Abstract
Ransomware is constantly being developed on underground marketplaces, and spreads through Internet, causing damage to individuals’ and businesses’ data. The purpose of this study is to investigate the current issue related to knowledge graphs on ransomware attacks using Twitter data. To Construct a knowledge graph from informal text, three steps need to be followed. Namely, data collection and cleaning, entity extraction, and relation extraction. Although Natural Language Processing techniques are widely used for text representation and modeling, there exist some limitations related to the lack of a dedicated Named Entity recognizer for extracting Ransomware-related entities from unstructured data such as text. Therefore, this article relies on using the ontology approach to construct a ransomware knowledge graph from unstructured data. An improvement to the ontology is done to make it fit the ransomware attack representation based on data captured from the tweets. The Knowledge Graph was developed by extracting relations between entities. In the end, the accuracy of the Knowledge Graph was evaluated using the formal method.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Rastogi, N., Dutta, S., Zaki, M.J., Gittens, A., Aggarwal, C.: MALOnt: an ontology for malware threat intelligence. In: Wang, G., Ciptadi, A., Ahmadzadeh, A. (eds.) MLHat 2020. CCIS, vol. 1271, pp. 28–44. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-59621-7_2
Noy, N.F., Mcguinness, D.L.: Ontology development 101: a guide to creating your first ontology (2001). www.unspsc.org
Olaimat, M.N., Maarof, M.A., Al-rimy, B.A.S.: Ransomware anti-analysis and evasion techniques: A survey and research directions. In: 2021 3rd International Cyber Resilience Conference (CRC), pp. 1–6. IEEE, January 2021
Mittal, S., Das, P.K., Mulwad, V., Joshi, A., Finin, T.: CyberTwitter: using Twitter to generate alerts for cybersecurity threats and vulnerabilities. In: Proceedings of the 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, ASONAM 2016, Nov. 2016, pp. 860–867 (2016). https://doi.org/10.1109/ASONAM.2016.7752338
Virmani, C., Pillai, A., Juneja, D.: Extracting information from social network using NLP (2017). http://www.ripublication.com
Maseer, Z.K., Yusof, R., Mostafa, S.A., Bahaman, N., Musa, O., Al-rimy, B.A.S.: DeepIoT. IDS: hybrid deep learning for enhancing IoT network intrusion detection. CMC-Comput. Mater. Contin. 69(3), 3945–3966 (2021)
Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection (2003)
Dutta, S., Rastogi, N., Yee, D., Gu, C., Ma, Q.: Malware Knowledge Graph Generation (2021). https://brat.nlplab.org/
Piplai, S. Mittal, A. Joshi, T. Finin, J. Holt, and R. Zak, “Creating Cybersecurity Knowledge Graphs from Malware after Action Reports,” IEEE Access, vol. 8, pp. 211691–211703, 2020, doi: https://doi.org/10.1109/ACCESS.2020.3039234
Pingle, A., Piplai, A., Mittal, S., Joshi, A., Holt, J., Zak, R.: RelExt: relation extraction using deep learning approaches for cybersecurity knowledge graph improvement (2019)
Urooj, U., Maarof, M.A.B., Al-rimy, B.A.S.: A proposed adaptive pre-encryption crypto-ransomware early detection model. In: 2021 3rd International Cyber Resilience Conference (CRC), pp. 1–6. IEEE, January 2021
Ahmed, Y.A., Koçer, B., Huda, S., Al-rimy, B.A.S., Hassan, M.M.: A system call refinement-based enhanced minimum redundancy maximum relevance method for ransomware early detection. J. Netw. Comput. Appl. 167, 102753 (2020)
Ariffini, N., Zainal, Maarof, A., Kassim, M.N.: Cyber Resilience Conference (CRC). IEEE, 2018 (2018)
Christian, R., Dutta, S., Park, Y., Rastogi, N.: An Ontology-driven, Dynamic Knowledge Graph for Android Malware; An Ontology-driven, Dynamic Knowledge Graph for Android Malware (2021). https://doi.org/10.1145/3460120
Miller, G.A., Beckwith, R., Fellbaum, C., Gross, D., Miller, K.J.: Introduction to wordnet: an on-line lexical database. Int. J. Lexicogr. 3(4), 235–244 (1990). https://doi.org/10.1093/ijl/3.4.235
Ahmed, Y.A., et al.: A weighted minimum redundancy maximum relevance technique for ransomware early detection in industrial IoT. Sustainability 14(3), 1231 (2022)
Tseng, H., Chang, P., Andrew, G., Jurafsky, D., Manning, C.: A Conditional Random Field Word Segmenter for Sighan Bakeoff 2005 (2005)
Awad, M., Khanna, R.: Support vector machines for classification. In: Efficient Learning Machines Theories, Concepts, and Applications for Engineers and System Designers, pp. 39–66. Apress Berkeley, CA (2015). https://doi.org/10.1007/978-1-4302-5990-9_3
Rish, R.I.: An Empirical Study of the NaĂŻve Bayes Classifier Predicting conversion to psychosis in clinical high risk patients using resting-state functional MRI features View project Clinical Machine Learning based on Cardiorespiratory models and simulation View project An empirical study of the naive Bayes classifier (2021). https://www.researchgate.net/publication/228845263
Ali, M., et al.: PyKEEN 1.0: A Python Library for Training and Evaluating Knowledge Graph Embeddings (2021). http://jmlr.org/papers/v22/20-825.html
Gao, J., Li, X., Xu, Y.E., Sisman, B., Dong, X.L., Yang, J.: Efficient Knowledge Graph Accuracy Evaluation (Technical Report Version) *. Efficient Knowledge Graph Accuracy Evaluation. PVLDB, vol. 12, pp. xxxx-yyyy (2019). https://doi.org/10.14778/xxxxxxx.xxxxxxx
Acknowledgment
The authors would like to thank UNITAR for the support of the publication of this paper. Additionally, This project was funded by UTM Transdiciplinary Research Grant number PY/2018/03477. The authors would like to than UTM for the support provided.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Assaggaf, A.M.A., Al-Rimy, B.A., Ismail, N.L., Al-Nahari, A. (2023). Development of Graph-Based Knowledge on Ransomware Attacks Using Twitter Data. In: Wah, Y.B., Berry, M.W., Mohamed, A., Al-Jumeily, D. (eds) Data Science and Emerging Technologies. DaSET 2022. Lecture Notes on Data Engineering and Communications Technologies, vol 165. Springer, Singapore. https://doi.org/10.1007/978-981-99-0741-0_12
Download citation
DOI: https://doi.org/10.1007/978-981-99-0741-0_12
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-0740-3
Online ISBN: 978-981-99-0741-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)