Abstract
Interpreting cyber-knowledge is challenging due to the data heterogeneity issues typical to data aggregation from disparate data sources. This chapter demonstrates knowledge graph-based techniques to capture and reason over provenance for communication networks at different levels of granularity, thereby getting the best of both worlds, structured data representation and provenance-awareness, at the same time.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
The term was popularized by Google when introducing their proprietary knowledge base, Google Knowledge Graph, in 2012 to enhance the value of information returned by Google Web Search queries based on aggregating data from unstructured, semistructured, and structured data sources (Sikos 2015).
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
This is common due to (1) the different naming conventions used by the various data sources, such as routing messages and router configuration files, and (2) some graph nodes are initially blank because of the unavailability of the proper/descriptive name.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
This is because there are many vulnerabilities related to each attack type.
- 16.
- 17.
- 18.
References
Akoglu L, Tong H, Koutra D (2014) Graph based anomaly detection and description: a survey. Data Min Knowl Disc 29(3):626–688. https://doi.org/10.1007/s10618-014-0365-y
Alqahtani SS, Eghan EE, Rilling J (2016) Tracing known security vulnerabilities in software repositories—a Semantic Web enabled modeling approach. Sci Comput Program 121:153–175. https://doi.org/10.1016/j.scico.2016.01.005
Asamoah C, Tao L, Gai K, Jiang N (2016) Powering filtration process of cyber security ecosystem using knowledge graph. In: Qiu M, Tao L, Niu J (eds) Proceedings of the 3rd International Conference on Cyber Security and Cloud Computing (CSCloud). IEEE Computer Society, Los Alamitos, pp 240–246. https://doi.org/10.1109/CSCloud.2016.36
Böhm F, Menges F, Pernul G (2018) Graph-based visual analytics for cyber threat intelligence. Cybersecurity 1(1), 16. https://doi.org/10.1186/s42400-018-0017-4
Chabot Y, Bertaux A, Nicolle C, Kechadi T (2015) An ontology-based approach for the reconstruction and analysis of digital incidents timelines. Digit Investig 15:83–100. https://doi.org/10.1016/j.diin.2015.07.005
Chein M, Mugnier ML (2015) Graph-based knowledge representation: computational foundations of conceptual graphs. Springer, London. https://doi.org/10.1007/978-1-84800-286-9
Chhetri SR, Wan J, Canedo A, Faruque MAA (2019) Design automation using structural graph convolutional neural networks. In: Faruque MAA, Canedo A (eds) Design automation of cyber-physical systems. Springer, Cham, chap 9, pp 237–259. https://doi.org/10.1007/978-3-030-13050-3_9
Chowdhury FARR, Ma C, Islam MR, Namaki MH, Faruk MO, Doppa JR (2017) Select-and-evaluate: a learning framework for large-scale knowledge graph search. In: Zhang ML, Noh YK (eds) Proceedings of machine learning research. PMLR, Cambridge, vol 77, pp 129–144. http://proceedings.mlr.press/v77/chowdhury17a/chowdhury17a.pdf
Du M, Jiang J, Jiang Z, Lu Z, Du X (2019) PRTIRG: a knowledge graph for people-readable threat intelligence recommendation. In: Douligeris C, Karagiannis D, Apostolou D (eds) Knowledge science, engineering and management. Springer, Cham, pp 47–59. https://doi.org/10.1007/978-3-030-29551-6_5
Gong L, Tian Y (2020) Threat modeling for cyber range: an ontology-based approach. In: Liang Q, Liu X, Na Z, Wang W, Mu J, Zhang B (eds) Communications, signal processing, and systems. Springer, Singapore, pp 1055–1062. https://doi.org/10.1007/978-981-13-6508-9_128
Grangel-González I, Halilaj L, Vidal ME, Rana O, Lohmann S, Auer S, Müller AW (2018) Knowledge graphs for semantically integrating cyber-physical systems. In: Hartmann S, Ma H, Hameurlain A, Pernul G, Wagner RR (eds) Database and expert systems applications. Springer, Cham, pp 184–199. https://doi.org/10.1007/978-3-319-98809-2_12
Guzzo A, Pugliese A, Rullo A, Saccà D (2014) Intrusion detection with hypergraph-based attack models. In: Croitoru M, Rudolph S, Woltran S, Gonzales C (eds) Graph structures for knowledge representation and reasoning. Springer, Cham, pp 58–73. https://doi.org/10.1007/978-3-319-04534-4_5
