Abstract
Cyber-situational awareness is crucial to applications such as network monitoring and management, vulnerability assessment, and defense. To gain improved cyber-situational awareness, analysts can benefit from automated reasoning-based frameworks. However, such frameworks would require the processing of enormous amounts of network data, which are characterized by syntactic variability. The formal representation of networking concepts, their properties, and interrelations using RDF can narrow the interoperability gaps between routing information and network semantics. Formal knowledge representation also enables automated reasoning, which facilitates network knowledge discovery by making implicit statements explicit. However, capturing and reasoning over the provenance of RDF statements, which is essential to build analysts’ trust in automated support tools, is not trivial. This paper presents a novel framework for capturing provenance-aware network knowledge to enable automated reasoning for network applications that require cyber-situational awareness.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
Routing updates using the Border Gateway Protocol (BGP) [26].
- 11.
Link State Advertisement, a communication means of the Open Shortest Path First (OSPF) routing protocol [27].
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
Vocabulary of Interlinked Datasets, https://www.w3.org/TR/void/
- 19.
If aaa rdfs:domain xxx . uuu aaa yyy . then uuu rdf:type xxx .
- 20.
If aaa rdfs:range xxx . uuu aaa vvv . then vvv rdf:type xxx .
- 21.
If T(?p, rdf:type, owl:SymmetricProperty) ⌃ T(?x, ?p, ?y) then T(?y, ?p, ?x).
References
Kott, A., Wang, C., Erbacher, R.F. (eds.): Cyber Defense and Situational Awareness. AIS, vol. 62. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11391-3
Zhong, C., Yen, J., Liu, P., Erbacher, R.F., Garneau, C., Chen, B.: Studying analysts’ data triage operations in cyber defense situational analysis. In: Liu, P., Jajodia, S., Wang, C. (eds.) Theory and Models for Cyber Situation Awareness. LNCS, vol. 10030, pp. 128–169. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61152-5_6
Sikos, L.F.: Mastering Structured Data on the Semantic Web. Apress, Berkeley (2015). https://doi.org/10.1007/978-1-4842-1049-9
Dapoigny, R., Barlatier, P.: Formal foundations for situation awareness based on dependent type theory. Inf. Fusion 14(1), 87–107 (2013). https://doi.org/10.1016/j.inffus.2012.02.006
Sikos, L.F.: Description Logics in Multimedia Reasoning. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54066-5
Ballora, M., Giacobe, N.A., McNeese, M., Hall, D.L.: Information data fusion and computer network defense. In: Onwubiko, C., Owens, T. (eds.) Situational awareness in computer network defense, pp. 141–164. IGI Global, Hershey (2012). https://doi.org/10.4018/978-1-4666-0104-8.ch009
AlEroud, A., Karabatis, G.: A framework for contextual information fusion to detect cyber-attacks. In: Alsmadi, I.M., Karabatis, G., AlEroud, A. (eds.) Information Fusion for Cyber-Security Analytics. SCI, vol. 691, pp. 17–51. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-44257-0_2
Wang, F., Hu, L., Zhou, J., Hu, J., Zhao, K.: A semantics-based approach to multi-source heterogeneous information fusion in the Internet of things. Soft. Comput. 21(8), 2005–2013 (2017). https://doi.org/10.1007/s00500-015-1899-7
Dividino, R., Sizov, S., Staab, S., Schueler, B.: Querying for provenance, trust, uncertainty and other meta knowledge in RDF. Web Semant. Sci. Serv. Agents World Wide Web 7(3), 204–219 (2009). https://doi.org/10.1016/j.websem.2009.07.004
Hoffart, J., Suchanek, F.M., Berberich, K., Weikum, G.: YAGO2: a spatially and temporally enhanced knowledge base from Wikipedia. Artif. Intell. 194, 28–61 (2013). https://doi.org/10.1016/j.artint.2012.06.001
Hartig, O., Thompson, B.: Foundations of an alternative approach to reification in RDF (2014). https://arxiv.org/abs/1406.3399
Zimmermann, A., Lopes, N., Polleres, A., Straccia, U.: A general framework for representing, reasoning and querying with annotated Semantic Web data. Web Semant. Sci. Serv. Agents World Wide Web 11, 72–95 (2012). https://doi.org/10.1016/j.websem.2011.08.006
