International Conference on Intelligence and Security Informatics (ISI)

Cybersecurity Threat Intelligence Augmentation and Embedding Improvement - A Healthcare Usecase

, , and

The implementation of Internet of Things (IoT) devices in medical environments has introduced a growing list of security vulnerabilities and threats. The lack of an extensible big data resource that captures medical device vulnerabilities limits the use of Artificial Intelligence (AI) based cyber defense systems in capturing, detecting, and preventing known and future attacks. We describe a system that generates a repository of Cyber Threat Intelligence (CTI) about various medical devices and their known vulnerabilities from sources such as manufacturer and ICS-CERT vulnerability alerts. We augment the intelligence repository with data sources such as Wikidata and public medical databases. The combined resources are integrated with threat intelligence in our Cybersecurity Knowledge Graph (CKG) from previous research. The augmented graph embeddings are useful in querying relevant information and can help in various AI-assisted cybersecurity tasks. Given the integration of multiple resources, we found the augmented CKG produced higher-quality graph representations. The augmented CKG produced a 31% increase in the Mean Average Precision (MAP) value computed over an information retrieval task.


  • 429582 bytes

InProceedings

IEEE

Downloads: 158 downloads

UMBC ebiquity