An Overview of Cybersecurity Knowledge Graphs Mapped to the MITRE ATT&CK Framework Domains
| dc.contributor.author | Bolton, Joshua | |
| dc.contributor.author | Elluri, Lavanya | |
| dc.contributor.author | Joshi, Karuna | |
| dc.date.accessioned | 2023-08-30T19:15:09Z | |
| dc.date.available | 2023-08-30T19:15:09Z | |
| dc.date.issued | 2023-10-03 | |
| dc.description | IEEE International conference on Intelligence and Security Informatics (ISI 2023); Charlotte, North Carolina, USA; October 2 – 3, 2023 | en_US |
| dc.description.abstract | A large volume of cybersecurity-related data sets are generated daily from systems following disparate protocols and standards. It is humanly impossible for cybersecurity experts to manually sieve through these large data sets, with different schema and metadata, to determine potential attacks or issues. A myriad of applications and tool sets are offered to automate the analysis of large cyber data sets. Semantic Web’s community has been studying the field of cybersecurity for over a decade and produced numerous knowledge graphs and frameworks. The Unified Cybersecurity Ontology (UCO) connected many of the leading knowledge representation frameworks, providing a holistic mapping of cyber data, beginning in 2016. MITRE ATT&CK is used by a wide variety of practitioners to understand how their current data and tooling prepare them to defend against both Advanced Persistent Threats (APTs) and less formal threat actors. The UCO and MITRE ATT&CK have provided researchers and practitioners, respectively, with tools to standardize data collection, correlation, and analysis. However, it is not apparent how current knowledge graphs and their applications in the cybersecurity domain utilize ATT&CK. In this paper, we present the results of our study on whether current cybersecurity knowledge graphs have mapped the main MITRE ATT&CK matrices. | en_US |
| dc.description.sponsorship | This research was partially supported by the NSF award 1747724, Phase I IUCRC UMBC: Center for Accelerated Real time Analytics (CARTA). The authors would like to thank Jessica Bolton for expertise in professional writing for this manuscript. | en_US |
| dc.description.uri | https://ebiquity.umbc.edu/paper/html/id/1073/An-Overview-of-Cybersecurity-Knowledge-Graphs-Mapped-to-the-MITRE-ATT-CK-Framework-Domains | en_US |
| dc.format.extent | 6 pages | en_US |
| dc.genre | conference papers and proceedings | en_US |
| dc.genre | preprints | en_US |
| dc.identifier | doi:10.13016/m2duhr-dvve | |
| dc.identifier.uri | http://hdl.handle.net/11603/29450 | |
| dc.language.iso | en_US | en_US |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Information Systems Department Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.relation.ispartof | UMBC Center for Accelerated Real Time Analysis | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | en_US |
| dc.subject | UMBC Ebiquity Research Group | en_US |
| dc.title | An Overview of Cybersecurity Knowledge Graphs Mapped to the MITRE ATT&CK Framework Domains | en_US |
| dc.type | Text | en_US |
| dcterms.creator | https://orcid.org/0000-0002-6354-1686 | en_US |