Studies on semantic information retrieval techniques for cybersecurity information

• Project/Area Number: 24700083
• Research Category: Grant-in-Aid for Young Scientists (B)
• Allocation Type: Multi-year Fund
• Research Field: Computer system/Network
• Research Institution: National Institute of Information and Communications Technology
• Principal Investigator: Takahashi Takeshi 国立研究開発法人情報通信研究機構, ネットワークセキュリティ研究所セキュリティアーキテクチャ研究室, 主任研究員 (50600160)
• Project Period (FY): 2012-04-01 – 2016-03-31
• Project Status: Completed (Fiscal Year 2015)
• Budget Amount: ¥4,290,000 (Direct Cost: ¥3,300,000、Indirect Cost: ¥990,000); Fiscal Year 2014: ¥2,210,000 (Direct Cost: ¥1,700,000、Indirect Cost: ¥510,000); Fiscal Year 2013: ¥650,000 (Direct Cost: ¥500,000、Indirect Cost: ¥150,000); Fiscal Year 2012: ¥1,430,000 (Direct Cost: ¥1,100,000、Indirect Cost: ¥330,000)
• Keywords: ディスカバリ / サイバーセキュリティ / 知識ベース / 検索 / データ表現 / cybersecurity / discovery / knowledge base / information sharing / data model / knowledge management / ontology / security / セキュリティ情報 / XML / RDF / 情報構造 / 署名 / データベース / オントロジ / XSLT

Outline of Final Research Achievements

In this four years of research, we have studied on the technique that identifies and discovers needed and trustful security information from the web in order to facilitate the efficient security information exchange beyond the borders of organizations. During this study, we proposed a semantic data structure that maintains future extensibility. With the data structure, we built a knowledge base, which delivers information to the entities that need it. To demonstrate the usability of the technique, I have introduced a system that automatically idenftifies vulnerability of IT asset within an Intranet. Based on these study, we conclude that the proposed technique and the knowledge base are viable and useful for the purpose of advancing cybersecurity information exchange and automation.

Research Products

• [Journal Article] Reference Ontology for Cybersecurity Operational Information (2014)
  • Author(s): Takeshi Takahashi, Youki Kadobayashi
  • Journal Title: Computer Journal Volume: n/a Issue: 10 Pages: 2297-2312
  • DOI: 10.1093/comjnl/bxu101
  • Peer Reviewed / Open Access / Acknowledgement Compliant
• [Presentation] Structured Cybersecurity Information Exchange for Streamlining Incident Response Operations (2016)
  • Author(s): Takeshi Takahashi, Daisuke Miyamoto
  • Organizer: IEEE/IFIP Network Operations and Management Symposium
  • Place of Presentation: Istanbul, Turkey
  • Year and Date: 2016-04-25
  • Int'l Joint Research
• [Presentation] Toward Automated Vulnerability Monitoring using Open Information and Standardized Tools (2016)
  • Author(s): Takeshi Takahashi, Daisuke Miyamoto, Koji Nakao
  • Organizer: IEEE International Conference on Pervasive Computing and Communications
  • Place of Presentation: Sydney, Australia
  • Year and Date: 2016-03-13
  • Int'l Joint Research
• [Presentation] Mechanism for Linking and Discovering Structured Cybersecurity Information over Networks (2014)
  • Author(s): Takeshi Takahashi, Youki Kadobayashi
  • Organizer: IEEE International Conference on Semantic Computing
  • Place of Presentation: Newport Beach, CA
  • Year and Date: 2014-06-16
• [Presentation] インターネット上に存在するサイバーセキュリティ情報のディスカバリ技術に関する検討 (2012)
  • Author(s): 高橋健志 門林雄基 高野祐輝
  • Organizer: 電子情報通信学会 信学技報
  • Place of Presentation: 北海道工業大学, 北海道
• [Presentation] Linking Cybersecurity Knowledge: Cybersecurity Information Discovery Mechanism (2012)
  • Author(s): Takeshi Takahashi, Youki Kadobahashi, Yuuki Takano
  • Organizer: ACSAC poster
  • Place of Presentation: Buena Vista Palace Hotel & Spa, Orlando, USA
• [Remarks] SCI-Discovery Engineの構築
  • URL: http://cybex.nict.go.jp/discovery_impl.html