Information Prediction using Knowledge Graphs for Contextual Malware Threat Intelligence

by   Nidhi Rastogi, et al.

Large amounts of threat intelligence information about mal-ware attacks are available in disparate, typically unstructured, formats. Knowledge graphs can capture this information and its context using RDF triples represented by entities and relations. Sparse or inaccurate threat information, however, leads to challenges such as incomplete or erroneous triples. Named entity recognition (NER) and relation extraction (RE) models used to populate the knowledge graph cannot fully guaran-tee accurate information retrieval, further exacerbating this problem. This paper proposes an end-to-end approach to generate a Malware Knowledge Graph called MalKG, the first open-source automated knowledge graph for malware threat intelligence. MalKG dataset called MT40K1 contains approximately 40,000 triples generated from 27,354 unique entities and 34 relations. We demonstrate the application of MalKGin predicting missing malware threat intelligence information in the knowledge graph. For ground truth, we manually curate a knowledge graph called MT3K, with 3,027 triples generated from 5,741 unique entities and 22 relations. For entity prediction via a state-of-the-art entity prediction model(TuckER), our approach achieves 80.4 for the hits@10 metric (predicts the top 10 options for missing entities in the knowledge graph), and 0.75 for the MRR (mean reciprocal rank). We also propose a framework to automate the extraction of thousands of entities and relations into RDF triples, both manually and automatically, at the sentence level from1,100 malware threat intelligence reports and from the com-mon vulnerabilities and exposures (CVE) database.



There are no comments yet.


page 1

page 2

page 3

page 4


Malware Knowledge Graph Generation

Cyber threat and attack intelligence information are available in non-st...

Ontology-driven Knowledge Graph for Android Malware

We present MalONT2.0 – an ontology for malware threat intelligence <cit....

DOLORES: Deep Contextualized Knowledge Graph Embeddings

We introduce a new method DOLORES for learning knowledge graph embedding...

SPIDER: Selective Plotting of Interconnected Data and Entity Relations

Intelligence analysts have long struggled with an abundance of data that...

Context-aware Entity Typing in Knowledge Graphs

Knowledge graph entity typing aims to infer entities' missing types in k...

A shallow neural model for relation prediction

Knowledge graph completion refers to predicting missing triples. Most ap...

Interactively Constructing Knowledge Graphs from Messy User-Generated Spreadsheets

When spreadsheets are filled freely by knowledge workers, they can conta...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.