research-article

The analysis method of security vulnerability based on the knowledge graph

Authors:

Quanqiang Miao,

Wei WangAuthors Info & Claims

ICCNS '20: Proceedings of the 2020 10th International Conference on Communication and Network Security

Pages 135 - 145

https://doi.org/10.1145/3442520.3442535

Published: 13 March 2021 Publication History

Abstract

Given the increasingly prominent network security issues, it is of great significance to deeply analyze the vulnerability of network space software and hardware resources. Although the existing Common Vulnerabilities and Exposures (CVE) security vulnerability database contains a wealth of vulnerability information, the information is poorly readable, the potential correlation is difficult to express intuitively, and the degree of visualization is insufficient. To solve the current problems, a method of constructing a knowledge graph of CVE security vulnerabilities is proposed. By acquiring raw data, ontology modeling, data extraction and import, the knowledge graph is imported into the Neo4j graph database to complete the construction of the CVE knowledge graph. Based on the knowledge graph, the in-depth analysis is performed from the cause dimension, time dimension and association dimension, and the results are displayed visually. Experiments show that this analysis method can intuitively and effectively mine the intrinsic value of CVE security vulnerability data.

References

[1]

Guo, M.; Wang, J.A. An ontology-based approach to model common vulnerabilities and exposures in information security. ASEE Southest Section Conference, 2009.

[2]

Qin, S.; Chow, K. Automatic Analysis and Reasoning Based on Vulnerability Knowledge Graph. In CyberspaceData and Intelligence, and Cyber-Living, Syndrome,and Health; Springer, 2019; pp. 3–19.

[3]

Mittal, S.; Joshi, A.; Finin, T. Thinking, fast and slow: Combining vector spaces and knowledge graphs. arXivpreprintarXiv:1708.03310 2017.

[4]

Gong, F.; Ma, Y.; Gong, W.; Li, X.; Li, C.; Yuan, X. Neo4j graph database realizes efficient storage performance of oilfield ontology. PloS one 2018, 13, e0207595.

[5]

Konno, T.; Huang, R.; Ban, T.; Huang, C. Goods recommendation based on retail knowledge in a Neo4j graph database combined with an inference mechanism implemented in jess. 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). IEEE, 2017, pp. 1–8.

[6]

Aritonang, E.M.; Seminar, K.B.; Wahjuni, S.; Purbo, O.W.; others. Modelling Ontology and Semantic Network of Regulation in Customs and Excise. TELKOMNIKA Telecommunication Computing Electronics andControl 2017, 15, 1934–1942.

[7]

Booth, H.; Rike, D.; Witte, G. The national vulnerability database (nvd): Overview. Technical report, National Institute of Standards and Technology, 2013.

[8]

Özkan, S. Cve details. Retrieved 2017, 16, 2017.

[9]

Martin, R.A. Common weakness enumeration. MitreCorporation 2007.

[10]

Mell, P.; Scarfone, K.; Romanosky, S. A complete guide to the common vulnerability scoring system version 2.0. Published by FIRST-forum of incident response and security teams, 2007, Vol. 1, p. 23.

[11]

Singhal, A. Introducing the knowledge graph: things, not strings. Official google blog 2012, 5.

[12]

Jia, Y.; Qi, Y.; Shang, H.; Jiang, R.; Li, A. A practical approach to constructing a knowledge graph for cybersecurity. Engineering 2018, 4, 53–60.

[13]

Asamoah, C.; Tao, L.; Gai, K.; Jiang, N. Powering filtration process of cyber security ecosystem using knowledge graph. 2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud). IEEE, 2016, pp. 240–246.

[14]

Iannacone, M.; Bohn, S.; Nakamura, G.; Gerth, J.; Huffer, K.; Bridges, R.; Ferragut, E.; Goodall, J. Developing an ontology for cyber security knowledge graphs. Proceedings of the 10th Annual Cyber and Information Security Research Conference, 2015, pp. 1–4.

Digital Library

[15]

Noel, S.; Harley, E.; Tam, K.H.; Limiero, M.; Share, M. CyGraph: graph-based analytics and visualization for cybersecurity. In Handbook of Statistics; Elsevier, 2016; Vol. 35, pp. 117–167.

