An Ontology for Network Security Attacks
We first consider network security services and then review threats, vulnerabilities and failure modes. This review is based on standard texts, using well-known concepts, categorizations, and methods, e.g. risk analysis using asset-based threat profiles and vulnerability profiles (attributes). The review is used to construct a framework which is then used to define an extensible ontology for network security attacks. We present a conceptualization of this ontology in figure 1.
Keywordsnetwork cyber security ontology attack threat vulnerability failure
Unable to display preview. Download preview PDF.
- Alberts, C., Dorofee, A.: OCTAVE Threat Profiles. Carnegie Mellon Software Engineering Institute, Pittsburgh, PA 15213, USA., Available from http://www.cert.org/archive/pdf/OCTAVEthreatProfiles.pdf [accessed April 12, 2004]
- Krsul, A., Spafford: A Taxonomy of Security Faults. Purdue University COAST Lab (1996), Available from: http://www.cerias.purdue.edu/about/history/coast/coast-library.html [accessed March 28, 2004]
- Cates, S.: The Art of Hacking. TRIPWIRE Security Industry Seminar, July 28th (2003), Available from: http://www.tripwire.com/events/archived_webcasts/ [accessed March 28, 2004]
- DAML, list of ontologies from, http://www.daml.org/ontologies/keyword.html [accessed August 19, 2004]
- Denker, G., et al.: Security for DAML Web Services: Annotation and Matchmaking. In: Proceedings, Second International Semantic Web Conference (September 2003)Google Scholar
- Kagal, L., et al.:Authorization and Privacy for Semantic Web Services. In: Proceedings, First International Semantic Web Services Symposium, AAAI 2004 Spring Symposium (March 2004)Google Scholar
- Knight, E.: Computer Vulnerabilities (2000), Available e.g. from: http://www.fi.upm.es/~flimon/compvuln_draft.pdf [accessed March 28, 2004]
- McGuiness, D.: Knowledge Systems Laboratory, Stanford University, Ontologies come of age. In: Fensel, et al. (eds.) Spinning the Semantic Web: Bringing the World Wide Web to Its Full Potential, MIT Press, Cambridge (2002), Available from http://www.ksl.stanford.edu/people/dlm/papers/ontologis-come-of-age-mit-press-withcitation.htm [accessed June 6, 2004]
- Schneier, B.: Interviewed for the Atlantic Monthly by Mann, Charles, Homeland Insecurity (September 2002), Available from http://www.theatlantic.com/issues/2002/09/mann.htm [accessed April 12, 2004]
- Stallings, W.: Network Security Essentials: Applications and Standards. Prentice-Hall Inc., New Jersey (2000)Google Scholar
- Tzu, S.: (400 – 320 BC ) On the Art of War. Translated by Lionel Giles (1910), Available from: http://www.kimsoft.com/polwar.htm [accessed March 28, 2004]
- Wilson, B.: The OCTAVE Methodology for Self-Directed Risk Assessment. Carnegie Mellon Software Engineering Institute, Pittsburgh, PA 15213, USA. (2002), Available from http://www.fedcirc.gov/library/presentations/octave.pdf [accessed April 12, 2004]