Iannacone M, Bohn S, Nakamura G, Gerth J, Huffer K, Bridges R, Ferragut E, Goodall J (2015) Developing an ontology for cyber security knowledge graphs. In: Trien JP (ed) Proceedings of the 10th Annual Cyber and Information Security Research Conference, ACM, New York. https://doi.org/10.1145/2746266.2746278
Jagtap SS, Sriram VSS (2019) Subtree hypergraph-based attack detection model for signature matching over SCADA HMI. In: Sriram VSS, Subramaniyaswamy V, Sasikaladevi N, Zhang L, Batten L, Li G (eds) Applications and techniques in information security. Springer, Singapore, pp 173–184. https://doi.org/10.1007/978-981-15-0871-4_13
Jia Y, Qi Y, Shang H, Jiang R, Li A (2018) A practical approach to constructing a knowledge graph for cybersecurity. Engineering 4(1):53–60. https://doi.org/10.1016/j.eng.2018.01.004
Kem O, Balbo F, Zimmermann A, Nagellen P (2017) Multi-goal pathfinding in cyber-physical-social environments: Multi-layer search over a semantic knowledge graph. Procedia Comput Sci 112:741–750. https://doi.org/10.1016/j.procs.2017.08.162
Kiesling E, Ekelhart A, Kurniawan K, Ekaputra F (2019) The SEPSES knowledge graph: an integrated resource for cybersecurity. In: Ghidini C, Hartig O, Maleshkova M, Svátek V, Cruz I, Hogan A, Song J, Lefrançois M, Gandon F (eds) The Semantic Web—ISWC 2019. Springer, Cham, pp 198–214. https://doi.org/10.1007/978-3-030-30796-7_13
Kurniawan K (2018) Semantic query federation for scalable security log analysis. In: Gangemi A, Gentile AL, Nuzzolese AG, Rudolph S, Maleshkova M, Paulheim H, Pan JZ, Alam M (eds) The Semantic Web: ESWC 2018 satellite events. Springer, Cham, pp 294–303. https://doi.org/10.1007/978-3-319-98192-5_48
Liu B, Zhu X, Wu J, Yao L (2020) Rule reduction after knowledge graph mining for cyber situational awareness analysis. Procedia Comput Sci 176:22–30. https://doi.org/10.1016/j.procs.2020.08.003
Margitus M, Tauer G, Sudit M (2015) RDF versus attributed graphs: the war for the best graph representation. In: Proceedings of the 18th International Conference on Information Fusion. IEEE, New York, pp 200–2006
Noel S, Harley E, Tam KH, Limiero M, Share M (2016) CyGraph: graph-based analytics and visualization for cybersecurity. In: Gudivada VN, Raghavan VV, Govindaraju V, Rao CR (eds) Cognitive computing: theory and applications, chap 4, pp 117–167. https://doi.org/10.1016/bs.host.2016.07.001
Philp D, Chan N, Mayer W (2019a) Network path estimation in uncertain data via entity resolution. In: Le TD, Ong KL, Zhao Y, Jin WH, Wong S, Liu L, Williams G (eds) Data mining. Springer, Singapore, pp 196–207. https://doi.org/10.1007/978-981-15-1699-3_16
Philp D, Chan N, Sikos LF (2019b) Decision support for network path estimation via automated reasoning. In: Czarnowski I, Howlett RJ, Jain LC (eds) Intelligent decision technologies 2019. Springer, Singapore, pp 335–344. https://doi.org/10.1007/978-981-13-8311-3_29
Privat G, Abbas A (2019) “Cyber-Physical graphs” vs. RDF graphs. https://www.w3.org/Data/events/data-ws-2019/assets/position/Gilles%20Privat.html. W3C Workshop on Web Standardization for Graph Data
Privat G, Coupaye T, Bolle S, Raipin-Parvedy P (2019) WoT graph as multiscale digital-twin for cyber-physical systems-of-systems. https://www.w3.org/WoT/ws-2019/Presentations%20-%20Day%202/Future%20Work/10_WoT%20Graph%20as%20Multiscale%20Digital-Twin_2019-06-05_WoT_G.Privat.pdf. 2nd W3C Web of Things Workshop, Munich, Germany
Qi G, Chen H, Liu K, Wang H, Ji Q, Wu T (2020) Knowledge graph. Springer, Singapore
Robinson I, Webber J, Eifrem E (2015) The labeled property graph model. In: Graph databases: new opportunities for connected data, 2nd edn. O’Reilly Media, New York
Sheth A, Padhee S, Gyrard A (2020) Knowledge graphs and knowledge networks: the story in brief. IEEE Internet Comput 23:67–75. https://doi.org/10.1109/MIC.2019.2928449
Sikos LF (2015) Google knowledge graph and knowledge vault, in: Mastering structured data on the Semantic Web Apress, pp 200–205. https://doi.org/10.1007/978-1-4842-1049-9_8
Sikos LF (2016) A novel approach to multimedia ontology engineering for automated reasoning over audiovisual LOD datasets. In: Nguyen NT, Trawiski B, Fujita H, Hong TP (eds) Intelligent information and database systems. Springer, Heidelberg, pp 3–12. https://doi.org/10.1007/978-3-662-49381-6_1
