Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database ...
Knowledge graphs have shown promise for several cybersecurity tasks, such as vulnerability assessment and threat analysis. In this work, we present a new method for constructing a vulnerability knowledge graph from information in the National Vulnerability Database (NVD). Our approach combines named...
| Main Authors: | , , |
|---|---|
| Format: | Report |
| Language: | unknown |
| Published: |
arXiv
2023
|
| Subjects: | |
| Online Access: | https://dx.doi.org/10.48550/arxiv.2305.00382 https://arxiv.org/abs/2305.00382 |
| id |
ftdatacite:10.48550/arxiv.2305.00382 |
|---|---|
| record_format |
openpolar |
| spelling |
ftdatacite:10.48550/arxiv.2305.00382 2023-06-11T04:11:36+02:00 Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database ... Høst, Anders Mølmen Lison, Pierre Moonen, Leon 2023 https://dx.doi.org/10.48550/arxiv.2305.00382 https://arxiv.org/abs/2305.00382 unknown arXiv Creative Commons Attribution 4.0 International https://creativecommons.org/licenses/by/4.0/legalcode cc-by-4.0 Cryptography and Security cs.CR Artificial Intelligence cs.AI Computation and Language cs.CL Software Engineering cs.SE FOS Computer and information sciences Preprint CreativeWork article Article 2023 ftdatacite https://doi.org/10.48550/arxiv.2305.00382 2023-06-01T11:44:30Z Knowledge graphs have shown promise for several cybersecurity tasks, such as vulnerability assessment and threat analysis. In this work, we present a new method for constructing a vulnerability knowledge graph from information in the National Vulnerability Database (NVD). Our approach combines named entity recognition (NER), relation extraction (RE), and entity prediction using a combination of neural models, heuristic rules, and knowledge graph embeddings. We demonstrate how our method helps to fix missing entities in knowledge graphs used for cybersecurity and evaluate the performance. ... : Accepted for publication in the 24th Nordic Conference on Computational Linguistics (NoDaLiDa), T\'{o}rshavn, Faroe Islands, May 22nd-24th, 2023. [v2]: added funding acknowledgments ... Report Faroe Islands DataCite Metadata Store (German National Library of Science and Technology) Faroe Islands Ner ENVELOPE(6.622,6.622,62.612,62.612) |
| institution |
Open Polar |
| collection |
DataCite Metadata Store (German National Library of Science and Technology) |
| op_collection_id |
ftdatacite |
| language |
unknown |
| topic |
Cryptography and Security cs.CR Artificial Intelligence cs.AI Computation and Language cs.CL Software Engineering cs.SE FOS Computer and information sciences |
| spellingShingle |
Cryptography and Security cs.CR Artificial Intelligence cs.AI Computation and Language cs.CL Software Engineering cs.SE FOS Computer and information sciences Høst, Anders Mølmen Lison, Pierre Moonen, Leon Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database ... |
| topic_facet |
Cryptography and Security cs.CR Artificial Intelligence cs.AI Computation and Language cs.CL Software Engineering cs.SE FOS Computer and information sciences |
| description |
Knowledge graphs have shown promise for several cybersecurity tasks, such as vulnerability assessment and threat analysis. In this work, we present a new method for constructing a vulnerability knowledge graph from information in the National Vulnerability Database (NVD). Our approach combines named entity recognition (NER), relation extraction (RE), and entity prediction using a combination of neural models, heuristic rules, and knowledge graph embeddings. We demonstrate how our method helps to fix missing entities in knowledge graphs used for cybersecurity and evaluate the performance. ... : Accepted for publication in the 24th Nordic Conference on Computational Linguistics (NoDaLiDa), T\'{o}rshavn, Faroe Islands, May 22nd-24th, 2023. [v2]: added funding acknowledgments ... |
| format |
Report |
| author |
Høst, Anders Mølmen Lison, Pierre Moonen, Leon |
| author_facet |
Høst, Anders Mølmen Lison, Pierre Moonen, Leon |
| author_sort |
Høst, Anders Mølmen |
| title |
Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database ... |
| title_short |
Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database ... |
| title_full |
Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database ... |
| title_fullStr |
Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database ... |
| title_full_unstemmed |
Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database ... |
| title_sort |
constructing a knowledge graph from textual descriptions of software vulnerabilities in the national vulnerability database ... |
| publisher |
arXiv |
| publishDate |
2023 |
| url |
https://dx.doi.org/10.48550/arxiv.2305.00382 https://arxiv.org/abs/2305.00382 |
| long_lat |
ENVELOPE(6.622,6.622,62.612,62.612) |
| geographic |
Faroe Islands Ner |
| geographic_facet |
Faroe Islands Ner |
| genre |
Faroe Islands |
| genre_facet |
Faroe Islands |
| op_rights |
Creative Commons Attribution 4.0 International https://creativecommons.org/licenses/by/4.0/legalcode cc-by-4.0 |
| op_doi |
https://doi.org/10.48550/arxiv.2305.00382 |
| _version_ |
1768386778502266880 |