Automated Knowledge-Based Model Component Generation and Risk Assessment System

Automated Knowledge-Based Model Component Generation and Risk Assessment System
Slide Note
Embed
Share

This system focuses on automating the analysis of cyber vulnerabilities in weapons systems by generating a vulnerability checklist based on natural language processing and connectivity models. It aims to address the challenges of assessing complex systems quickly and accurately, providing a valuable tool for cybersecurity experts.

  • Cybersecurity
  • Automated System
  • Vulnerability Assessment
  • Connectivity Models
  • Risk Assessment
prda678
prda678 Follow

Uploaded on Oct 05, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Automated Knowledge-Based Model Component Generation Ethan Trewhitt Stephen Lee-Urban, Ph.D. David Huggins Elizabeth Whitaker, Ph.D.

  2. Motivation: Test and Evaluation for Assessing Cyber Vulnerabilities Test & Evaluation groups assessing the cyber vulnerabilities of their weapons systems have major issues Large number of platforms that must be assessed Compressed completion timelines and limited availability of subject matter experts (SMEs) qualified to conduct these required assessments Skilled humans are needed provide deep insight and creative analysis to discover cyber vulnerabilities Manual process is time consuming and expensive Many research approaches have concentrated on full automation of specific analysis techniques, Result in identification of only simple vulnerabilities or fail because of the target system s complexity. 2

  3. Knowledge-based Automatic Risk Assessment (KARA) Automation of the analysis of system documentation Generation of connectivity models from extracted text relationships Will synthesize a representation of the vulnerabilities of the observed system using open vulnerability information and references (e.g. CVE Common Vulnerabilities and Exposures) Final KARA output: a vulnerability checklist to be provided in support of risk assessment for the system. 3

  4. KARA Description Human-in/on-the-loop system that uses natural language processing (NLP) techniques to examine technical documentation of cyber-physical systems as part of the initial activities of a vulnerability assessment Using syntactical and grammatical analysis extracts the names of system components and determines how they are connected Allows the user to modify and correct the model Produces a vulnerability list using the KARA-built connectivity model to examine known vulnerability lists Presents the operator with a list of potential cyber vulnerabilities for the target system 4

  5. KARA Architecture Textual Automated Relationship Abstractor (TARA) Model Construction Reasoner (MCR) Vulnerability Checklist Creator (VCC) Graph and Network Construction Components GATE Pipeline Components Graph and Network Analysis Components Document Corpus Connectivity Relationship Phrases System Vulnerability Checklist Connectivity Model 5

  6. KARA Modules Textual Automated Relationship Abstractor (TARA) analyzes system documentation and extracts connectivity relationships which serve as input to the MCR Model Construction Reasoner (MCR) creates a representative connectivity model(system Connectivity Model SCM) Vulnerability Checklist Constructor (VCC) uses domain knowledge representing vulnerabilities of similar systems to analyze connected components in the connectivity model - creates a vulnerability checklist 6

  7. System Flow TARA to extract connectivity relationships used as input to the MCR uses the open source NLP tool GATE (General Architecture for Text Engineering) extended to use other open-source NLP components GTRI developed some specialized components for KARA which are included in our GATE pipeline MCR uses data from TARA and creates a graphical system connectivity model VCC uses contents of the SCM to search the National Vulnerability Database (NVD) for applicable vulnerabilities relevant to the components and connections of the target system. 7

  8. KARA Natural Language Processing (NLP) with GATE General Architecture of Text Engineering (GATE): GATE is an open source natural language processing package. Uses a natural language processing Pipeline which will apply each of the NLP functions to the documents in an order specialized by the developer A named entity extractor to extract or highlight certain types of entities such as names, organizations, places and dates. GATE is extended through the use of Domain-specific gazetteers custom language for developing rules (JAPE) for specialized pattern- matching functions Development of specialized modules using generalized software languages 8

  9. TARA: Natural Language Processing Pipeline (GATE) Document Reset English Tokenizer Sentence Splitter Part-of-Speech Tagger Noun Phrase Chunker Hyphen Finder (JAPE) Stemmer Gazetteer Acronym Finder (JAPE) Hyphen Exporter Labeler (JAPE) Phraser (JAPE) Found Connection Phrase Exporter Gazetteer List Collector 9

  10. Grammar Patterns: Detecting Triples Patterns identified from human document analysis Relationship patterns extracted by TARA: X connects to Y : x connects y connect X to Y : x connect y connect X using Y : not a normal connection relationship, but includes *via* information X provides link to Y : x link y (noun connection word) X senses connection with Y : x connection y X will lose connection to Y : x connection y (negative connection that implies a past connection; noun connector) X is positioned near Y : x positioned y (geospatial relationship) X has something for use with Y : x use with y X is configured to work with Y : x work with y

  11. TARA: From Natural Language to Graph Model TARA NLP Output NLP connectivity relationship extraction is performed by GATE. Triples: (component, connector, component) Grammatical phrases are recognized with tags for subject, predicate, connector words Graph Connectivity Model Connectivity relationship triples are created from NLP Output

