Linked Data for Software Security Concepts and Vulnerability Descriptions

Abstract

The Web is often the first source of information to track software vulnerabilities, exploits and cyber attacks. An important source is information found in text from security bulletins, vulnerability databases, news reports, cybersecurity blogs and Internet chat rooms. However, the data representation and interpretation of such unstructured text pose certain limitations on the automation of vulnerability management, and obtaining further contextual information from other related resources. We present an automatic framework that generates and publishes a RDF linked data resource for software security concepts and vulnerability descriptions. Vulnerability descriptions from the National Vulnerability Database (NVD) are aligned with concepts from parallel repositories such as the Common Weakness Enumeration and Common Platform Enumeration. These concepts are represented in RDF using relevant concepts from a custom ontology that models the relationships between classes and entities for the cybersecurity domain. The unstructured sources of information from the NVD are then mapped to related concepts from DBpedia using object properties from the ontology. This system leverages paradigms of the Semantic Web to effectively process unstructured text into a rich resource of machine-understandable information. The RDF linked cybersecurity data collection will make it possible for applications to look up metadata and facilitate searching. Our results demonstrate an effective model for linking key security concepts to relevant resources on the Web. We outline the use of Linked Data technologies to facilitate consumption of information related to security exploits that can be further used for vulnerability identification, mitigation and prevention efforts.

Document Details

Document Type

Technical Report

Publication Date

Jul 01, 2013

Accession Number

ADA594341

Entities

Tags