보안 취약점 데이터 기반 보안 지식 그래프 구축 및 확장

Abstract

Construction and Expansion of a Security Knowledge Graph Based on Vulnerability Data HyunJin An Advisor : Prof. JunHo Choi, Ph.D Industrial Technology and Entrepreneurship Chosun University Recently, various studies are being conducted to build and apply knowledge graphs from text data. In the security field, the need for knowledge graphs is increasing to respond to new security vulnerabilities. There is a lot of research going on to create a security knowledge graph. However, because security vulnerabilities continue to arise, updating the security knowledge graph is essential. Therefore, in this paper, it will be suggested a method to 1) cluster of Vulnerability data based on text similarity and delete less relevant data, 2) extract Relation Triples from Vulnerability data using the REBEL model, 3) expand the knowledge graph using Google News data related to Entities. The expanded knowledge graph is expected to increase accuracy in tasks such as link prediction. In the experiment of this paper, Four embedding models, "ComplEx", "TransE", "DistMult", and "HolE", were trained using the generated knowledge graph. Afterwards, it was evaluated using the “MMR”, “MR”, and “Hits@N”. As a result, the “HolE” model showed the highest performance. Also it was confirmed that the expansion of the knowledge graph increases the performance of the embedding model.