GenHax
Sign InGet Started
NSF Gaps-to-Graphs (SECURE CHAIN)
NSF Proto-OKNBeginnerUpcoming

NSF Gaps-to-Graphs (SECURE CHAIN)

⭐ Enhance and Accelerate Cyber Supply Chain with AI Knowledge

The Challenge

What you'll do: • Research and analyze the problem space • Explore gaps in AI-powered data models • Present your approach with a proposal for sources and how to fix the gap What you'll deliver: A list of gaps + options to remedy. Why it matters: Your Challenge: Enhance +20% and Accelerate x10 AI Research’s Impact on Software Supply Chains For an hour, attendants will help Proto-OKN projects transition to markets, by co-piloting data enhancement solutions for their Knowledge Graphs. Developing AI requires both technical and domain/business leaders to collaborate. NO TECHNICAL SKILLS NEEDED

Timeline

Mentor Session: Co-Creation & Testing

Mentor Session

Thu, Apr 23, 2026

This is when we will gather, test, and co-create. Join technical and domain/business leaders to collaborate on identifying gaps in AI-powered data models and develop solutions to enhance Proto-OKN projects for market transition. Time: 4:00 PM EDT

About This Challenge

# Bridging Security Knowledge Gaps Through AI-Powered Networks Discover and address critical gaps in cybersecurity knowledge to strengthen our digital infrastructure. This master-level challenge focuses specifically on the Secure Chain Proto-OKN Knowledge Graph - an advanced AI system mapping cybersecurity threats, vulnerabilities, and defense mechanisms into an interconnected knowledge network. You'll work directly with security researchers to identify where this knowledge system falls short and develop strategies to fill those gaps. ## What You'll Explore The Secure Chain Knowledge Graph captures critical security intelligence about: - Threat actor behaviors and attack patterns - Vulnerability lifecycles and exploitation methods - Defense tool effectiveness and deployment strategies - Supply chain security risks and dependencies - Incident response procedures and best practices - Regulatory compliance requirements and frameworks Your Mission: Simply identify where this research-grade knowledge graph has gaps in knowledge or impact, and develop practical options to remedy these deficiencies. ## The Security Knowledge Challenge Current cybersecurity knowledge systems face significant limitations: - Intelligence Gaps: Critical threat data remains siloed or unavailable - Response Delays: Security teams lack real-time access to relevant defensive knowledge - Context Loss: Isolated security tools miss interconnected threat patterns - Scale Problems: Knowledge systems struggle with the volume and velocity of emerging threats The Secure Chain Proto-OKN aims to address these issues, but needs expert analysis to identify blind spots and enhancement opportunities. ## Your Analytical Role No technical experience required - we need your security domain expertise and practical insight. You'll work in focused teams including: - Secure Chain Proto-OKN researchers - Cybersecurity practitioners and analysts - Risk management professionals - Compliance and governance experts Together, you'll: 1. Identify Knowledge Gaps: Pinpoint what critical security information is missing or inadequately represented 2. Assess Impact Limitations: Determine where the knowledge graph fails to drive meaningful security outcomes 3. Develop Remediation Options: Design practical approaches to address identified deficiencies 4. Prioritize Solutions: Rank gap-filling strategies by feasibility and security impact 5. Map Implementation Pathways: Connect gap analysis to actionable improvement roadmaps ## Real Impact Potential Your contributions will directly influence: - Enhanced Threat Intelligence: Improved coverage of emerging attack vectors and defensive countermeasures - Faster Response Times: More complete knowledge enabling rapid security decision-making - Stronger Defense Networks: Better connected security data improving organizational resilience - Future Security Innovation: Your gap analysis will guide next-generation security knowledge systems ## Success Metrics Core Deliverables: - Comprehensive gap inventory identifying knowledge and impact deficiencies - Prioritized remediation options with implementation feasibility assessments - Impact analysis quantifying how gap-filling improves security outcomes - Actionable roadmap for Secure Chain Proto-OKN enhancement Broader Impact: - Security teams gain access to more complete threat intelligence - Organizations make better-informed risk management decisions - Researchers understand practical knowledge gaps limiting real-world security impact - The cybersecurity community benefits from enhanced collective defense capabilities ## Getting Started Come prepared to share your expertise about security challenges, knowledge gaps, and data limitations in your domain. Whether you work in threat intelligence, incident response, risk assessment, compliance, or security operations - your perspective is essential for identifying where our knowledge systems fall short. Security knowledge gaps create real vulnerabilities. Join us to find them and fix them.

