With the rapid growth of cyber-attacks and the surge in global vulnerabilities, enterprises face increasing challenges in managing vulnerability intelligence effectively. While vulnerability intelligence plays a crucial role in modern security operations, its multi-source and heterogeneous nature, along with the lack of structured semantics, significantly hinders large-scale aggregation sharing and application. To address these issues, this paper constructs a vulnerability intelligence ontology from a vulnerability management perspective. First, we define an intelligence-driven vulnerability management lifecycle based on the current vulnerability threat landscape released by the industry, aiming to align the ontology design with practical management needs. Then, we develop a highly compatible ontology by referencing existing vulnerability specifications, and instantiate it with real-time data collected from mainstream vulnerability databases. Furthermore, we demonstrate how to apply the ontology and instance data to support interpretable inference combining large language models. Finally, comparative evaluation with existing ontologies shows that our ontology achieves better balance among coverage, reusability, and scalability, providing a solid foundation for intelligence-based vulnerability management.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Construction and Application of Vulnerability Intelligence Ontology Under Vulnerability Management Perspective

  • Guangxiang Dai,
  • Peng Wang,
  • Duohe Ma

摘要

With the rapid growth of cyber-attacks and the surge in global vulnerabilities, enterprises face increasing challenges in managing vulnerability intelligence effectively. While vulnerability intelligence plays a crucial role in modern security operations, its multi-source and heterogeneous nature, along with the lack of structured semantics, significantly hinders large-scale aggregation sharing and application. To address these issues, this paper constructs a vulnerability intelligence ontology from a vulnerability management perspective. First, we define an intelligence-driven vulnerability management lifecycle based on the current vulnerability threat landscape released by the industry, aiming to align the ontology design with practical management needs. Then, we develop a highly compatible ontology by referencing existing vulnerability specifications, and instantiate it with real-time data collected from mainstream vulnerability databases. Furthermore, we demonstrate how to apply the ontology and instance data to support interpretable inference combining large language models. Finally, comparative evaluation with existing ontologies shows that our ontology achieves better balance among coverage, reusability, and scalability, providing a solid foundation for intelligence-based vulnerability management.