Soft Topology for Cyber Threat Intelligence: A Knowledge Graph Perspective

Cyber threat intelligence (CTI) increasingly relies on knowledge graphs (KGs) to represent
entities, relationships, and context across vulnerabilities, exploits, actors, and mitigations. Real-world
CTI is, however, uncertain and parameter-dependent: intelligence feeds vary in confidence, temporal
validity, and applicability. In this paper we introduce a soft-topological framework for cybersecurity
knowledge graphs (ST-CKG). Our framework integrates soft set theory and soft topology with KG
representations to model parameterized uncertainty and dynamic relationships. We define soft-open
subgraphs, soft-closure and boundary operators, soft-connected components, and soft-continuous
mappings to formalize KG evolution and risk propagation. A prototype implementation built from
public CTI sources demonstrates the framework’s utility in identifying robust threat clusters and
emerging vulnerabilities. We discuss applications in threat prioritization, risk assessment, and cyber
situational awareness, and outline directions for future research.