Michael Iannacone
Robert Bridges
John Goodall
ABSTRACT
In this paper we describe an ontology developed for a cyber security knowledge graph database. This is intended to provide an organized schema that incorporates information from a large variety of structured and unstructured data sources, and includes all relevant concepts within the domain. We compare the resulting ontology with previous efforts, discuss its strengths and limitations, and describe areas for future work.
- Stucco: Situation and Threat Understanding by Correlating Contextual Observations. https://stucco.github.io/, 2015.Google Scholar
- T. Aslam, I. Krsul, and E. H. Spafford. Use of a taxonomy of security faults. 1996.Google Scholar
- S. Barnum. Standardizing cyber threat intelligence information with the structured threat information expression (stix). MITRE Corporation, page 11, 2014.Google Scholar
- C. Blanco, J. Lasheras, R. Valencia-García, E. Fernández-Medina, A. Toval, and M. Piattini. A systematic review and comparison of security ontologies. In Availability, Reliability and Security, 2008. ARES 08. Third International Conference on, pages 813--820. IEEE, 2008. Google ScholarDigital Library
- R. A. Bridges, C. L. Jones, M. D. Iannacone, K. M. Testa, and J. R. Goodall. Automatic labeling for entity extraction in cyber security. arXiv preprint arXiv:1308.4941, 2013.Google Scholar
- G. A. Fink, V. Duggirala, R. Correa, and C. North. Bridging the host-network divide: Survey, taxonomy, and solution. In LISA, pages 247--262, 2006. Google ScholarDigital Library
- S. Hansman and R. Hunt. A taxonomy of network and computer attacks. Computers & Security, 24(1):31--43, 2005. Google ScholarDigital Library
- J. D. Howard and T. A. Longstaff. A common language for computer security incidents. Sandia National Laboratories, 1998.Google Scholar
- V. Igure and R. Williams. Taxonomies of attacks and vulnerabilities in computer systems. Communications Surveys & Tutorials, IEEE, 10(1):6--19, 2008. Google ScholarDigital Library
- C. L. Jones, R. A. Bridges, K. M. T. Huffer, and J. R. Goodall. Towards a relation extraction framework for cyber-security concepts. In Proceedings of the CISRC-10, the tenth Cyber & Information Security Research Conference. ACM, 2015. Google ScholarDigital Library
- A. Joshi, R. Lal, and T. Finin. Extracting cybersecurity related linked data from text. In Semantic Computing (ICSC), 2013 IEEE Seventh International Conference on, pages 252--259. IEEE, 2013. Google ScholarDigital Library
- K. S. Killourhy, R. A. Maxion, and K. M. Tan. A defense-centric taxonomy based on attack manifestations. In Dependable Systems and Networks, 2004 International Conference on, pages 102--111. IEEE, 2004. Google ScholarDigital Library
- C. E. Landwehr, A. R. Bull, J. P. McDermott, and W. S. Choi. A taxonomy of computer program security flaws. ACM Computing Surveys (CSUR), 26(3):211--254, 1994. Google ScholarDigital Library
- U. Lindqvist and E. Jonsson. How to systematically classify computer security intrusions. In Security and Privacy, 1997. Proceedings., 1997 IEEE Symposium on, pages 154--163. IEEE, 1997. Google ScholarDigital Library
- N. McNeil, R. Bridges, M. Iannacone, B. Czejdo, N. Perez, and J. Goodall. Pace: Pattern accurate computationally efficient bootstrapping for timely discovery of cyber-security concepts. In Machine Learning and Applications (ICMLA), 2013 12th International Conference on, volume 2, pages 60--65. Dec 2013. Google ScholarDigital Library
- C. Meyers, S. Powers, and D. Faissol. Taxonomies of cyber adversaries and attacks: a survey of incidents and approaches. Lawrence Livermore National Laboratory, 7, 2009.Google Scholar
- S. More, M. Matthews, A. Joshi, and T. Finin. A knowledge-based approach to intrusion detection modeling. In Security and Privacy Workshops (SPW), 2012 IEEE Symposium on, pages 75--81. IEEE, 2012. Google ScholarDigital Library
- V. Mulwad, W. Li, A. Joshi, T. Finin, and K. Viswanathan. Extracting information about security vulnerabilities from web text. In Web Intelligence and Intelligent Agent Technology (WI-IAT), 2011 IEEE/WIC/ACM International Conference on, volume 3, pages 257--260. IEEE, 2011. Google ScholarDigital Library
- L. Obrst, P. Chase, and R. Markeloff. Developing an ontology of the cyber security domain. In STIDS, pages 49--56, 2012.Google Scholar
- M. C. Parmelee. Toward an ontology architecture for cyber-security standards. STIDS, 713:116--123, 2010.Google Scholar
- R. C. Seacord and A. D. Householder. A structured approach to classifying security vulnerabilities. Technical report, DTIC Document, 2005.Google Scholar
- J. Undercoffer, A. Joshi, and J. Pinkston. Modeling computer attacks: An ontology for intrusion detection. In Recent Advances in Intrusion Detection, pages 113--135. Springer, 2003.Google ScholarCross Ref
- S. Weber, P. A. Karger, and A. Paradkar. A software flaw taxonomy: aiming tools at security. In ACM SIGSOFT Software Engineering Notes, volume 30, pages 1--7. ACM, 2005. Google ScholarDigital Library
Index Terms
- Developing an Ontology for Cyber Security Knowledge Graphs
Recommendations
Design of product ontology architecture for collaborative enterprises
As enterprises are subject to cope with frequently changing business environment, enterprises should integrate value chains such as supply chain and design chain. Sharing product information must precede for the integration. However, because most of the ...
A lexico-semantic pattern language for learning ontology instances from text
The Semantic Web aims to extend the World Wide Web with a layer of semantic information, so that it is understandable not only by humans, but also by computers. At its core, the Semantic Web consists of ontologies that describe the meaning of concepts ...
Knowledge representation and reasoning of XML with ontology
SAC '11: Proceedings of the 2011 ACM Symposium on Applied ComputingToday XML has reached a wide acceptance as the data exchange format for e-commerce. Unfortunately, XML covers the syntactic level, but lacks semantics. Ontology can represent shared domain knowledge and enable semantic interoperability. Therefore, in ...
Comments