Privacy Inference on Knowledge Graphs: Hardness and Approximation

“…For example, a core node for linking, and mediating between, cybersecurity Linked Open Data (LOD) KOSes in the LOD Cloud 36 is the Unified Cybersecurity Ontology (UCO). It defines typed connections between STIX, CAPEC, 37 MAEC, 38 CWE, 39 CVE, 40 CVSS, 41 Cybox, 42 CPE, 43 OpenIOC, 44 STUCCO, Mobile Access Control, and the Cloud User Ontology terms [61]. VulOntology 45 is a vulnerability ontology that defines the relationship between vulnerabilities and applications, platforms, and weaknesses [44].…”

“…This can be particularly useful if information about a threat actor is extracted from multiple sources and then subsequently fused and represented as a single knowledge graph. 36 https://lod-cloud.net 37 Common Attack Pattern Enumeration and Classification, https://capec.mitre.org 38 Malware Attribute Enumeration and Characterization, https://maecproject.github.io 39 Common Weakness Enumeration, https://cwe.mitre.org 40 Common Vulnerabilities and Exposures, https://cve.mitre.org 41 Common Vulnerability Scoring System, https://www.first.org/cvss/ 42 Cyber Observable eXpression, https://cyboxproject.github.io 43 Common Platform Enumeration, https://nvd.nist.gov/products/cpe 44 Open Indicators of Compromise, https://github.com/mandiant/OpenIOC_1.1 45…”

“…By modeling attackers' background knowledge in a knowledge graph, the sensitive information not disclosed yet can be inferred from implicit knowledge can be approximated [43]. The four core cases are 1) an attacker can infer the relationship of two persons based on shared attributes, 2) an attacker can infer whether a user has a specific attribute based on a relationships of the person has that attribute, 3) an attacker can infer the relationship of two persons who are both connected to a third person, and 4) an attacker can infer a property of a person based on the dependency of the property on another property.…”

Cybersecurity knowledge graphs

“…For example, a core node for linking, and mediating between, cybersecurity Linked Open Data (LOD) KOSes in the LOD Cloud 36 is the Unified Cybersecurity Ontology (UCO). It defines typed connections between STIX, CAPEC, 37 MAEC, 38 CWE, 39 CVE, 40 CVSS, 41 Cybox, 42 CPE, 43 OpenIOC, 44 STUCCO, Mobile Access Control, and the Cloud User Ontology terms [61]. VulOntology 45 is a vulnerability ontology that defines the relationship between vulnerabilities and applications, platforms, and weaknesses [44].…”

“…This can be particularly useful if information about a threat actor is extracted from multiple sources and then subsequently fused and represented as a single knowledge graph. 36 https://lod-cloud.net 37 Common Attack Pattern Enumeration and Classification, https://capec.mitre.org 38 Malware Attribute Enumeration and Characterization, https://maecproject.github.io 39 Common Weakness Enumeration, https://cwe.mitre.org 40 Common Vulnerabilities and Exposures, https://cve.mitre.org 41 Common Vulnerability Scoring System, https://www.first.org/cvss/ 42 Cyber Observable eXpression, https://cyboxproject.github.io 43 Common Platform Enumeration, https://nvd.nist.gov/products/cpe 44 Open Indicators of Compromise, https://github.com/mandiant/OpenIOC_1.1 45…”

“…By modeling attackers' background knowledge in a knowledge graph, the sensitive information not disclosed yet can be inferred from implicit knowledge can be approximated [43]. The four core cases are 1) an attacker can infer the relationship of two persons based on shared attributes, 2) an attacker can infer whether a user has a specific attribute based on a relationships of the person has that attribute, 3) an attacker can infer the relationship of two persons who are both connected to a third person, and 4) an attacker can infer a property of a person based on the dependency of the property on another property.…”

Cybersecurity knowledge graphs

Constructing knowledge graphs and their biomedical applications

Event Co-reference Disambiguation with Enhanced Semantics of Multi-layer Attention