ChronoSentinel: Incremental temporal embedding for Security Knowledge Graph using Dynamic Reachability Centrality and Efficient language model

IF 15.5 1区计算机科学 Q1 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Information Fusion Pub Date : 2025-09-11 DOI:10.1016/j.inffus.2025.103662

Chinmaya Mishra , Himangshu Sarma , Saravanan M.

{"title":"ChronoSentinel: Incremental temporal embedding for Security Knowledge Graph using Dynamic Reachability Centrality and Efficient language model","authors":"Chinmaya Mishra , Himangshu Sarma , Saravanan M.","doi":"10.1016/j.inffus.2025.103662","DOIUrl":null,"url":null,"abstract":"<div><div>The increasing sophistication of cyber threats requires adaptive, real-time defenses that can evolve with dynamic attack patterns. Security Knowledge Graphs (SKGs) have become essential for representing complex interrelationships among cyber entities, which are vital for combating ongoing cybercrime. However, most existing incremental update methods rely on non-temporal strategies that fail to capture the evolution of security data. This paper presents ChronoSentinel, an innovative framework that synergistically integrates Dynamic Reachability Centrality (DRC) with Efficient Language Models (ELMs) to offer a robust and scalable solution for maintaining and enhancing Temporal Security Knowledge Graphs. By incorporating temporal dynamics, ChronoSentinel incrementally updates the graph while reducing the computational cost of full retraining, leveraging time-sensitive information to respond to emerging threats. The framework employs DRC to prioritize influential and temporally critical core nodes, ensuring the graph remains up-to-date and responsive to evolving threat landscapes. Additionally, by integrating ELMs such as BART, FLAN-T5, and DeepSeek, ChronoSentinel enriches the graph with contextual insights that improve semantic representation and enable predictive link generation. This hybrid approach supports faster threat prediction and defense while maintaining reliability, accuracy, and low computational overhead.</div></div>","PeriodicalId":50367,"journal":{"name":"Information Fusion","volume":"127 ","pages":"Article 103662"},"PeriodicalIF":15.5000,"publicationDate":"2025-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information Fusion","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1566253525007341","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

The increasing sophistication of cyber threats requires adaptive, real-time defenses that can evolve with dynamic attack patterns. Security Knowledge Graphs (SKGs) have become essential for representing complex interrelationships among cyber entities, which are vital for combating ongoing cybercrime. However, most existing incremental update methods rely on non-temporal strategies that fail to capture the evolution of security data. This paper presents ChronoSentinel, an innovative framework that synergistically integrates Dynamic Reachability Centrality (DRC) with Efficient Language Models (ELMs) to offer a robust and scalable solution for maintaining and enhancing Temporal Security Knowledge Graphs. By incorporating temporal dynamics, ChronoSentinel incrementally updates the graph while reducing the computational cost of full retraining, leveraging time-sensitive information to respond to emerging threats. The framework employs DRC to prioritize influential and temporally critical core nodes, ensuring the graph remains up-to-date and responsive to evolving threat landscapes. Additionally, by integrating ELMs such as BART, FLAN-T5, and DeepSeek, ChronoSentinel enriches the graph with contextual insights that improve semantic representation and enable predictive link generation. This hybrid approach supports faster threat prediction and defense while maintaining reliability, accuracy, and low computational overhead.

查看原文本刊更多论文

时序哨兵：基于动态可达性中心性和高效语言模型的安全知识图增量时间嵌入

日益复杂的网络威胁需要自适应的实时防御，可以随着动态攻击模式的发展而发展。安全知识图（skg）对于表示网络实体之间复杂的相互关系至关重要，这对于打击正在进行的网络犯罪至关重要。然而，大多数现有的增量更新方法依赖于无法捕获安全数据演变的非时态策略。本文介绍了chronsentinel，这是一个创新的框架，它协同集成了动态可达性中心（DRC）和高效语言模型（elm），为维护和增强时间安全知识图提供了一个健壮和可扩展的解决方案。通过结合时间动态，chronsentinel逐步更新图形，同时减少完全再训练的计算成本，利用时间敏感信息来响应新出现的威胁。该框架使用DRC来确定有影响力和暂时关键的核心节点的优先级，确保图表保持最新状态，并对不断变化的威胁格局做出响应。此外，通过集成BART、FLAN-T5和DeepSeek等elm， chronsentinel通过上下文洞察丰富了图形，从而改善了语义表示并实现了预测链接生成。这种混合方法支持更快的威胁预测和防御，同时保持可靠性、准确性和较低的计算开销。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Information Fusion 工程技术-计算机：理论方法

CiteScore

33.20

自引率

4.30%

发文量

161

审稿时长

7.9 months

期刊介绍： Information Fusion serves as a central platform for showcasing advancements in multi-sensor, multi-source, multi-process information fusion, fostering collaboration among diverse disciplines driving its progress. It is the leading outlet for sharing research and development in this field, focusing on architectures, algorithms, and applications. Papers dealing with fundamental theoretical analyses as well as those demonstrating their application to real-world problems will be welcome.