A Cyber Attack Path Prediction Approach Based on a Text-Enhanced Graph Attention Mechanism

In order to solve the problem of traditional methods not being able to discover hidden attack trajectories, we propose a cyber attack path prediction approach based on a text-enhanced graph attention mechanism in this paper. Specifically, we design an ontology that captures multi-dimensional links between vulnerabilities, weaknesses, attack patterns, and tactics by integrating CVE, CWE, CAPEC, and ATT&CK into Neo4j. Then, we inject natural language descriptions into the attention mechanism to develop a text-enhanced GAT that can alleviate data sparsity. The experiment shows that compared with existing baselines, our approach improveds MRR and Hits@5 by 12.3% and 13.2%, respectively. Therefore, the proposed approach can accurately predict attack paths and support active cyber defense.