Structuring Security: A Survey of Cybersecurity Ontologies, Semantic Log Processing, and LLMs Application

• URL: http://arxiv.org/abs/2510.16610v1
• Date: Sat, 18 Oct 2025 18:21:33 GMT
• Title: Structuring Security: A Survey of Cybersecurity Ontologies, Semantic Log Processing, and LLMs Application
• Authors: Bruno Lourenço, Pedro Adão, João F. Ferreira, Mario Monteiro Marques, Cátia Vaz,
• Abstract summary: Survey investigates how semantic log processing, and Large Language Models (LLMs) enhance cybersecurity.<n>LLMs enrich this process by providing contextual understanding and extracting insights from unstructured content.
• Score: 1.4453491813936405
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: This survey investigates how ontologies, semantic log processing, and Large Language Models (LLMs) enhance cybersecurity. Ontologies structure domain knowledge, enabling interoperability, data integration, and advanced threat analysis. Security logs, though critical, are often unstructured and complex. To address this, automated construction of Knowledge Graphs (KGs) from raw logs is emerging as a key strategy for organizing and reasoning over security data. LLMs enrich this process by providing contextual understanding and extracting insights from unstructured content. This work aligns with European Union (EU) efforts such as NIS 2 and the Cybersecurity Taxonomy, highlighting challenges and opportunities in intelligent ontology-driven cyber defense.

Related papers

• Advances and Frontiers of LLM-based Issue Resolution in Software Engineering: A Comprehensive Survey [59.3507264893654]
  Issue resolution is a complex Software Engineering task integral to real-world development.<n> benchmarks like SWE-bench revealed this task as profoundly difficult for large language models.<n>This paper presents a systematic survey of this emerging domain.
  arXiv  Detail & Related papers  (2026-01-15T18:55:03Z)
• A Survey on Cloud-Edge-Terminal Collaborative Intelligence in AIoT Networks [49.90474228895655]
  Cloud-edge-terminal collaborative intelligence (CETCI) is a fundamental paradigm within the artificial intelligence of things (AIoT) community.<n>CETCI has made significant progress with emerging AIoT applications, moving beyond isolated layer optimization to deployable collaborative intelligence systems.<n>This survey describes foundational architectures, enabling technologies, and scenarios of CETCI paradigms, offering a tutorial-style review for CISAIOT beginners.
  arXiv  Detail & Related papers  (2025-08-26T08:38:01Z)
• Information Security Based on LLM Approaches: A Review [3.292159069489852]
  Large language models (LLMs) have shown a broad application prospect in the field of information security.<n>Based on neural networks and Transformer architecture, this paper analyzes the technical basis of large language models.<n>It is shown that the introduction of large language modeling helps to improve the detection accuracy and reduce the false alarm rate of security systems.
  arXiv  Detail & Related papers  (2025-07-24T09:09:36Z)
• KnowCoder-V2: Deep Knowledge Analysis [64.63893361811968]
  We propose a textbfKnowledgeable textbfDeep textbfResearch (textbfKDR) framework that empowers deep research with deep knowledge analysis capability.<n>It introduces an independent knowledge organization phase to preprocess large-scale, domain-relevant data into systematic knowledge offline.<n>It then extends deep research with an additional kind of reasoning steps that perform complex knowledge computation in an online manner.
  arXiv  Detail & Related papers  (2025-06-07T18:01:25Z)
• From Texts to Shields: Convergence of Large Language Models and Cybersecurity [15.480598518857695]
  This report explores the convergence of large language models (LLMs) and cybersecurity.<n>It examines emerging applications of LLMs in software and network security, 5G vulnerability analysis, and generative security engineering.
  arXiv  Detail & Related papers  (2025-05-01T20:01:07Z)
• A Survey on (M)LLM-Based GUI Agents [62.57899977018417]
  Graphical User Interface (GUI) Agents have emerged as a transformative paradigm in human-computer interaction.<n>Recent advances in large language models and multimodal learning have revolutionized GUI automation across desktop, mobile, and web platforms.<n>This survey identifies key technical challenges, including accurate element localization, effective knowledge retrieval, long-horizon planning, and safety-aware execution control.
  arXiv  Detail & Related papers  (2025-03-27T17:58:31Z)
• Reasoning Under Threat: Symbolic and Neural Techniques for Cybersecurity Verification [0.0]
  This survey presents a comprehensive overview of the role of automated reasoning in cybersecurity.<n>We examine SOTA tools and frameworks, explore integrations with AI for neural-symbolic reasoning, and highlight critical research gaps.<n>The paper concludes with a set of well-grounded future research directions, aiming to foster the development of secure systems.
  arXiv  Detail & Related papers  (2025-03-27T11:41:53Z)
• CTINexus: Automatic Cyber Threat Intelligence Knowledge Graph Construction Using Large Language Models [49.657358248788945]
  Textual descriptions in cyber threat intelligence (CTI) reports are rich sources of knowledge about cyber threats.<n>Current CTI knowledge extraction methods lack flexibility and generalizability.<n>We propose CTINexus, a novel framework for data-efficient CTI knowledge extraction and high-quality cybersecurity knowledge graph (CSKG) construction.
  arXiv  Detail & Related papers  (2024-10-28T14:18:32Z)
• StructRAG: Boosting Knowledge Intensive Reasoning of LLMs via Inference-time Hybrid Information Structurization [94.31508613367296]
  Retrieval-augmented generation (RAG) is a key means to effectively enhance large language models (LLMs) We propose StructRAG, which can identify the optimal structure type for the task at hand, reconstruct original documents into this structured format, and infer answers based on the resulting structure. Experiments show that StructRAG achieves state-of-the-art performance, particularly excelling in challenging scenarios.
  arXiv  Detail & Related papers  (2024-10-11T13:52:44Z)
• A Deep Learning Approach for Ontology Enrichment from Unstructured Text [2.932750332087746]
  Existing information vulnerabilities on attacks, controls, and advisories available on the web provide an opportunity to represent and perform security analytics. Ontology enrichment algorithms based on natural language processing and ML models have issues with contextual extraction of concepts in words, phrases, and sentences. Bidirectional LSTMs trained on a large DB dataset and Wikipedia corpus of 2.8 GB along with Universal Sentence is deployed to enrich ISO-based information security.
  arXiv  Detail & Related papers  (2021-12-16T01:32:21Z)
• OntoEnricher: A Deep Learning Approach for Ontology Enrichment from Unstructured Text [2.707154152696381]
  Existing information on vulnerabilities, controls, and advisories available on the web provides an opportunity to represent knowledge and perform analytics to mitigate some of the concerns. This necessitates dynamic and automated enrichment of information security. Existing ontology enrichment algorithms based on natural processing and ML models have issues with the contextual extraction of concepts in words, phrases and sentences.
  arXiv  Detail & Related papers  (2021-02-08T09:43:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.