Analyti, A., Damásio, C.V., Antoniou, G., Pachoulakis, I.: Why-provenance information for RDF, rules, and negation. Ann. Math. Artif. Intell. 70(3), 221–277 (2014). https://doi.org/10.1007/s10472-013-9396-0
Berners-Lee, T., Connolly, D., Kagal, L., Scharf, Y., Hendler, J.: N3Logic: a logical framework for the world wide web. Theory Pract. Log. Program. 8(3), 249–269 (2008). https://doi.org/10.1017/s1471068407003213
Ding, L., Finin, T., Peng, Y., Da Silva, P., McGuinness, D.: Tracking RDF graph provenance using RDF molecules. Paper presented at Fourth International Semantic Web Conference, Galway, Ireland, 6–10 November 2005
Sahoo, S.S., Bodenreider, O., Hitzler, P., Sheth, A., Thirunarayan, K.: Provenance context entity (PaCE): scalable provenance tracking for scientific RDF data. In: Gertz, M., Ludäscher, B. (eds.) SSDBM 2010. LNCS, vol. 6187, pp. 461–470. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13818-8_32
Nguyen, V., Bodenreider, O., Sheth, A.: Don’t like RDF reification? In: Chung, C.W., Broder, A., Shim, K., Shim, K. (eds.) Proceedings of the 23rd International Conference on World Wide Web. ACM, New York (2014). https://doi.org/10.1145/2566486.2567973
Carroll, J.J., Bizer, C., Hayes, P., Stickler, P.: Named graphs, provenance and trust. In: Proceedings of the 14th International Conference on World Wide Web. ACM, New York (2005). https://doi.org/10.1145/1060745.1060835
Flouris, G., Fundulaki, I., Pediaditis, P., Theoharis, Y., Christophides, V.: Coloring RDF triples to capture provenance. In: Bernstein, A., et al. (eds.) ISWC 2009. LNCS, vol. 5823, pp. 196–212. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04930-9_13
Sahoo, S.S., Sheth, A.: Provenir ontology: towards a framework for eScience provenance management. In: Microsoft eScience Workshop, Pittsburgh, PA, USA, 15–17 October 2009
Sikos, L.F. (ed.): AI in Cybersecurity. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98842-9
Martinez, A., Yannuzzi, M., López, J., Serral-Gracià, R., Ramirez, W.: Applying information extraction for abstracting and automating CLI-based configuration of network devices in heterogeneous environments. In: Laalaoui, Y., Bouguila, N. (eds.) Artificial Intelligence Applications in Information and Communication Technologies. SCI, vol. 607, pp. 167–193. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19833-0_8
ETSI: ETSI industry specification group: measurement ontology for IP traffic (MOI); requirements for IP traffic measurement ontologies development (2012)
Voigt, S., Howard, C., Philp, D., Penny, C.: Representing and reasoning about logical network topologies. In: Croitoru, M., Marquis, P., Rudolph, S., Stapleton, G. (eds.) GKR 2017. LNCS (LNAI), vol. 10775, pp. 73–83. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78102-0_4
Sikos, L.F., Stumptner, M., Mayer, W., Howard, C., Voigt, S., Philp, D.: Representing network knowledge using provenance-aware formalisms for cyber-situational awareness. Procedia Comput. Sci. (2018)
Doyle, J.: Routing TCP/IP, vol. 2, 2nd edn. Cisco Press, Indianapolis (2017)
Tadimety, P.R.: Link state advertisements. OSPF: A Network Routing Protocol, pp. 75–90. Apress, Berkeley (2015). https://doi.org/10.1007/978-1-4842-1410-7_16
ter Horst, H.J.: Completeness, decidability and complexity of entailment for RDF Schema and a semantic extension involving the OWL vocabulary. Web Semant. Sci. Serv. Agents World Wide Web 3(2–3), 79–115 (2005). https://doi.org/10.1016/j.websem.2005.06.001
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Sikos, L.F., Stumptner, M., Mayer, W., Howard, C., Voigt, S., Philp, D. (2018). Automated Reasoning over Provenance-Aware Communication Network Knowledge in Support of Cyber-Situational Awareness. In: Liu, W., Giunchiglia, F., Yang, B. (eds) Knowledge Science, Engineering and Management. KSEM 2018. Lecture Notes in Computer Science(), vol 11062. Springer, Cham. https://doi.org/10.1007/978-3-319-99247-1_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-99247-1_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99246-4
Online ISBN: 978-3-319-99247-1
eBook Packages: Computer ScienceComputer Science (R0)