The Center for Education and Research in Information Assurance and Security (CERIAS)
The Center for Education and Research inInformation Assurance and Security (CERIAS)
Principal Investigator: Tianyi Zhang
This project will develop a unified knowledge graph that captures rich, up-to-date information about software components in heterogeneous software ecosystems. Building upon our prior work on noise-robust open knowledge extraction, we will develop a new neural knowledge acquisition pipeline that (1) extracts software information from various information sources, including but not limited to official documentation, software release notes, bug reports, CVEs, and online discussions, (2) consolidates the extracted information via an array of quality control and fact-checking mechanisms, and (3) constantly updates the knowledge graph by tracking new information from various sources. The resulting knowledge graph will empower us to further develop a novel multi-modal query interface for knowledge dissemination, as well as new risk mitigation approaches that perform deep scans on software systems, detect potential risks, and automatically repair them.
Other PIs: Xiangyu Zhang
Students: Bonan Kou Yifeng Di
Nguyen, Tai, Yifeng Di, Joohan Lee, Muhao Chen, and Tianyi Zhang. "Software Entity Recognition with Noise-Robust Learning." ASE 2023.
Zhao, Zhongkai, Bonan Kou, Mohamed Yilmaz Ibrahim, Muhao Chen, and Tianyi Zhang. "Knowledge-Based Version Incompatibility Detection for Deep Learning." ESEC/FSE 2023.
Keywords: Knowledge Graph, security, Software Supply Chains, Vulnerabilities