More Web Proxy on the site http://driver.im/

short-paper

Developing an Ontology for Cyber Security Knowledge Graphs

Authors:

Michael Iannacone,

Grant Nakamura,

Robert Bridges,

John GoodallAuthors Info & Claims

CISR '15: Proceedings of the 10th Annual Cyber and Information Security Research Conference

Article No.: 12, Pages 1 - 4

https://doi.org/10.1145/2746266.2746278

Published: 07 April 2015 Publication History

Abstract

In this paper we describe an ontology developed for a cyber security knowledge graph database. This is intended to provide an organized schema that incorporates information from a large variety of structured and unstructured data sources, and includes all relevant concepts within the domain. We compare the resulting ontology with previous efforts, discuss its strengths and limitations, and describe areas for future work.

References

[1]

Stucco: Situation and Threat Understanding by Correlating Contextual Observations. https://stucco.github.io/, 2015.

[2]

T. Aslam, I. Krsul, and E. H. Spafford. Use of a taxonomy of security faults. 1996.

[3]

S. Barnum. Standardizing cyber threat intelligence information with the structured threat information expression (stix). MITRE Corporation, page 11, 2014.

[4]

C. Blanco, J. Lasheras, R. Valencia-García, E. Fernández-Medina, A. Toval, and M. Piattini. A systematic review and comparison of security ontologies. In Availability, Reliability and Security, 2008. ARES 08. Third International Conference on, pages 813--820. IEEE, 2008.

Digital Library

[5]

R. A. Bridges, C. L. Jones, M. D. Iannacone, K. M. Testa, and J. R. Goodall. Automatic labeling for entity extraction in cyber security. arXiv preprint arXiv:1308.4941, 2013.

[6]

G. A. Fink, V. Duggirala, R. Correa, and C. North. Bridging the host-network divide: Survey, taxonomy, and solution. In LISA, pages 247--262, 2006.

Digital Library

[7]

S. Hansman and R. Hunt. A taxonomy of network and computer attacks. Computers & Security, 24(1):31--43, 2005.

Digital Library

[8]

J. D. Howard and T. A. Longstaff. A common language for computer security incidents. Sandia National Laboratories, 1998.

[9]

V. Igure and R. Williams. Taxonomies of attacks and vulnerabilities in computer systems. Communications Surveys & Tutorials, IEEE, 10(1):6--19, 2008.

Digital Library

[10]

C. L. Jones, R. A. Bridges, K. M. T. Huffer, and J. R. Goodall. Towards a relation extraction framework for cyber-security concepts. In Proceedings of the CISRC-10, the tenth Cyber & Information Security Research Conference. ACM, 2015.

Digital Library

[11]

A. Joshi, R. Lal, and T. Finin. Extracting cybersecurity related linked data from text. In Semantic Computing (ICSC), 2013 IEEE Seventh International Conference on, pages 252--259. IEEE, 2013.

Digital Library

[12]

K. S. Killourhy, R. A. Maxion, and K. M. Tan. A defense-centric taxonomy based on attack manifestations. In Dependable Systems and Networks, 2004 International Conference on, pages 102--111. IEEE, 2004.

Digital Library

[13]

C. E. Landwehr, A. R. Bull, J. P. McDermott, and W. S. Choi. A taxonomy of computer program security flaws. ACM Computing Surveys (CSUR), 26(3):211--254, 1994.

Digital Library

[14]

U. Lindqvist and E. Jonsson. How to systematically classify computer security intrusions. In Security and Privacy, 1997. Proceedings., 1997 IEEE Symposium on, pages 154--163. IEEE, 1997.

Digital Library

[15]

N. McNeil, R. Bridges, M. Iannacone, B. Czejdo, N. Perez, and J. Goodall. Pace: Pattern accurate computationally efficient bootstrapping for timely discovery of cyber-security concepts. In Machine Learning and Applications (ICMLA), 2013 12th International Conference on, volume 2, pages 60--65. Dec 2013.

Digital Library

[16]

C. Meyers, S. Powers, and D. Faissol. Taxonomies of cyber adversaries and attacks: a survey of incidents and approaches. Lawrence Livermore National Laboratory, 7, 2009.

