Integrating Knowledge Graphs with Retrieval-Augmented Generation to Automate IoT Device Security Compliance
| dc.contributor.author | Islam, Mohammad | |
| dc.contributor.author | Elluri, Lavanya | |
| dc.contributor.author | Joshi, Karuna | |
| dc.date.accessioned | 2025-07-09T17:54:47Z | |
| dc.date.issued | 2025-06-14 | |
| dc.description | The 2025 IEEE International Conference on Intelligence and Security Informatics, JULY 12-13, 2025, HONG KONG, CHINA | |
| dc.description.abstract | As IoT device adoption grows, ensuring cybersecurity compliance with IoT standards, like National Institute of Standards and Technology Interagency (NISTIR) 8259A, has become increasingly complex. These standards are typically presented in lengthy, text-based formats that are difficult to process and query automatically. We built a knowledge graph to address this challenge to represent the key concepts, relationships, and references within NISTIR 8259A. We further integrate this knowledge graph with RetrievalAugmented Generation (RAG) techniques that can be used by large language models (LLMs) to enhance the accuracy and contextual relevance of information retrieval. Additionally, we evaluate the performance of RAG using both graph-based queries and vector database embeddings. Our framework, implemented in Neo4j, was tested using multiple LLMs, including LLAMA2, Mistral-7B, and GPT-4. Our findings show that combining knowledge graphs with RAG significantly improves query precision and contextual relevance compared to unstructured vector-based retrieval methods. While traditional rule-based compliance tools were not evaluated in this study, our results demonstrate the advantages of structured, graphdriven querying for security standards like NISTIR 8259A. | |
| dc.description.sponsorship | This work was partially funded by the National Science Foundation (NSF) award 2310844, IUCRC Phase II UMBC: Center for Accelerated Real-Time Analytics (CARTA) and by NSF award 2348147. We express our gratitude to colleagues whose insights and expertise significantly contributed to the research. | |
| dc.description.uri | https://ebiquity.umbc.edu/_file_directory_/papers/1432.pdf | |
| dc.format.extent | 6 pages | |
| dc.genre | conference papers and proceedings | |
| dc.genre | preprints | |
| dc.identifier | doi:10.13016/m29jgj-sdsk | |
| dc.identifier.uri | http://hdl.handle.net/11603/39214 | |
| dc.language.iso | en_US | |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Information Systems Department | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | |
| dc.subject | UMBC Ebiquity Researh Group | |
| dc.subject | UMBC Knowledge, Analytics, Cognitive and Cloud Computing (KnACC) lab | |
| dc.subject | UMBC Cybersecurity Institute | |
| dc.title | Integrating Knowledge Graphs with Retrieval-Augmented Generation to Automate IoT Device Security Compliance | |
| dc.type | Text | |
| dcterms.creator | https://orcid.org/0000-0002-6354-1686 | |
| dcterms.creator | https://orcid.org/0000-0001-8024-6980 |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- 1432IntegratingKnowledgeGraphswith.pdf
- Size:
- 470.39 KB
- Format:
- Adobe Portable Document Format