UMBC ebiquity
Proceedings of the 7th IEEE International Conference on Semantic Computing
Extracting cybersecurity related linked data from text
September 16, 2013
The Web is typically our first source of information about new software vulnerabilities, exploits, and cyber-attacks. Information is found in semi-structured vulnerability databases as well as in text from security bulletins, news reports, cybersecurity blogs, and Internet chat rooms. It can be useful to cybersecurity systems if there is a way to recognize and extract relevant information and represent it as easily shared and integrated semantic data. We describe such an automatic framework that generates and publishes a RDF linked data representation of cybersecurity concepts and vulnerability descriptions extracted from the National Vulnerability Database and from text sources. A CRF-based system is used to identify cybersecurity-related entities, concepts and relations in text, which are then represented using custom ontologies for the cybersecurity domain and also mapped to objects in the DBpedia knowledge base. The resulting cybersecurity-linked data collection can be used for many purposes, including automating early vulnerability identification, mitigation, and prevention efforts.
