UMBC ebiquity

Extracting Information about Security Vulnerabilities from Web Text

Authors: Varish Mulwad, Wenjia Li, Anupam Joshi, Tim Finin, and Krishnamurthy Viswanathan

Book Title: Proceedings of the Web Intelligence for Information Security Workshop

Date: August 22, 2011

Abstract: The Web is an important source of information about computer security threats, vulnerabilities and cyber-attacks. We present initial work on developing a framework to detect and extract information about vulnerabilities and attacks from Web text. Our prototype system uses Wikitology, a general purpose knowledge base derived from Wikipedia, to extract concepts that describe specific vulnerabilities and attacks, map them to related concepts from DBpedia and generate machine understandable assertions. Such a framework will be useful in adding structure to already existing vulnerability descriptions as well as detecting new ones. We evaluate our approach against vulnerability descriptions from the National Vulnerability Database. Our results suggest that it can be useful in monitoring streams of text from social media or chat rooms to identify potential new attacks and vulnerabilities or to collect data on the spread and volume of existing ones.

Type: InProceedings

Publisher: IEEE Computer Society Press

Tags: security, cybersecurity, information extraction, wikitology

Google Scholar: search

Number of downloads: 2107

 

Available for download as


size: 239827 bytes
 

Related Projects:

Past Project

 Semantic Situational Awareness for Intrusion Detection.