  12. Model Construction Reasoner (MCR) 12

  13. MCR Output: System Connectivity Model (Graph) 13

  14. Vulnerability Checklist Constructor (VCC) Purpose of the VCC: Identify components with potential vulnerabilities Enumerate those vulnerabilities, providing that information in the form of a final report System Connectivity Model (SCM) VCC Vulnerability Seeker Component List Expert Checklist Refinement Connection Triples Checklist Builder Inferred Knowledge Expert Input Objective: provide user with concise picture of system being evaluated and its potential vulnerability profile user may investigate each of the items on the list Additional Features Vulnerability Checklist Drafts General Knowledge Likely Vulnerability Checklist Broad Component Classes Vulnerabilities Vulnerability Database(s) 14

  15. Example Vulnerability Checklist Mockup The final vulnerability checklist is produced as either an HTML document or as a PDF. Included Details: Found component list Component connectivity model view Vulnerability matrix Vulnerability list with assessed likelihoods and basic details

  16. Summary Test & Evaluation groups assessing the cyber vulnerabilities of their systems have major issues with a manual process -- time consuming and expensive KARA research aims to mitigate this problem with: Human In/On the Loop system that uses natural-language processing (NLP) techniques to examine technical documentation of cyber-physical systems as part of the initial activities of a vulnerability assessment. Syntactical and grammatical analysis extracts the names of system components and determines how they are connected Allows the user to modify and correct the model. A vulnerability list is constructed using the KARA-built connectivity model to examine known vulnerability lists Presents the operator with a list of potential cyber vulnerabilities for the target system. KARA aims to minimize the need for human expertise during runtime There are nevertheless pieces of information that are best provided by humans 16

Related


Risk Management in Environmental Geography and Disaster Management

Risk Management in Environmental Geography and Disaster Management

duke
Introduction to Flood Risk Assessment with HEC-FDA Overview

Introduction to Flood Risk Assessment with HEC-FDA Overview

theia
Exploring the impact of automated indexing on completeness of MeSH terms

Exploring the impact of automated indexing on completeness of MeSH terms

rupert
Operational Risk Assessment for Major Accident Control: Insights from IChemE Hazards 33 Conference

Operational Risk Assessment for Major Accident Control: Insights from IChemE Hazards 33 Conference

juelz
Task Force Report on Regulatory Fitness for Automated Driving Systems

Task Force Report on Regulatory Fitness for Automated Driving Systems

annabell
E-Ticketing Requirements and Automation in Construction Projects

E-Ticketing Requirements and Automation in Construction Projects

makai
Health Risk Adjustment Models in Healthcare

Health Risk Adjustment Models in Healthcare

harlee
Project Risk Management Fundamentals: A Comprehensive Overview

Project Risk Management Fundamentals: A Comprehensive Overview

franky
Pennsylvania Risk Assessment: A Comprehensive Overview

Pennsylvania Risk Assessment: A Comprehensive Overview

maleah
Advancing Cricket Broadcast with Semi-Automated Highlight Generation

Advancing Cricket Broadcast with Semi-Automated Highlight Generation

valenzuela_e
Wholesale Storage Load Metering of Losses in Distributed Generation Battery Facility

Wholesale Storage Load Metering of Losses in Distributed Generation Battery Facility

lampkins_f
Risk Concepts and Management Strategies in Finance

Risk Concepts and Management Strategies in Finance

ybre
Risk and Return Assessment in Financial Management

Risk and Return Assessment in Financial Management

chey888
Risk Management & MPTF Portfolio Analysis at Programme Level for UN Somalia

Risk Management & MPTF Portfolio Analysis at Programme Level for UN Somalia

jud_l
Automated Essay Evaluation Systems in ESL Education

Automated Essay Evaluation Systems in ESL Education

runa_821
Impact of Shared Automated Vehicles on Transportation System Performance

Impact of Shared Automated Vehicles on Transportation System Performance

huck_867
Risk Analysis in Environmental Management: A Comprehensive Overview

Risk Analysis in Environmental Management: A Comprehensive Overview

trisp
Advances in Fall Risk Assessment and Management for Older Adults

Advances in Fall Risk Assessment and Management for Older Adults

pyle_i
Enhancing Risk Assessment for Sovereign Bond Spreads with Macroeconomic News Sentiment

Enhancing Risk Assessment for Sovereign Bond Spreads with Macroeconomic News Sentiment

gatt_33
Developing a Risk Appetite Culture: Importance and Framework

Developing a Risk Appetite Culture: Importance and Framework

aima295
Security Planning and Risk Management Overview

Security Planning and Risk Management Overview

kaks
Enhanced Mobile Ambulatory Assessment System for Alcohol Craving Studies

Enhanced Mobile Ambulatory Assessment System for Alcohol Craving Studies

saxe_zir

More Related Content