Author:
Takko Tuomas,Bhattacharya Kunal,Lehto Martti,Jalasvirta Pertti,Cederberg Aapo,Kaski Kimmo
Abstract
AbstractInformation on cyber-related crimes, incidents, and conflicts is abundantly available in numerous open online sources. However, processing large volumes and streams of data is a challenging task for the analysts and experts, and entails the need for newer methods and techniques. In this article we present and implement a novel knowledge graph and knowledge mining framework for extracting the relevant information from free-form text about incidents in the cyber domain. The computational framework includes a machine learning-based pipeline for generating graphs of organizations, countries, industries, products and attackers with a non-technical cyber-ontology. The extracted knowledge graph is utilized to estimate the incidence of cyberattacks within a given graph configuration. We use publicly available collections of real cyber-incident reports to test the efficacy of our methods. The knowledge extraction is found to be sufficiently accurate, and the graph-based threat estimation demonstrates a level of correlation with the actual records of attacks. In practical use, an analyst utilizing the presented framework can infer additional information from the current cyber-landscape in terms of the risk to various entities and its propagation between industries and countries.
Funder
Suomalainen Tiedeakatemia
Cyberwatch Finland
Publisher
Springer Science and Business Media LLC
Reference48 articles.
1. Forum, W. E. The global risks report 2021. https://www.weforum.org/reports/the-global-risks-report-2021. Online; Accessed 10 January 2021 (2021).
2. CERT-EU. Latest news. https://cert.europa.eu/cert/filteredition/en/CERT-LatestNews.html. Online; Accessed 13 January 2021 (2021).
3. Liu, K. et al. Recent progress of using knowledge graph for cybersecurity. Electronics 11, 2287 (2022).
4. Li, R., Dai, W., He, S., Chen, X. & Yang, G. A knowledge graph framework for software-defined industrial cyber-physical systems. In IECON 2019-45th Annual Conference of the IEEE Industrial Electronics Society, vol. 1, 2877–2882 (IEEE, 2019).
5. Piplai, A. et al. Creating cybersecurity knowledge graphs from malware after action reports. IEEE Access 8, 211691–211703 (2020).
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献