The SEPSES Knowledge Graph: An Integrated Resource for Cybersecurity

Publication: Chapter in book/Conference proceedingContribution to conference proceedings

Abstract

This paper introduces an evolving cybersecurity knowledge graph that integrates and links critical information on real-world vulnerabilities, weaknesses and attack patterns from various publicly available sources. Cybersecurity constitutes a particularly interesting domain for the development of a domain-specific public knowledge graph, particularly due to its highly dynamic landscape characterized by time-critical, dispersed, and heterogeneous information. To build and continually maintain a knowledge graph, we provide and describe an integrated set of resources, including vocabularies derived from well-established standards in the cybersecurity domain, an ETL workflow that updates the knowledge graph as new information becomes available, and a set of services that provide integrated access through multiple interfaces. The resulting semantic resource offers comprehensive and integrated up-to-date instance information to security researchers and professionals alike. Furthermore, it can be easily linked to locally available information, as we demonstrate by means of two use cases in the context of vulnerability assessment and intrusion detection.
Original languageEnglish
Title of host publicationThe SEPSES Knowledge Graph: An Integrated Resource for Cybersecurity
PublisherSpringer
Pages198 - 214
DOIs
Publication statusPublished - 2019
Externally publishedYes

Publication series

SeriesLecture Notes in Computer Science (LNCS)
ISSN0302-9743

Cite this