Sikos LF (2017) Description logics in multimedia reasoning. Springer, Cham. https://doi.org/10.1007/978-3-319-54066-5
Sikos LF (ed) (2018a) AI in cybersecurity. Springer, Cham. https://doi.org/10.1007/978-3-319-98842-9
Sikos LF (2018b) Handling uncertainty and vagueness in network knowledge representation for cyberthreat intelligence. In: Proceedings of the 2018 IEEE International Conference on Fuzzy Systems. IEEE, New York. https://doi.org/10.1109/FUZZ-IEEE.2018.8491686
Sikos LF (2019) Knowledge representation to support partially automated honeypot analysis based on Wireshark packet capture files. In: Czarnowski I, Howlett RJ, Jain LC (eds) Intelligent Decision Technologies 2019. Springer, Singapore, pp 335–344. https://doi.org/10.1007/978-981-13-8311-3_30
Sikos LF (2020a) AI in digital forensics: ontology engineering for cybercrime investigations. WIREs Forensic Science, p e1394. https://doi.org/10.1002/wfs2.1394
Sikos LF (2020b) AI-powered cybersecurity: from automated threat detection to adaptive defense. CISO MAG 4(5):74–87
Sikos LF (2020c) Packet analysis for network forensics: a comprehensive survey. Forensic Sci. Int. Digit. Investig. 32C:200, 892. https://doi.org/10.1016/j.fsidi.2019.200892
Sikos LF, Choo KKR (eds) (2020) Data science in cybersecurity and cyberthreat intelligence. Springer, Cham. https://doi.org/10.1007/978-3-030-38788-4
Sikos LF, Philp D (2020) Provenance-aware knowledge representation: a survey of data models and contextualized knowledge graphs. Data Sci Eng. https://doi.org/10.1007/s41019-020-00118-0
Sikos LF, Philp D, Voigt S, Howard C, Stumptner M, Mayer W (2018a) Provenance-aware LOD datasets for detecting network inconsistencies. In: Capadisli S, Cotton F, Giménez-García JM, Haller A, Kalampokis E, Nguyen V, Sheth A, Troncy R (eds) Joint Proceedings of the International Workshops on Contextualized Knowledge Graphs, and Semantic Statistics Co-Located with 17th International Semantic Web Conference, RWTH Aachen University, Aachen. http://ceur-ws.org/Vol-2317/article-03.pdf
Sikos LF, Stumptner M, Mayer W, Howard C, Voigt S, Philp D (2018b) Automated reasoning over provenance-aware communication network knowledge in support of cyber-situational awareness. In: Liu W, Giunchiglia F, Yang B (eds) Knowledge science, engineering and management. Springer, Cham, pp 132–143. https://doi.org/10.1007/978-3-319-99247-1_12
Sikos LF, Stumptner M, Mayer W, Howard C, Voigt S, Philp D (2018c) Representing conceptualized dynamic network knowledge for cyber-situational awareness. In: Cañas AJ, Reiska P, Zea C, Novak JD (eds) Proceedings of the 8th International Conference on Concept Mapping: Renewing Learning and Thinking, p 396
Sikos LF, Stumptner M, Mayer W, Howard C, Voigt S, Philp D (2018d) Representing network knowledge using provenance-aware formalisms for cyber-situational awareness. Procedia Comput Sci 126C:29–38. https://doi.org/10.1016/j.procs.2018.07.206
Sikos LF, Stumptner M, Mayer W, Howard C, Voigt S, Philp D (2018e) Summarizing network information for cyber-situational awareness via cyber-knowledge integration. AOC 2018 Convention, Adelaide, Australia, 30–May 2018
Wang W, Jiang R, Jia Y, Li A, Chen Y (2017) KGBIAC: knowledge graph based intelligent alert correlation framework. In: Wen S, Wu W, Castiglione A (eds) Cyberspace Safety and Security. Springer, Cham, pp 523–530. https://doi.org/10.1007/978-3-319-69471-9_41
Wu S, Zhang Y, Cao W (2017) Network security assessment using a semantic reasoning and graph-based approach. Comput Electr Eng 64:96–109. https://doi.org/10.1016/j.compeleceng.2017.02.001
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Sikos, L.F. (2021). Contextualized Knowledge Graphs in Communication Network and Cyber-Physical System Modeling. In: Sikos, L.F., Seneviratne, O.W., McGuinness, D.L. (eds) Provenance in Data Science. Advanced Information and Knowledge Processing. Springer, Cham. https://doi.org/10.1007/978-3-030-67681-0_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-67681-0_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-67680-3
Online ISBN: 978-3-030-67681-0
eBook Packages: Computer ScienceComputer Science (R0)