackers Understand Protected Code while Performing Attack Tasks. In 2017 IEEE/ACM 25th International Conference on Program Comprehension (ICPC). 154--164.
[7]
Mariano Ceccato, Paolo Tonella, Cataldo Basile, Paolo Falcarin, Marco Torchiano, Bart Coppens, and Bjorn De Sutter. 2019. Understanding the behaviour of hackers while performing attack tasks in a professional setting and in a public challenge. Empirical Software Engineering 24 (2019), 240--286.
[8]
Thomas M. Chen, Juan Carlos Sánchez-Aarnoutse, and John F. Buford. 2011. Petri Net Modeling of Cyber-Physical Attacks on Smart Grid. IEEE Trans. Smart Grid 2, 4 (2011), 741--749.
[9]
Stefan Fenz and Andreas Ekelhart. 2009. Formalizing information security knowledge. In Proceedings of the 4th international Symposium on information, Computer, and Communications Security. 183--194.
[10]
Zhuobing Han, Xiaohong Li, Hongtao Liu, Zhenchang Xing, and Zhiyong Feng. 2018. Deepweak: Reasoning common software weaknesses via knowledge graph embedding. In 2018 IEEE 25th International Conference on Software Analysis, Evolution and Reengineering (SANER). IEEE, 456--466.
[11]
International Business Machines Corporation (IBM). 2022. Cost of a Data Breach - 2022 Report. arXiv:https://www.ibm.com/downloads/cas/3R8N1DZJ https://www.ibm.com/reports/data-breach
[12]
SonicWall Inc. 2022. 2022 Cyber Threat Report. https://www.sonicwall.com/medialibrary/en/white-paper/2022-sonicwall-cyber-threat-report.pdf
[13]
Verizon Communications Inc. 2022. 2022 Data Breach Investigations Report. arXiv:https://www.verizon.com/business/resources/T6a/reports/dbir/2022-data-breach-investigations-report-dbir.pdf https://www.verizon.com/business/resources/reports/dbir/
[14]
Jay Jacobs, Sasha Romanosky, Idris Adjerid, and Wade Baker. 2020. Improving vulnerability remediation through better exploit prediction. Journal of Cybersecurity 6, 1 (2020), tyaa015.
[15]
Yan Jia, Yulu Qi, Huaijun Shang, Rong Jiang, and Aiping Li. 2018. A practical approach to constructing a knowledge graph for cybersecurity. Engineering 4, 1 (2018), 53--60.
[16]
Corinne L Jones, Robert A Bridges, Kelly MT Huffer, and John R Goodall. 2015. Towards a relation extraction framework for cyber-security concepts. In Proceedings of the 10th Annual Cyber and Information Security Research Conference. 1--4.
[17]
Kun Li, Huachun Zhou, Zhe Tu, and Bohao Feng. 2020. CSKB: a cyber security knowledge base based on knowledge graph. In Security and Privacy in Digital Economy: First International Conference, SPDE 2020, Quzhou, China, October 30-November 1, 2020, Proceedings 1. Springer, 100--113.
[18]
Xiang Li, Jinfu Chen, Zhechao Lin, Lin Zhang, Zibin Wang, Minmin Zhou, and Wanggen Xie. 2017. A mining approach to obtain the software vulnerability characteristics. In 2017 Fifth International Conference on Advanced Cloud and Big Data (CBD). IEEE, 296--301.
[19]
Peipei Liu, Hong Li, Zuoguang Wang, Jie Liu, Yimo Ren, and Hongsong Zhu. 2022. Multi-features based Semantic Augmentation Networks for Named Entity Recognition in Threat Intelligence. In 2022 26th International Conference on Pattern Recognition (ICPR). IEEE, 1557--1563.
[20]
SS Jeremy Long, S Springett, and W Stranathan. 2015. Owasp dependency check. https://owasp.org/www-project-dependency-check/
[21]
Leo Obrst, Penny Chase, and Richard Markeloff. 2012. Developing an Ontology of the Cyber Security Domain. In STIDS. 49--56.
[22]
Alessandro Oltramari, Lorrie Faith Cranor, Robert J Walls, and Patrick D McDaniel. 2014. Building an Ontology of Cyber Security. In STIDS. Citeseer, 54--61.
