An Ontology-based Storage of Security Information

Kotenko, Igor; Fedorchenko, Andrey; Doynikova, Elena; Chechulin, Andrey

doi:10.5755/j01.itc.47.4.20007

Cited by 5 publications

(10 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…All this creates required basis for our ontology of security metrics. We started this research in [8,37] where we aimed to integrate various security data sources, and proceeded it in [9], where we proposed the first upper level ontology for attack goals determination. This paper extends the previous ontology with new security metrics and details it in terms of their interrelations to answer security questions using logical inference.…”

Section: Related Workmentioning

confidence: 99%

“…As soon as the approach proposed in this paper requires an accurate structuring and detailing security related knowledge, the areas outlined in CyBOK (including software security, network security, malware, and others) and their further detailing can be used as the basis for development of our approach. At the same time, the proposed in this paper approach is based on the set of hierarchically interconnected security metrics for security assessments [6][7][8]. The structure of subject areas introduced in CyBOK will allow one to evaluate what cybersecurity areas are covered with metrics by our approach.…”

Section: Introductionmentioning

confidence: 99%

“…1. An ontology of security data sources and security data [8]. The difference of ontology proposed in this study consists in extension with a new class of instances, namely, security metrics.…”

Section: Introductionmentioning

confidence: 99%

“…2. A set of hierarchically interconnected security metrics [8,9]. These metrics allow assessing security of information systems on different stages of their operation and with varying degrees of accuracy depending on the available security data, new knowledge obtained in the process of security assessment, and security assessment goals.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Semantic Model for Security Evaluation of Information Systems

Doynikova

Fedorchenko

Kotenko

2020

JCSANDM

Self Cite

View full text Add to dashboard Cite

Modern information systems are characterized by huge security related data streams. For cyber security management in such systems, novel models and techniques for efficient processing of these data streams are required. The paper considers development and application of a semantic model for security evaluation. The proposed model is represented as the ontology of metrics that is based on the relations between sources of security related data, primary features of initial security data and goals of security evaluation. The set of hierarchically interconnected security metrics is mapped to the data features and security evaluation goals. The relations between these metrics within the proposed ontology provide the basis for security evaluation technique. The paper introduces the proposed ontology and its foundations, and briefly describes the developed technique. The analysis of data in the open sources is conducted, and the case study is provided to show applicability of the approach.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Semantic Model for Security Evaluation of Information Systems

Doynikova

Fedorchenko

Kotenko

2020

JCSANDM

Self Cite

View full text Add to dashboard Cite

show abstract

“…There are two types of sources: structured data and unspecified data. In [58], we outlined the following open sources of structured data considering objects of information security assessments: vulnerability databases, attack patterns databases, weaknesses databases, software and hardware databases, and so on. For accurate attack forecasting in real time, it is required to add another type of source data, network traffic, and event logs (which is unspecified).…”

mentioning

confidence: 99%

Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects

2020

Self Cite

View full text Add to dashboard Cite

Early detection of the security incidents and correct forecasting of the attack development is the basis for the efficient and timely response to cyber threats. The development of the attack depends on future steps available to the attackers, their goals, and their motivation—that is, the attacker “profile” that defines the malefactor behaviour in the system. Usually, the “attacker profile” is a set of attacker’s attributes—both inner such as motives and skills, and external such as existing financial support and tools used. The definition of the attacker’s profile allows determining the type of the malefactor and the complexity of the countermeasures, and may significantly simplify the attacker attribution process when investigating security incidents. The goal of the paper is to analyze existing techniques of the attacker’s behaviour, the attacker’ profile specifications, and their application for the forecasting of the attack future steps. The implemented analysis allowed outlining the main advantages and limitations of the approaches to attack forecasting and attacker’s profile constructing, existing challenges, and prospects in the area. The approach for attack forecasting implementation is suggested that specifies further research steps and is the basis for the development of an attacker behaviour forecasting technique.

show abstract

Conceptual Data Modeling Using Aggregates to Ensure Large-Scale Distributed Data Management Systems Security

Poltavtseva

Kalinin

2019

Studies in Computational Intelligence

View full text Add to dashboard Cite

An Ontology-based Storage of Security Information

Cited by 5 publications

References 12 publications

A Semantic Model for Security Evaluation of Information Systems

A Semantic Model for Security Evaluation of Information Systems

Attacker Behaviour Forecasting Using Methods of Intelligent Data Analysis: A Comparative Review and Prospects

Conceptual Data Modeling Using Aggregates to Ensure Large-Scale Distributed Data Management Systems Security

Contact Info

Product

Resources

About