Methods for constructing a connected knowledge graph for analyzing regulatory documents in the field of cybersecurity
DOI: 10.31673/2412-9070.2025.025620
DOI:
https://doi.org/10.31673/2412-9070.2025.025620Abstract
The article discusses the method of automated construction of a knowledge graph of the conectivity of formal models of norms and requirements in the field of information security. The growing complexity of regulations and their requirements requires new approaches to their formalisation and analysis. The proposed method is based on the use of natural language processing and ontological modelling algorithms to create a connected knowledge graph representing formal models of norms and requirements. The main focus is on automating the process of forming such graphs, which minimises the human factor, reduces the likelihood of errors and increases the efficiency of processing large amounts of regulatory information.
The paper discusses the structure and principles of building a knowledge graph, including mechanisms for identifying links between norms, requirements and other entities. Methods of automatic extraction and analysis of semantic relations, as well as algorithms for their further processing to ensure the coherence of the resulting graph are proposed. The study is based on modern methods of artificial intelligence and textual information processing, which allows to increase the level of automation of the processes of formalisation and systematisation of information security requirements.
The results of the experiments demonstrate the effectiveness of the developed approach and its ability to integrate with existing information security management systems. The use of a knowledge graph can significantly improve the analysis of regulatory documentation, providing a deeper understanding of the relationships between its elements and improving the quality of decision-making in the field of information security. The proposed method can be applied in various areas requiring automation of processing of regulations and their interrelationships, including cybersecurity, risk management and regulatory analysis.
Keywords: knowledge graph, automation, information security, formal models, artificial intelligence, natural language processing, ontological modelling