[23]
Aditya Pingle, Aritran Piplai, Sudip Mittal, Anupam Joshi, James Holt, and Richard Zak. 2019. Relext: Relation extraction using deep learning approaches for cyber-security knowledge graph improvement. In Proceedings of the 2019 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining. 879--886.
[24]
The Software Security Project. 2023. Zed Attack Proxy. https://www.zaproxy.org/
[25]
Andrea Rossi, Denilson Barbosa, Donatella Firmani, Antonio Matinata, and Paolo Merialdo. 2021. Knowledge graph embedding for link prediction: A comparative analysis. ACM Transactions on Knowledge Discovery from Data (TKDD) 15, 2 (2021), 1--49.
[26]
Taneeya Satyapanich, Francis Ferraro, and Tim Finin. 2020. Casie: Extracting cybersecurity event information from text. In Proceedings of the AAAI conference on artificial intelligence, Vol. 34. 8749--8757.
[27]
Guowei Shen, Wanling Wang, Qilin Mu, Yanhong Pu, Ya Qin, and Miao Yu. 2020. Data-driven cybersecurity knowledge graph construction for industrial control system security. Wireless Communications and Mobile Computing 2020 (2020), 1--13.
[28]
Blake E Strom, Andy Applebaum, Doug P Miller, Kathryn C Nickels, Adam G Pennington, and Cody B Thomas. 2018. Mitre att&ck: Design and philosophy. In Technical report. The MITRE Corporation.
[29]
Zareen Syed, Ankur Padia, Tim Finin, Lisa Mathews, and Anupam Joshi. 2016. UCO: A unified cybersecurity ontology. In Workshops at the thirtieth AAAI conference on artificial intelligence.
[30]
Hongbo Xiao, Zhenchang Xing, Xiaohong Li, and Hao Guo. 2019. Embedding and predicting software security entity relationships: A knowledge graph based approach. In Neural Information Processing: 26th International Conference, ICONIP 2019, Sydney, NSW, Australia, December 12-15, 2019, Proceedings, Part III 26. Springer, 50--63.
[31]
Liu Yuan, Yude Bai, Zhenchang Xing, Sen Chen, Xiaohong Li, and Zhidong Deng. 2021. Predicting entity relations across different security databases by using graph attention network. In 2021 IEEE 45th Annual Computers, Software, and Applications Conference (COMPSAC). IEEE, 834--843.
[32]
Gaofeng Zhang, Paolo Falcarin, Elena Gómez-Martínez, Christophe Tartary, Shareeful Islam, Bjorn De Sutter, and Jerome D'Annoville. 2016. Attack Simulation based Software Protection Assessment Method for Protection Optimisation. In Proc. Int. Conf. Cyber Security and Protection of Digital Services (Cyber Security). 1--8.
Index Terms
- Building a Cybersecurity Knowledge Graph with CyberGraph
Index terms have been assigned to the content through auto-classification.
Recommendations
Detecting Insider Theft of Trade Secrets
Trusted insiders who misuse their privileges to gather and steal sensitive information represent a potent threat to businesses. Applying access controls to protect sensitive information can reduce the threat but has significant limitations. Even if ...
Security beyond cybersecurity: side-channel attacks against non-cyber systems and their countermeasures
AbstractSide-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks ...
A RAkEL-based methodology to estimate software vulnerability characteristics & score - an application to EU project ECHO
AbstractSoftware vulnerabilities constitute a critical threat for cybersecurity analysts in the contemporary society, since the successfully exploited vulnerabilities could harm any system in terms of Confidentiality, Integrity and Availability. Similarly,...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
April 2024
75 pages
ISBN:9798400705656
DOI:10.1145/3643662
This work is licensed under a Creative Commons Attribution International 4.0 License.
Sponsors
In-Cooperation
- Faculty of Engineering of University of Porto
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 26 August 2024
Check for updates
Author Tags
Qualifiers
- Research-article
Funding Sources
- MUR National Recovery and Resilience Plan funded by the European Union - NextGenerationEU
Conference
EnCyCriS/SVM '24
Sponsor:
Upcoming Conference
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 179Total Downloads
- Downloads (Last 12 months)179
- Downloads (Last 6 weeks)104
Reflects downloads up to 25 Nov 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in