Abstrakti
Information on cyber-related crimes, incidents, and conflicts is abundantly available in numerous open online sources. However, processing large volumes and streams of data is a challenging task for the analysts and experts, and entails the need for newer methods and techniques. In this article we present and implement a novel knowledge graph and knowledge mining framework for extracting the relevant information from free-form text about incidents in the cyber domain. The computational framework includes a machine learning-based pipeline for generating graphs of organizations, countries, industries, products and attackers with a non-technical cyber-ontology. The extracted knowledge graph is utilized to estimate the incidence of cyberattacks within a given graph configuration. We use publicly available collections of real cyber-incident reports to test the efficacy of our methods. The knowledge extraction is found to be sufficiently accurate, and the graph-based threat estimation demonstrates a level of correlation with the actual records of attacks. In practical use, an analyst utilizing the presented framework can infer additional information from the current cyber-landscape in terms of the risk to various entities and its propagation between industries and countries.
Alkuperäiskieli | Englanti |
---|---|
Artikkeli | 1714 |
Sivut | 1-13 |
Sivumäärä | 13 |
Julkaisu | Scientific Reports |
Vuosikerta | 13 |
Numero | 1 |
DOI - pysyväislinkit | |
Tila | Julkaistu - jouluk. 2023 |
OKM-julkaisutyyppi | A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä |
Sormenjälki
Sukella tutkimusaiheisiin 'Knowledge mining of unstructured information: application to cyber domain'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.Laitteet
Lehtileikkeet
-
Aalto University School of Science and Technology Reports Findings in Technology (Knowledge mining of unstructured information: application to cyber domain)
13/02/2023
1 kohde/ Medianäkyvyys
Lehdistö/media: Esiintyminen mediassa