[17]

S. More, M. Matthews, A. Joshi, and T. Finin. A knowledge-based approach to intrusion detection modeling. In Security and Privacy Workshops (SPW), 2012 IEEE Symposium on, pages 75--81. IEEE, 2012.

Digital Library

[18]

V. Mulwad, W. Li, A. Joshi, T. Finin, and K. Viswanathan. Extracting information about security vulnerabilities from web text. In Web Intelligence and Intelligent Agent Technology (WI-IAT), 2011 IEEE/WIC/ACM International Conference on, volume 3, pages 257--260. IEEE, 2011.

Digital Library

[19]

L. Obrst, P. Chase, and R. Markeloff. Developing an ontology of the cyber security domain. In STIDS, pages 49--56, 2012.

[20]

M. C. Parmelee. Toward an ontology architecture for cyber-security standards. STIDS, 713:116--123, 2010.

[21]

R. C. Seacord and A. D. Householder. A structured approach to classifying security vulnerabilities. Technical report, DTIC Document, 2005.

[22]

J. Undercoffer, A. Joshi, and J. Pinkston. Modeling computer attacks: An ontology for intrusion detection. In Recent Advances in Intrusion Detection, pages 113--135. Springer, 2003.

[23]

S. Weber, P. A. Karger, and A. Paradkar. A software flaw taxonomy: aiming tools at security. In ACM SIGSOFT Software Engineering Notes, volume 30, pages 1--7. ACM, 2005.

Digital Library

Cited By

Mishra CSarma HM. S(2025)PageLLM: Incremental approach for updating a Security Knowledge Graph by using Page ranking and Large language modelInformation Processing & Management10.1016/j.ipm.2024.10404562:3(104045)Online publication date: May-2025
https://doi.org/10.1016/j.ipm.2024.104045
Kaushik M(2024)Cybersecurity Management: Developing Robust Strategies for Protecting Corporate Information SystemsInternational Journal for Global Academic & Scientific Research10.55938/ijgasr.v3i2.753:2(24-35)Online publication date: 2-Jul-2024
https://doi.org/10.55938/ijgasr.v3i2.75
Shah VManiar R(2024)A Comprehensive Review of Ontologies in CybersecurityAdvanced Cyber Security Techniques for Data, Blockchain, IoT, and Network Protection10.4018/979-8-3693-9225-6.ch001(1-20)Online publication date: 4-Oct-2024
https://doi.org/10.4018/979-8-3693-9225-6.ch001
Show More Cited By

Index Terms

Developing an Ontology for Cyber Security Knowledge Graphs
1. Information systems
  1. Information retrieval

Recommendations

Design of product ontology architecture for collaborative enterprises

As enterprises are subject to cope with frequently changing business environment, enterprises should integrate value chains such as supply chain and design chain. Sharing product information must precede for the integration. However, because most of the ...
A lexico-semantic pattern language for learning ontology instances from text

The Semantic Web aims to extend the World Wide Web with a layer of semantic information, so that it is understandable not only by humans, but also by computers. At its core, the Semantic Web consists of ontologies that describe the meaning of concepts ...
Knowledge representation and reasoning of XML with ontology
SAC '11: Proceedings of the 2011 ACM Symposium on Applied Computing

Today XML has reached a wide acceptance as the data exchange format for e-commerce. Unfortunately, XML covers the syntactic level, but lacks semantics. Ontology can represent shared domain knowledge and enable semantic interoperability. Therefore, in ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

CISR '15: Proceedings of the 10th Annual Cyber and Information Security Research Conference

April 2015

99 pages

ISBN:9781450333450

DOI:10.1145/2746266

General Chairs:
Joseph P. Trien
Oak Ridge National Laboratory
,
Stacy J. Prowell
Oak Ridge National Laboratory
,
Program Chair:
Robert A. Bridges
Oak Ridge National Laboratory
,
Publications Chair:
John R. Goodall
Oak Ridge National Laboratory

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

In-Cooperation

Oak Ridge National Laboratory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 April 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Short-paper
Research
Refereed limited

