A set of semantic data flow diagrams and its security analysis based on
ontologies and knowledge graphs
- URL: http://arxiv.org/abs/2303.11198v1
- Date: Mon, 20 Mar 2023 15:26:07 GMT
- Title: A set of semantic data flow diagrams and its security analysis based on
ontologies and knowledge graphs
- Authors: Andrei Brazhuk
- Abstract summary: This work considers two challenges: creating a set of machine-readable data flow diagrams that represent real cloud based applications; and usage domain specific knowledge for automatic analysis of the security aspects of such applications.
The set of 180 semantic diagrams (ontologies and knowledge graphs) is created based on cloud configurations (Docker Compose)
- Score: 0.0
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: For a long time threat modeling was treated as a manual, complicated process.
However modern agile development methodologies and cloud computing technologies
require adding automatic threat modeling approaches. This work considers two
challenges: creating a set of machine-readable data flow diagrams that
represent real cloud based applications; and usage domain specific knowledge
for automatic analysis of the security aspects of such applications. The set of
180 semantic diagrams (ontologies and knowledge graphs) is created based on
cloud configurations (Docker Compose); the set includes a manual taxonomy that
allows to define the design and functional aspects of the web based and data
processing applications; the set can be used for various research in the threat
modeling field. This work also evaluates how ontologies and knowledge graphs
can be used to automatically recognize patterns (mapped to security threats) in
diagrams. A pattern represents features of a diagram in form of a request to a
knowledge base, what enables its recognition in a semantic representation of a
diagram. In an experiment four groups of the patterns are created (web
applications, data processing, network, and docker specific), and the diagrams
are examined by the patterns. Automatic results, received for the web
applications and data processing patterns, are compared with the manual
taxonomy in order to study challenges of automatic threat modeling.
Related papers
- From Pixels to Insights: A Survey on Automatic Chart Understanding in the Era of Large Foundation Models [98.41645229835493]
Data visualization in the form of charts plays a pivotal role in data analysis, offering critical insights and aiding in informed decision-making.
Large foundation models, such as large language models, have revolutionized various natural language processing tasks.
This survey paper serves as a comprehensive resource for researchers and practitioners in the fields of natural language processing, computer vision, and data analysis.
arXiv Detail & Related papers (2024-03-18T17:57:09Z) - Graph models for Cybersecurity -- A Survey [0.0]
We evaluate the current state of research for representing and analysing cyber-attack using graph models.
We propose a taxonomy on attack graph formalisms, based on 70 models.
Our taxonomy is especially designed to help users and applied researchers identify a suitable AG model.
arXiv Detail & Related papers (2023-11-16T17:45:49Z) - Unleashing the Power of Graph Learning through LLM-based Autonomous
Agents [38.71102849652413]
We propose to use Large Language Models (LLMs) as autonomous agents to simplify the learning process on diverse real-world graphs.
The proposed method is dubbed Auto$2$Graph, and the comparable performance on different datasets and learning tasks.
arXiv Detail & Related papers (2023-09-08T19:34:29Z) - Representing Timed Automata and Timing Anomalies of Cyber-Physical
Production Systems in Knowledge Graphs [51.98400002538092]
This paper aims to improve model-based anomaly detection in CPPS by combining the learned timed automaton with a formal knowledge graph about the system.
Both the model and the detected anomalies are described in the knowledge graph in order to allow operators an easier interpretation of the model and the detected anomalies.
arXiv Detail & Related papers (2023-08-25T15:25:57Z) - Exploring In-Context Learning Capabilities of Foundation Models for
Generating Knowledge Graphs from Text [3.114960935006655]
This paper aims to improve the state of the art of automatic construction and completion of knowledge graphs from text.
In this context, one emerging paradigm is in-context learning where a language model is used as it is with a prompt.
arXiv Detail & Related papers (2023-05-15T17:10:19Z) - HAT-GAE: Self-Supervised Graph Auto-encoders with Hierarchical Adaptive
Masking and Trainable Corruption [0.76146285961466]
We propose a novel auto-encoder model for graph representation learning.
Our model incorporates a hierarchical adaptive masking mechanism to incrementally increase the difficulty of training.
We demonstrate the superiority of our proposed method over state-of-the-art graph representation learning models.
arXiv Detail & Related papers (2023-01-28T02:43:54Z) - Distilling Knowledge from Self-Supervised Teacher by Embedding Graph
Alignment [52.704331909850026]
We formulate a new knowledge distillation framework to transfer the knowledge from self-supervised pre-trained models to any other student network.
Inspired by the spirit of instance discrimination in self-supervised learning, we model the instance-instance relations by a graph formulation in the feature embedding space.
Our distillation scheme can be flexibly applied to transfer the self-supervised knowledge to enhance representation learning on various student networks.
arXiv Detail & Related papers (2022-11-23T19:27:48Z) - OG-SGG: Ontology-Guided Scene Graph Generation. A Case Study in Transfer
Learning for Telepresence Robotics [124.08684545010664]
Scene graph generation from images is a task of great interest to applications such as robotics.
We propose an initial approximation to a framework called Ontology-Guided Scene Graph Generation (OG-SGG)
arXiv Detail & Related papers (2022-02-21T13:23:15Z) - Software Vulnerability Detection via Deep Learning over Disaggregated
Code Graph Representation [57.92972327649165]
This work explores a deep learning approach to automatically learn the insecure patterns from code corpora.
Because code naturally admits graph structures with parsing, we develop a novel graph neural network (GNN) to exploit both the semantic context and structural regularity of a program.
arXiv Detail & Related papers (2021-09-07T21:24:36Z) - Temporal Graph Network Embedding with Causal Anonymous Walks
Representations [54.05212871508062]
We propose a novel approach for dynamic network representation learning based on Temporal Graph Network.
For evaluation, we provide a benchmark pipeline for the evaluation of temporal network embeddings.
We show the applicability and superior performance of our model in the real-world downstream graph machine learning task provided by one of the top European banks.
arXiv Detail & Related papers (2021-08-19T15:39:52Z) - Automated Diagram Generation to Build Understanding and Usability [0.0]
Causal loop and stock and flow diagrams are broadly used in System Dynamics because they help organize relationships and convey meaning.
This paper demonstrates how that information can be clearly presented in an automatically generated causal loop diagram.
arXiv Detail & Related papers (2020-05-27T22:32:16Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.