Cybersecurity Knowledge Graph

As part of the SEPSES project, we have developed a cybersecurity knowledge graph (CSKG) that integrates and links critical information such as vulnerabilities, weaknesses and attack patterns from various publicly available sources. The Knowledge Graph is continuously updated to reflect changes in various data sources used as inputs, i.e., CAPEC, CPE, CVE, CVSS, and CWE. In the following, you can find available resources, vocabularies, as well as reports on the updates of the Knowledge Graph.

Resources

• Linked Data Interface:
  • CVE example resource
  • CWE example resource
  • CAPEC example resource
  • …
• SPARQL endpoint
• Triple Pattern Fragments Interface
• Data Dumps
• Cyber-KG – Converter Engine

Vocabularies

• Common Attack Pattern Enumeration and Classification (CAPEC)
• Common Platform Enumeration (CPE)
  
• Common Vulnerabilities and Exposure (CVE)
• Common Vulnerability Scoring System (CVSS)
• Common Weakness Enumeration Specification (CWE)
• Snort Rule Community Specification (SnortRule)