An Ontology for Network Security Attacks

@inproceedings{Simmonds2004AnOF,
  title={An Ontology for Network Security Attacks},
  author={Andrew James Simmonds and Peter Sandilands and Louis van Ekert},
  booktitle={AACC},
  year={2004}
}
We first consider network security services and then review threats, vulnerabilities and failure modes. This review is based on standard texts, using well-known concepts, categorizations, and methods, e.g. risk analysis using asset-based threat profiles and vulnerability profiles (attributes). The review is used to construct a framework which is then used to define an extensible ontology for network security attacks. We present a conceptualization of this ontology in figure 1. 
Ontology-based model of network and computer attacks for security assessment
TLDR
An ontology-based attack model is provided, and the utilization of ontology in the security assessment and the method for evaluating attack effect on the system when it is under attack are described. Expand
Ontologies for Network Security and Future Challenges
TLDR
A review and analysis of the principal issues, challenges, and the extent of progress related to distinct ontologies for network security identified identifies the need to develop new ontologies that relate to distinct aspects of network security, thereby facilitating management tasks. Expand
A First Step Towards an ISO-Based Information Security Domain Ontology
TLDR
A modeling approach to the definition of a SIEM is introduced that leverages a double-layered ontology: it is composed of a highlevel ontology, used to model complex relations among domains, and of a low-level, domain-specific ontology aimed at modeling the ISO 27000 family of standards. Expand
Towards an Ontology-based Risk Assessment in Collaborative Environment Using the SemanticLIFE
TLDR
The ontology-based risk assessment in the context of the organizational security, a fundamental issue for planners and decision makers in the IT field, is explored using SemanticLIFE tool. Expand
Ontology-based Intelligent Network-Forensics Investigation
TLDR
The proposed ontology is the first cyber forensics to integrate both network forensics domain knowledge and problem solving knowledge and can be used as a knowledge-base for developing sophisticated intelligent networkForensics systems to support complex chain of reasoning. Expand
Domain Ontology to Distinguish Different Types of Rootkits
TLDR
An ontology for rootkits is presented which contains many concepts relating to security, cyber-attacks and operating systems and can be used to distinguish different types ofrootkits. Expand
Vulnerability Assessment In Cloud Computing
As vulnerabilities keep increasing exponentially every year, the need to efficiently classify, manage, and analyse them also increases. Many of the previous attempts at managing vulnerabilities haveExpand
Towards an Ontology-based Organizational Risk Assessment in Collaborative Environments Using the SemanticLIFE
The rise in interconnectivity in the last few years has made computer systems and networks more vulnerable to threats as they are accessed by an ever increasing number of users. NowadaysExpand
Network Security: Attacks, Tools and Techniques
Network security is main issue of this generation of computing because many types of attacks are increasing day by day. Establishing a network is not a big issue for network administrators butExpand
Network Security: Attacks, Tools and Techniques
TLDR
This paper mainly emphasizes on the network security and presents some major issues that can affect the entire network in the coming years. Expand
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 12 REFERENCES
A Policy Based Approach to Security for the Semantic Web
TLDR
This research investigates the marking up of web entities with a semantic policy language and the use of distributed policy management as an alternative to traditional authentication and access control schemes. Expand
Security for DAML Web Services: Annotation and Matchmaking
TLDR
This paper proposes several security-related ontologies that are designed to represent well-known security concepts that are used to describe the security requirements and capabilities of web services providers and requesting agents. Expand
Authorization and privacy for semantic Web services
TLDR
In this work, ontologies are proposed for modeling the high-level security requirements and capabilities of Web services and clients and helps to match a client's request with appropriate services-those based on security criteria as well as functional descriptions. Expand
Use of A Taxonomy of Security Faults
TLDR
The design and implementation details of a prototype database to store vulnerability information collected from di erent sources are presented and the data is organized according to fault categories. Expand
Network Security Essentials: Applications and Standards
TLDR
This book is intended as a one-semester undergraduate course on network security for computer science, computer engineering, and electrical engineering majors, and serves as a basic reference volume and is suitable for self-study. Expand
The Semantic Web - ISWC 2003
TLDR
This work ran into a number of problems concerning alternative interpretations of the SN notation and the inability to express some of the interpretations in OWL, and details a list of issues to consider when describing formally concepts in any ontology, and a collection of criteria for evaluating alternative representations. Expand
Homeland Insecurity. Available from http://www.theatlantic.com/issues
  • Homeland Insecurity. Available from http://www.theatlantic.com/issues
  • 2002
Knowledge Systems Laboratory, Stanford University, Ontologies
  • 2002
The OCTAVE Methodology for Self-Directed Risk Assessment
  • 2002
The OCTAVE Methodology for Self-Directed Risk Assessment. Carnegie Mellon Software Engineering Institute Available from http://www.fedcirc.gov/library/presentations/octave.pdf [accessed 12 th
  • The OCTAVE Methodology for Self-Directed Risk Assessment. Carnegie Mellon Software Engineering Institute Available from http://www.fedcirc.gov/library/presentations/octave.pdf [accessed 12 th
  • 2002
...
1
2
...