An Overview of Cybersecurity Knowledge Graphs Mapped to the MITRE ATT&CK Framework Domains
| dc.contributor.author | Bolton, Joshua | |
| dc.contributor.author | Elluri, Lavanya | |
| dc.contributor.author | Joshi, Karuna | |
| dc.date.accessioned | 2023-08-30T19:15:09Z | |
| dc.date.available | 2023-08-30T19:15:09Z | |
| dc.date.issued | 2023-11-01 | |
| dc.description | IEEE International conference on Intelligence and Security Informatics (ISI 2023); Charlotte, North Carolina, USA; October 2 – 3, 2023 | en_US |
| dc.description.abstract | A large volume of cybersecurity-related data sets are generated daily from systems following disparate protocols and standards. It is humanly impossible for cybersecurity experts to manually sieve through these large data sets, with different schema and metadata, to determine potential attacks or issues. A myriad of applications and tool sets are offered to automate the analysis of large cyber data sets. Semantic Web’s community has been studying the field of cybersecurity for over a decade and produced numerous knowledge graphs and frameworks. The Unified Cybersecurity Ontology (UCO) connected many of the leading knowledge representation frameworks, providing a holistic mapping of cyber data, beginning in 2016. MITRE ATT&CK is used by a wide variety of practitioners to understand how their current data and tooling prepare them to defend against both Advanced Persistent Threats (APTs) and less formal threat actors. The UCO and MITRE ATT&CK have provided researchers and practitioners, respectively, with tools to standardize data collection, correlation, and analysis. However, it is not apparent how current knowledge graphs and their applications in the cybersecurity domain utilize ATT&CK. In this paper, we present the results of our study on whether current cybersecurity knowledge graphs have mapped the main MITRE ATT&CK matrices. | en_US |
| dc.description.sponsorship | This research was partially supported by the NSF award 1747724, Phase I IUCRC UMBC: Center for Accelerated Real time Analytics (CARTA). The authors would like to thank Jessica Bolton for expertise in professional writing for this manuscript. | en_US |
| dc.description.uri | https://ieeexplore.ieee.org/document/10297134 | en_US |
| dc.format.extent | 6 pages | en_US |
| dc.genre | conference papers and proceedings | en_US |
| dc.genre | preprints | en_US |
| dc.identifier | doi:10.13016/m2duhr-dvve | |
| dc.identifier.citation | Bolton, Joshua, Lavanya Elluri, and Karuna Pande Joshi. “An Overview of Cybersecurity Knowledge Graphs Mapped to the MITRE ATT&CK Framework Domains.” In 2023 IEEE International Conference on Intelligence and Security Informatics (ISI), 01–06, 2023. https://doi.org/10.1109/ISI58743.2023.10297134. | |
| dc.identifier.uri | https://doi.org/10.1109/ISI58743.2023.10297134 | |
| dc.language.iso | en_US | en_US |
| dc.publisher | IEEE | |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Information Systems Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.relation.ispartof | UMBC Center for Accelerated Real Time Analysis | |
| dc.rights | © 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | en_US |
| dc.subject | UMBC Ebiquity Research Group | en_US |
| dc.title | An Overview of Cybersecurity Knowledge Graphs Mapped to the MITRE ATT&CK Framework Domains | en_US |
| dc.type | Text | en_US |
| dcterms.creator | https://orcid.org/0000-0002-6354-1686 | en_US |