Detailed Information on Publication Record
2024
Theory and Practice of Cybersecurity Knowledge Graphs and Further Steps
HUSÁK, MartinBasic information
Original name
Theory and Practice of Cybersecurity Knowledge Graphs and Further Steps
Authors
HUSÁK, Martin
Edition
ARES 2024: The 19th International Conference on Availability, Reliability and Security, 2024
Other information
Language
English
Type of outcome
Vyžádané přednášky
Confidentiality degree
není předmětem státního či obchodního tajemství
References:
Organization
Ústav výpočetní techniky – Repository – Repository
Keywords in English
cybersecurity;knowledge graph;decision support;situational awareness
Links
CZ.02.01.01/00/22_010/0003229, interní kód Repo. EH22_010/0003229, research and development project.
Změněno: 6/8/2024 00:50, RNDr. Daniel Jakubík
Abstract
V originále
The keynote surveys the growing adoption of knowledge graphs in cybersecurity and explores their potential in cybersecurity research and practice. By structuring and interlinking vast amounts of cybersecurity data, knowledge graphs offer increasing capabilities for incident response and cyber situational awareness. They enable a holistic view of the protected cyber infrastructures and threat landscapes, facilitating advanced analytics, automated reasoning, vulnerability management, and attack mitigation. We expect the cybersecurity knowledge graphs to assist incident handlers in day-to-day cybersecurity operations as well as strategic network security management. We may see emerging tools for decision support based on knowledge graphs that will leverage continuous data collection. A knowledge graph filled with the right data at the right time can significantly reduce the workload of incident handlers. We may even see rapid changes in incident handling tools and workflows leveraging the knowledge graphs, especially when combined with emerging technologies of generative AI and large language models that will facilitate interactions with the knowledge bases or generate reports of security situations. However, the implementation of cybersecurity knowledge graphs is challenging. Ensuring the quality of the underlying data is a serious concern for researchers and practitioners. Only accurate, complete, and updated data can ensure the reliability of the knowledge graph, leading to good insights and decisions. Additionally, the dynamic nature of cyber threats necessitates continuous data updates and rigorous validation processes.