[16]

Miller,J.J.GraphdatabaseapplicationsandconceptswithNeo4j. ProceedingsoftheSouthernAssociation for Information Systems Conference, Atlanta, GA, USA, 2013, Vol. 2324. 17. Bowman, M.; Debray, S.K.; Peterson, L.L. Reasoning about naming systems. ACM Transactions on ProgrammingLanguages and Systems (TOPLAS) 1993, 15, 795–825.

Cited By

Shi ZMatyunin NGraffi KStarobinski D(2024)Uncovering CWE-CVE-CPE Relations with Threat Knowledge GraphsACM Transactions on Privacy and Security10.1145/364181927:1(1-26)Online publication date: 5-Feb-2024
https://dl.acm.org/doi/10.1145/3641819
Wu XWeng SZheng BZheng WChen XSun X(2024)NG_MDERANK: A software vulnerability feature knowledge extraction method based on N‐gram similarityJournal of Software: Evolution and Process10.1002/smr.2727Online publication date: 27-Aug-2024
https://doi.org/10.1002/smr.2727
Cheng JTan XWang HWang JJiang XJin Z(2023)Network Vulnerability Assessment based on Knowledge Graph2023 9th International Conference on Big Data Computing and Communications (BigCom)10.1109/BIGCOM61073.2023.00015(48-55)Online publication date: 4-Aug-2023
https://doi.org/10.1109/BIGCOM61073.2023.00015
Show More Cited By

Recommendations

STIX-based Network Security Knowledge Graph Ontology Modeling Method
ICGDA '20: Proceedings of the 2020 3rd International Conference on Geoinformatics and Data Analysis

Network security incidents are complex and unstructured, making them difficult to understand and share. In this paper, we analyzes the commonality between structured threat information representation (STIX) and network security domain knowledge, and ...
Threat Analysis of IoT Security Knowledge Graph Based on Confidence
Emerging Technologies for Education
Abstract
The identification, analysis and application of vulnerabilities and weaknesses exposed after attacks on devices in the IoT security field are imminent. It is very important to combine the concepts of IoT security and knowledge graph to build the ...
Graph colouring via the discharging method

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICCNS '20: Proceedings of the 2020 10th International Conference on Communication and Network Security

November 2020

145 pages

ISBN:9781450389037

DOI:10.1145/3442520

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 March 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICCNS 2020

ICCNS 2020: 2020 the 10th International Conference on Communication and Network Security

November 27 - 29, 2020

Tokyo, Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
433
Total Downloads

Downloads (Last 12 months)83
Downloads (Last 6 weeks)14

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Shi ZMatyunin NGraffi KStarobinski D(2024)Uncovering CWE-CVE-CPE Relations with Threat Knowledge GraphsACM Transactions on Privacy and Security10.1145/364181927:1(1-26)Online publication date: 5-Feb-2024
https://dl.acm.org/doi/10.1145/3641819
Wu XWeng SZheng BZheng WChen XSun X(2024)NG_MDERANK: A software vulnerability feature knowledge extraction method based on N‐gram similarityJournal of Software: Evolution and Process10.1002/smr.2727Online publication date: 27-Aug-2024
https://doi.org/10.1002/smr.2727
Cheng JTan XWang HWang JJiang XJin Z(2023)Network Vulnerability Assessment based on Knowledge Graph2023 9th International Conference on Big Data Computing and Communications (BigCom)10.1109/BIGCOM61073.2023.00015(48-55)Online publication date: 4-Aug-2023
https://doi.org/10.1109/BIGCOM61073.2023.00015
Yin JChen GHong WWang HCao JMiao Y(2023)Empowering Vulnerability Prioritization: A Heterogeneous Graph-Driven Framework for Exploitability PredictionWeb Information Systems Engineering – WISE 202310.1007/978-981-99-7254-8_23(289-299)Online publication date: 21-Oct-2023
https://doi.org/10.1007/978-981-99-7254-8_23
Shi ZMatyunin NGraffi KStarobinski D(2022)Uncovering Product Vulnerabilities with Threat Knowledge Graphs2022 IEEE Secure Development Conference (SecDev)10.1109/SecDev53368.2022.00028(84-90)Online publication date: Oct-2022
https://doi.org/10.1109/SecDev53368.2022.00028

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Figures

Tables

Media

View Table of Conten