Podrobný výpis o publikaci
2024
Theory and Practice of Cybersecurity Knowledge Graphs and Further Steps
HUSÁK, MartinZákladní údaje
Originální název
Theory and Practice of Cybersecurity Knowledge Graphs and Further Steps
Autoři
HUSÁK, Martin
Vydání
ARES 2024: The 19th International Conference on Availability, Reliability and Security, 2024
Další údaje
Jazyk
angličtina
Typ výsledku
Vyžádané přednášky
Utajení
není předmětem státního či obchodního tajemství
Odkazy
Organizace
Ústav výpočetní techniky – Masarykova univerzita – Repozitář
Klíčová slova anglicky
cybersecurity;knowledge graph;decision support;situational awareness
Návaznosti
CZ.02.01.01/00/22_010/0003229, interní kód Repo. EH22_010/0003229, projekt VaV.
Změněno: 6. 8. 2024 00:50, RNDr. Daniel Jakubík
Anotace
V originále
The keynote surveys the growing adoption of knowledge graphs in cybersecurity and explores their potential in cybersecurity research and practice. By structuring and interlinking vast amounts of cybersecurity data, knowledge graphs offer increasing capabilities for incident response and cyber situational awareness. They enable a holistic view of the protected cyber infrastructures and threat landscapes, facilitating advanced analytics, automated reasoning, vulnerability management, and attack mitigation. We expect the cybersecurity knowledge graphs to assist incident handlers in day-to-day cybersecurity operations as well as strategic network security management. We may see emerging tools for decision support based on knowledge graphs that will leverage continuous data collection. A knowledge graph filled with the right data at the right time can significantly reduce the workload of incident handlers. We may even see rapid changes in incident handling tools and workflows leveraging the knowledge graphs, especially when combined with emerging technologies of generative AI and large language models that will facilitate interactions with the knowledge bases or generate reports of security situations. However, the implementation of cybersecurity knowledge graphs is challenging. Ensuring the quality of the underlying data is a serious concern for researchers and practitioners. Only accurate, complete, and updated data can ensure the reliability of the knowledge graph, leading to good insights and decisions. Additionally, the dynamic nature of cyber threats necessitates continuous data updates and rigorous validation processes.