Masterarbeit
Enhancing a Security Assessment Tool with Semantic Knowledge Graphs and Interactive Conversational Interfaces
Completion
2025/11
Research Area
Students
Sindhura Shivaprasad
Advisers
Verena Traubinger M.Sc.
Dr.-Ing. Sebastian Heil
Description
Chatbots are increasingly deployed as primary touchpoints for users across various digital platforms, serving roles that span information delivery, assistance, and decision support. In the specific field of cyber security, rapid evolution of cyber threats demand that conversational systems have to be capable of deep semantic reasoning and dynamic user interaction to address context-sensitive security challenges. One technical solution for this are knowledge graphs, while the semantic reasoning and its complex relationships also have to be presented in a well understandable way to the users. Based on the previously conducted Planspiel module, a conversational user interface for security threat analysis is enhanced with knowledge graphs and interactive interfaces to create a better user experience for its users.
This thesis researches on integrating semantic knowledge graphs with an LLM-based chatbot to enable transparent reasoning, multi-hop inference, and source-grounded responses in cybersecurity-specific conversational contexts. A hybrid architecture will be developed that couples structured KG outputs—such as entity paths, relation metadata, semantic tags, and contextual neighbours—with LLM prompt engineering to generate traceable, semantically grounded dialogue. Key features for this implementation include transparent graph traversal (e.g., CVE → Risk → Control), tag-based chat history filtering for thematic retrieval, role-driven response modulation via a mode selector, progressive disclosure of related nodes, and an AI-powered TODO list that extracts and prioritizes actionable items. The evaluation will be based on technical benchmarks and can be enhanced with additional user testing.
The objective of this thesis is the creation of a solution or the combination of existing approaches to solve the above described problem of the integration of a semantic knowledge graph into a conversational security threat assessment tool. This includes the analysis of the state of the art of security threat assessment, technologies for knowledge graphs and conversational user interfaces, as well as the combination of these two approaches, and other relevant literature. From this analysis, a possible solution should be conceptualized and demonstrated by creating a prototypical implementation of a knowledge graph into the existing conversational security threat assessment tool from the Planspiel module, as well as a suitable evaluation based on technical benchmarks if feasible enhanced with user testing and its compliance with requirements which were extracted through the literature research.