Research Team

Meet the cybersecurity research team behind the Secure Chain Proto-OKN Knowledge Graph - your direct collaborators for this challenge. ### Purdue University Secure Chain Research Team Led by Dr. Tianyi Zhang and the cybersecurity research group at Purdue University, the Secure Chain team is at the forefront of applying knowledge graph technologies to cybersecurity intelligence and threat analysis. Their Secure Chain Proto-OKN represents a groundbreaking effort to create interconnected security knowledge that can adapt and respond to evolving threat landscapes. What makes this team unique: - NSF Proto-OKN funding - part of the national Open Knowledge Network initiative focused on security applications - Real-world threat intelligence - direct partnerships with cybersecurity vendors and incident response teams - Cross-domain security expertise - spanning network security, software vulnerabilities, and supply chain risks - AI-driven security research - pioneering machine learning approaches for threat pattern recognition ### Research Specializations The Purdue Secure Chain team brings cutting-edge expertise in: - Cybersecurity knowledge representation and threat ontology development - Automated threat intelligence extraction from diverse security data sources - Supply chain security mapping and dependency analysis - Vulnerability lifecycle modeling and exploitation prediction - Security knowledge graph reasoning for proactive defense strategies ### Your Direct Partnership You'll collaborate directly with the Secure Chain researchers to: - Examine the current architecture and knowledge coverage of the Secure Chain Proto-OKN - Identify critical blind spots in cybersecurity knowledge representation - Assess gaps between academic security research and practitioner needs - Design pathways for translating security intelligence into actionable defensive measures - Evaluate the system's effectiveness in addressing emerging threat vectors Dr. Zhang's team is committed to ensuring their NSF-funded research addresses real-world cybersecurity challenges - and your domain expertise and practical insights are crucial to identifying where their knowledge graph can have the greatest security impact.

