UMBC ebiquity

Linked Data for Software Security Concepts and Vulnerability Descriptions

Authors: Arnav Joshi

Date: July 22, 2013

Abstract: The Web is typically our first source of information about new software vulnerabilities, exploits and cyber-attacks. Information is found in semi-structured vulnerability databases as well as in text from security bulletins, news reports, cybersecurity blogs and Internet chat rooms. It can be useful to cybersecurity systems if there is a way to recognize and extract relevant information and represent it as easily shared and integrated semantic data. We describe such an automatic framework that generates and publishes a RDF linked data representation of cybersecurity concepts and vulnerability descriptions extracted from the National Vulnerability Database and other text sources. Entities, relations and concepts are represented using custom ontologies for the cybersecurity domain and also mapped to objects in the DBpedia knowledge base, producing a rich resource of machine-understandable linked data. The resulting cybersecurity linked data collection can be used for many purposes, including automating early vulnerability identification, mitigation and prevention efforts.

Type: MastersThesis

Editors: Arnav Joshi

Publisher: University of Maryland Baltimore County

Tags: linked data, cybersecurity, rdf, nvd, cve, ontology

Google Scholar: search

Number of downloads: 771


Available for download as

size: 720840 bytes