Information Prediction using Knowledge Graphs for Contextual Malware Threat Intelligence

02/10/2021
by   Nidhi Rastogi, et al.
0

Large amounts of threat intelligence information about mal-ware attacks are available in disparate, typically unstructured, formats. Knowledge graphs can capture this information and its context using RDF triples represented by entities and relations. Sparse or inaccurate threat information, however, leads to challenges such as incomplete or erroneous triples. Named entity recognition (NER) and relation extraction (RE) models used to populate the knowledge graph cannot fully guaran-tee accurate information retrieval, further exacerbating this problem. This paper proposes an end-to-end approach to generate a Malware Knowledge Graph called MalKG, the first open-source automated knowledge graph for malware threat intelligence. MalKG dataset called MT40K1 contains approximately 40,000 triples generated from 27,354 unique entities and 34 relations. We demonstrate the application of MalKGin predicting missing malware threat intelligence information in the knowledge graph. For ground truth, we manually curate a knowledge graph called MT3K, with 3,027 triples generated from 5,741 unique entities and 22 relations. For entity prediction via a state-of-the-art entity prediction model(TuckER), our approach achieves 80.4 for the hits@10 metric (predicts the top 10 options for missing entities in the knowledge graph), and 0.75 for the MRR (mean reciprocal rank). We also propose a framework to automate the extraction of thousands of entities and relations into RDF triples, both manually and automatically, at the sentence level from1,100 malware threat intelligence reports and from the com-mon vulnerabilities and exposures (CVE) database.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

02/10/2021

Malware Knowledge Graph Generation

Cyber threat and attack intelligence information are available in non-st...
09/03/2021

Ontology-driven Knowledge Graph for Android Malware

We present MalONT2.0 – an ontology for malware threat intelligence <cit....
10/31/2018

DOLORES: Deep Contextualized Knowledge Graph Embeddings

We introduce a new method DOLORES for learning knowledge graph embedding...
06/25/2020

SPIDER: Selective Plotting of Interconnected Data and Entity Relations

Intelligence analysts have long struggled with an abundance of data that...
09/16/2021

Context-aware Entity Typing in Knowledge Graphs

Knowledge graph entity typing aims to infer entities' missing types in k...
01/22/2021

A shallow neural model for relation prediction

Knowledge graph completion refers to predicting missing triples. Most ap...
03/05/2021

Interactively Constructing Knowledge Graphs from Messy User-Generated Spreadsheets

When spreadsheets are filled freely by knowledge workers, they can conta...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.