Resources

Secure Chain Proto-OKN Core IntelligenceSecure Chain Knowledge Graph - NSF Proto-OKN Security Node - Primary knowledge graph mapping software supply chain vulnerabilities, threat actor relationships, and defense pattern interconnections with real-time SPARQL endpoint access • NIST Cybersecurity Framework Mapping Database - https://www.nist.gov/cyberframework - Comprehensive cybersecurity control relationships, implementation guidance, and supply chain risk management standards • CVE/NVD Supply Chain Vulnerability Feed - https://nvd.nist.gov/ - National Vulnerability Database with enhanced supply chain dependency tracking and exploitation pattern analysis • CISA Known Exploited Vulnerabilities Catalog - https://www.cisa.gov/known-exploited-vulnerabilities-catalog - Actively exploited vulnerabilities with supply chain impact assessments and remediation timelines • Supply Chain Risk Intelligence Platform - https://www.dhs.gov/publication/ict-supply-chain-risk-management - DHS ICT supply chain threat intelligence and vendor risk assessment data Software Dependency and Component IntelligenceSoftware Package Data Exchange (SPDX) - https://spdx.dev/ - Open source component licensing, security metadata, and supply chain provenance tracking across software ecosystems • OpenSSF Security Scorecards - https://github.com/ossf/scorecard - Automated security health checks for open source projects with supply chain risk indicators and maintainer activity patterns • Snyk Vulnerability Database - https://security.snyk.io/ - Real-time software dependency vulnerability data with exploit maturity rankings and remediation guidance • SBOM (Software Bill of Materials) Registry - https://www.ntia.gov/SBOM - Component inventory standards with cryptographic attestation and supply chain transparency frameworks • GitHub Security Advisory Database - https://github.com/advisories - Developer-reported vulnerabilities with dependency impact analysis and automated fix recommendations Threat Actor and Attack Pattern NetworksMITRE ATT&CK Supply Chain Matrix - https://attack.mitre.org/ - Supply chain-specific adversary tactics, techniques, and procedures with real-world incident mapping • Threat Intelligence Platform Feeds - https://www.us-cert.gov/tlp - Structured threat intelligence on supply chain compromises, attribution analysis, and campaign tracking • Software Supply Chain Attack Database - Curated incidents of supply chain compromises including SolarWinds, Codecov, and dependency confusion attacks • Malware Family Genealogy Network - https://malpedia.caad.fkie.fraunhofer.de/ - Supply chain malware relationships, code reuse patterns, and threat actor tool sharing analysis • Dark Web Supply Chain Intelligence - Underground market monitoring for stolen code signing certificates, compromised developer accounts, and supply chain attack services Vendor Risk and Third-Party AssessmentThird-Party Risk Assessment Database - https://www.ready.gov/business/risk-assessment - Vendor cybersecurity posture evaluations, incident history tracking, and supply chain partner security ratings • Software Vendor Security Scorecard Platform - Automated vendor assessment including security practices, incident response capabilities, and supply chain security maturity • Critical Infrastructure Dependency Mapping - https://www.cisa.gov/critical-infrastructure-sectors - Software dependencies within critical infrastructure with cascading failure risk analysis • Cloud Service Provider Security Intelligence - AWS, Azure, GCP security posture data with supply chain implications for hosted applications and services • Open Source Maintainer Network Analysis - Developer community health metrics, maintainer succession planning, and project abandonment risk indicators Compliance and Regulatory Framework IntegrationSOX/SOC Compliance Mapping Database - https://www.aicpa.org/interestareas/frc/assuranceadvisoryservices/sorhome.html - Financial sector software supply chain compliance requirements and audit trail standards • GDPR/Privacy Regulation Impact Analysis - Data flow mapping through software supply chains with privacy regulation compliance tracking across jurisdictions • Executive Order 14028 Implementation Data - https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ - Federal cybersecurity requirements for software suppliers and SBOM mandates • Industry-Specific Compliance Frameworks - HIPAA, PCI-DSS, FISMA software supply chain security requirements with implementation guidance and assessment criteria • International Cybersecurity Standards - ISO 27001/27036 supply chain security controls with global regulatory harmonization analysis Incident Response and Forensic IntelligenceSupply Chain Incident Response Playbook Database - https://www.sans.org/white-papers/ - Documented response procedures for supply chain compromises with lessons learned and recovery timelines • Digital Forensics Supply Chain Evidence - Artifact analysis from supply chain attacks including code signing abuse, repository compromise, and build system infiltration • Coordinated Vulnerability Disclosure Networks - https://vuls.cert.org/confluence/display/CVD - Responsible disclosure processes with supply chain impact assessment and multi-vendor coordination • Cyber Threat Sharing Platforms - https://www.dhs.gov/automated-indicator-sharing-ais - Real-time supply chain threat indicator sharing with anonymized incident data and mitigation strategies • Software Supply Chain Recovery Database - Post-incident recovery patterns, business continuity strategies, and alternative supplier activation procedures

Skills

You'll Learn

Data AnalysisStrategic PlanningPresentation SkillsSoftware DevelopmentRequirements GatheringStakeholder ManagementDisruptive InnovationBusiness AnalysisOpen Innovation

Helpful to Have

Outcomes Research

Tags

#Cybersecurity#nsf-partnership#proto-okn#frink-query-service#ai-research-transition#knowledge-graphs#renci-unc#industry-collaboration#cybersecurity-securechain#biomedical-spoke#open-knowledge-network#research-acceleration#ai-knowledge-systems#data-science-analytics#query-federation#supply-chain-security#ucsf-spoke#purdue-hcss#remote-breakout#march-2026#research-to-market
Hugo

Hosted by

Hugo

0 teams / 50 max
Starts Apr 23, 2026, 4:00 PM (EDT)
Ends Apr 23, 2026, 5:00 PM (EDT)

Leaderboard

On this page

Prizes

  • Certificates, Badges.