ICSE 2024
Fri 12 - Sun 21 April 2024 Lisbon, Portugal
ICSE 2024 (series) / EnCyCriS/SVM 2024 (series) / EnCyCriS/SVM 2024 /

Building a Cybersecurity Knowledge Graph with CyberGraph

Paolo Falcarin, Fabio Dainese
EnCyCriS/SVM 2024
Mon 15 Apr 2024 14:00 - 14:20 at Amadeo de Souza-Cardoso - Training, knowledge and Industrial challenges Chair(s): John Eidar Simensen

Paolo Falcarin, Fabio Dainese. Ca’ Foscari University of Venice, Italy.

Abstract:

Software engineers and security professionals rely on a variety of sources of information, including known vulnerabilities, newly identified weaknesses, and threats, as well as attack patterns and current mitigations. Such information, spread across different places, results in an increased effort for developers in following all the cross-referenced data and finding appropriate solutions to their security issues in a timely manner. Software developers cannot have a good knowledge of the breadth of the different issues and vulnerabilities that are constantly increasing in time; the raising number of security issues to tackle cannot be matched by software developers which need more help from intelligent tools. Therefore, in this work, we present CyberGraph, a tool to automatically build and update a single, easily queryable cybersecurity knowledge graph by automatically linking heterogeneous data from different public repositories. The resulting unique integrated dataset, thanks to its magnitude, allows the execution of sophisticated queries that can quickly provide new insights and valuable perspectives

Paolo Falcarin
Paolo FalcarinAuthor
Ca' Foscari University of Venice
Italy
Fabio Dainese
Fabio DaineseAuthor
Ca' Foscari University of Venice
Italy

Mon 15 Apr

Displayed time zone: Lisbon change

14:00 - 15:30
Training, knowledge and Industrial challengesEnCyCriS/SVM at Amadeo de Souza-Cardoso
Chair(s): John Eidar Simensen IFE
14:00
20m
Full-paper
Building a Cybersecurity Knowledge Graph with CyberGraph
EnCyCriS/SVM
A: Paolo Falcarin Ca' Foscari University of Venice, A: Fabio Dainese Ca' Foscari University of Venice
14:20
20m
Full-paper
Training Developers to Code Securely: Theory and Practice
EnCyCriS/SVM
A: Ita Ryan University College Cork, A: Utz Roedig University College Cork, A: Klaas-Jan Stol Lero; University College Cork; SINTEF Digital
14:40
20m
Full-paper
On DevSecOps and Risk Management in Critical Infrastructures: Practitioners´Insights on Needs and Goals
EnCyCriS/SVM
A: Xhesika Ramaj Østfold University College (HiØ) / Norwegian University of Science and Technology (NTNU), A: Mary Sánchez-Gordón Østfold University College, A: Vasileios Gkioulos NTNU, A: Ricardo Colomo-Palacios Universidad Politécnica de Madrid
15:00
20m
Full-paper
Cyber-incident Response in Industrial Control Systems: Practices and Challenges in the Petroleum Industry
EnCyCriS/SVM
A: Vahiny Gnanasekaran Norwegian University of Science and Technology NTNU, A: Maria Bartnes Norwegian University of Science and Technology NTNU, A: Tor Olav Grøtan SINTEF Digital, Poul Einar Heegaard Norwegian University of Science and Technology NTNU