Conference

CISR '15

CISR '15: 10th Annual Cyber and Information Security Research Conference

April 7 - 9, 2015

TN, Oak Ridge, USA

Acceptance Rates

CISR '15 Paper Acceptance Rate 18 of 36 submissions, 50%;

Overall Acceptance Rate 69 of 136 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

98
Total Citations
View Citations
2,049
Total Downloads

Downloads (Last 12 months)136
Downloads (Last 6 weeks)11

Reflects downloads up to 06 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Mishra CSarma HM. S(2025)PageLLM: Incremental approach for updating a Security Knowledge Graph by using Page ranking and Large language modelInformation Processing & Management10.1016/j.ipm.2024.10404562:3(104045)Online publication date: May-2025
https://doi.org/10.1016/j.ipm.2024.104045
Kaushik M(2024)Cybersecurity Management: Developing Robust Strategies for Protecting Corporate Information SystemsInternational Journal for Global Academic & Scientific Research10.55938/ijgasr.v3i2.753:2(24-35)Online publication date: 2-Jul-2024
https://doi.org/10.55938/ijgasr.v3i2.75
Shah VManiar R(2024)A Comprehensive Review of Ontologies in CybersecurityAdvanced Cyber Security Techniques for Data, Blockchain, IoT, and Network Protection10.4018/979-8-3693-9225-6.ch001(1-20)Online publication date: 4-Oct-2024
https://doi.org/10.4018/979-8-3693-9225-6.ch001
Al Khatib HNeupane SKumar Manchukonda HGolilarz NMittal SAmirlatifi ARahimi S(2024)Patient-centric knowledge graphs: a survey of current methods, challenges, and applicationsFrontiers in Artificial Intelligence10.3389/frai.2024.13884797Online publication date: 23-Oct-2024
https://doi.org/10.3389/frai.2024.1388479
Wu DChen JXie RChen K(2024)OntoCSD: an ontology-based security model for an integrated solution of cyberspace defenseOntoCSD: 基于本体的网络空间防御综合解决方案安全模型Frontiers of Information Technology & Electronic Engineering10.1631/FITEE.230066225:9(1209-1225)Online publication date: 30-Sep-2024
https://doi.org/10.1631/FITEE.2300662
Zhu FCheng ZLi PXu H(2024)ITIRel: Joint Entity and Relation Extraction for Internet of Things Threat IntelligenceIEEE Internet of Things Journal10.1109/JIOT.2024.337379911:11(20867-20878)Online publication date: 1-Jun-2024
https://doi.org/10.1109/JIOT.2024.3373799
Barron REren MBhattarai MWanna SSolovyev NRasmussen KAlexandrov BNicholas CMatuszek C(2024)Cyber-Security Knowledge Graph Generation by Hierarchical Nonnegative Matrix Factorization2024 12th International Symposium on Digital Forensics and Security (ISDFS)10.1109/ISDFS60797.2024.10527237(1-6)Online publication date: 29-Apr-2024
https://doi.org/10.1109/ISDFS60797.2024.10527237
Shang WWang BZhu PDing LWang S(2024)A Span-based Multivariate Information-aware Embedding Network for joint relational triplet extraction of threat intelligenceKnowledge-Based Systems10.1016/j.knosys.2024.111829295:COnline publication date: 18-Jul-2024
https://dl.acm.org/doi/10.1016/j.knosys.2024.111829
Sarker IJanicke HFerrag MAbuadbba A(2024)Multi-aspect rule-based AI: Methods, taxonomy, challenges and directions towards automation, intelligence and transparent cybersecurity modeling for critical infrastructuresInternet of Things10.1016/j.iot.2024.10111025(101110)Online publication date: Apr-2024
https://doi.org/10.1016/j.iot.2024.101110
Sun RZhuang Y(2024)Construct a Network Security Vulnerability Knowledge Graph Based on HPO-BiLSTM-CRF8th International Conference on Computing, Control and Industrial Engineering (CCIE2024)10.1007/978-981-97-6937-7_39(327-335)Online publication date: 22-Sep-2024
https://doi.org/10.1007/978-981-97-6937-7_39
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents