A Domain-Specific Knowledge Graph for Reasoning over AI Security Threats and Defenses
Samaneh Shamshiri, Mahdi Fahmideh, Junbeom Hur, Danial Javehri
SSRN Electronic Journal
Problems Identified (4)
Fragmented attack-defense evidence: Evidence-backed links between AI security attacks and defenses are fragmented, making large-scale synthesis and audit difficult.
Unsupported security-reasoning edges: Unsupported knowledge-graph edges can mislead downstream AI security reasoning.
Sparse verified defenses: Some attacks lack verified mitigating defenses in the synthesized evidence base.
Defense recommendation verification: Defense recommendations for attacks need accurate ranking and supporting evidence for verification.
Proposed Solutions (4)
AI security knowledge graph: The study presents a domain-specific AI security knowledge graph built from 780 papers on model-level attacks and defenses.
Evidence-gated ontology extraction: The study proposes an ontology-constrained extraction pipeline that chunks text, extracts typed entities and relations, and admits only sentence-supported triples while preserving contradictory claims with provenance.
Attack-Defense Alignment Score: The study introduces ADAS, measuring the fraction of attacks with at least one verified, non-conflicted mitigating defense.
Evidence-backed defense recommendation: The knowledge graph is used for defense recommendation where ranked recommendations include supporting quotes for verification.
Results (3)
Extractor outperforms IE baselines:
Fewer unsupported edges:
ADAS exceeds randomized baselines:
Research Domain
AI security knowledge graphs and attack-defense reasoning