all InfoSec news
Constructing a Knowledge Graph from Textual Descriptions of Software Vulnerabilities in the National Vulnerability Database. (arXiv:2305.00382v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Knowledge graphs have shown promise for several cybersecurity tasks, such as
vulnerability assessment and threat analysis. In this work, we present a new
method for constructing a vulnerability knowledge graph from information in the
National Vulnerability Database (NVD). Our approach combines named entity
recognition (NER), relation extraction (RE), and entity prediction using a
combination of neural models, heuristic rules, and knowledge graph embeddings.
We demonstrate how our method helps to fix missing entities in knowledge graphs
used for cybersecurity and …
analysis assessment cybersecurity database descriptions graphs information knowledge knowledge graph national national vulnerability database nvd software software vulnerabilities threat threat analysis vulnerabilities vulnerability vulnerability assessment vulnerability database work