The SEPSES Knowledge Graph: An Integrated Resource for Cybersecurity

This paper introduces an evolving cybersecurity knowledge graph that integrates and links critical information on real-world vulnerabilities, weaknesses and attack patterns from various publicly available sources. Cybersecurity constitutes a particularly interesting domain for the development of a domain-specific public knowledge graph, particularly due to its highly dynamic landscape characterized by time-critical, dispersed, and heterogeneous information. To build and continually maintain a knowledge graph, we provide and describe an integrated set of resources, including vocabularies derived from well-established standards in the cybersecurity domain, an ETL workflow that updates the knowledge graph as new information becomes available, and a set of services that provide integrated access through multiple interfaces. The resulting semantic resource offers comprehensive and integrated up-to-date instance information to security researchers and professionals alike. Furthermore, it can be easily linked to locally available information, as we demonstrate by means of two use cases in the context of vulnerability assessment and intrusion detection.

[1]  Myong H. Kang,et al.  Security Ontology for Annotating Resources , 2005, OTM Conferences.

[2]  Stefan Fenz,et al.  Formalizing information security knowledge , 2009, ASIACCS '09.

[3]  Stefan Fenz,et al.  AURUM: A Framework for Information Security Risk Management , 2009 .

[4]  Michael D. Iannacone,et al.  Developing an Ontology for Cyber Security Knowledge Graphs , 2015, CISR.

[5]  Ju An Wang,et al.  An Ontological Approach to Computer System Security , 2010, Inf. Secur. J. A Glob. Perspect..

[6]  Sergei Nirenburg,et al.  Ontology in information security: a useful theoretical foundation and methodological tool , 2001, NSPW '01.

[7]  Anupam Joshi,et al.  Modeling Computer Attacks: An Ontology for Intrusion Detection , 2003, RAID.

[8]  Markus Schumacher,et al.  6. Toward a Security Core Ontology , 2003 .

[9]  Ju An Wang,et al.  Security Data Mining in an Ontology for Vulnerability Management , 2009, 2009 International Joint Conference on Bioinformatics, Systems Biology and Intelligent Computing.

[10]  Isabelle Comyn-Wattiau,et al.  Ontologies for Security Requirements: A Literature Survey and Classification , 2012, CAiSE Workshops.

[11]  Mieczyslaw M. Kokar,et al.  Inference and Ontologies , 2014, Cyber Defense and Situational Awareness.

[12]  Ankur Padia,et al.  UCO: A Unified Cybersecurity Ontology , 2016, AAAI Workshop: Artificial Intelligence for Cyber Security.

[13]  Lorrie Faith Cranor,et al.  Building an Ontology of Cyber Security , 2014, STIDS.

[14]  Leo Obrst,et al.  Developing an Ontology of the Cyber Security Domain , 2012, STIDS.