Integration of Frame Semantics to Cyber Ontologies

Description

Cyber ontologies such as STIX and ATT&CK can represent complex relationships between cyber threat actors, attacks and infrastructure. While such representations are conducive to interoperability between systems, they are often unwieldy for human cyber analysts to deal with directly. Conversely, Natural language generation (NLG) frameworks like FrameNet represent language in a structured manner, but frame specifications are often not specific enough for specialized domains (such as cyber security). Leveraging and combining the semantic structure of both forms can create a tool that can translate cyber threat data in standard interoperable formats (such as STIX) to human-readable reports, via existing NLG frameworks. Working on a project such as this provides an opportunity for significant impact, as the fusion of these two structures could greatly increase both the adoption and the utility of cyber threat ontologies.

Students

• Folk Narongrit

• Carol Varkey

• Francis Sun

Advisors

• Jeremy Abramson

Skills Required by the team

• Python
• NLP
• Data Science
• OSINT
• Cybersecurity