Skip to main content
Book cover

IFIP International Conference on Artificial Intelligence Applications and Innovations

AIAI 2021: Artificial Intelligence Applications and Innovations pp 518–530Cite as

Cyber Supply Chain Threat Analysis and Prediction Using Machine Learning and Ontology

Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT,volume 627)

Abstract

Cyber Supply Chain (CSC) security requires a secure integrated network among the sub-systems of the inbound and outbound chains. Adversaries are deploying various penetration and manipulation attacks on an CSC integrated network’s node. The different levels of integrations and inherent system complexities pose potential vulnerabilities and attacks that may cascade to other parts of the supply chain system. Thus, it has become imperative to implement systematic threats analyses and predication within the CSC domain to improve the overall security posture. This paper presents a unique approach that advances the current state of the art on CSC threat analysis and prediction by combining work from three areas: Cyber Threat Intelligence (CTI), Ontologies, and Machine Learning (ML). The outcome of our work shows that the conceptualization of cybersecurity using ontological theory provides clear mechanisms for understanding the correlation between the CSC security domain and enables the mapping of the ML prediction with 80% accuracy of potential cyberattacks and possible countermeasures.

Keywords

  • Cyber security
  • Ontology
  • Cyber supply chain
  • Machine learning
  • Threat prediction
  • Cyber threat intelligence

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-79150-6_41
  • Chapter length: 13 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   169.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-79150-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   219.99
Price excludes VAT (USA)
Hardcover Book
USD   219.99
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.

References

  1. Woods, B., Bochman, A.: Supply Chain in the Software Era. Atlantic Council, Washington, DC (2018). https://doi.org/10.1109/5254.920602

  2. Yeboah-Ofori, A., Islam, S.: Cyber security threat modeling for supply chain organizational environments. Future Internet 11, 63 (2019). https://doi.org/10.3390/611030063

    CrossRef  Google Scholar 

  3. Department for Business Innovation and Skill. Information Security Breaches Survey. Technical report. PWC and InfoSecurity (2013)

    Google Scholar 

  4. Mozzaquatro, B.A., Agostinho, C., Goncalves, D., Martins, J., Jardim-Goncalves, R.: An ontology-based cybersecurity framework for the Internet of Things. MDPI. Sens. 18, 3053 (2018). https://doi.org/10.3390/s18093053

    CrossRef  Google Scholar 

  5. Microsoft malware prediction. Research prediction. Kaggle dataset (2019). https://www.kaggle.com/c/microsoft-malware-prediction/data. Accessed 28 Jan 2021

  6. Maedche, A., Staab, S.: Ontology learning for the semantic web. IEEE Intell. Syst. 16, 72–79 (2001)

    Google Scholar 

  7. CERT-UK.: Cyber-security risks in the supply chain. TLP Whitepaper (2020)

    Google Scholar 

  8. US-Cert. Building security in software & supply chain assurance. https://www.us-cert.gov/bsi/articles/knowledge/attack-patterns. Accessed 24 Nov 2020

  9. ENISA. Exploring the opportunities and limitations of current threat intelligence platforms Version 1 (2017)

    Google Scholar 

  10. Porkorny, Z.: What Are the Phases of The Threat Intelligence Lifecycle? The Threat Intelligence Handbook (2018)

    Google Scholar 

  11. Freidman, J., Bouchard. M.: Cyber threat intelligence guide: using knowledge about adversary to win the war against targeted attacks. iSightPartners (2018)

    Google Scholar 

  12. Miller, J. F.: Supply chain attack framework and attack pattern. Mitre (2013)

    Google Scholar 

  13. Boyens. J.: Integrating Cybersecurity into Supply Chain Risk Management. RSA. Moscone Center, San Francisco (2016)

    Google Scholar 

  14. Arbanas, K., Cubrilo, M.: Ontology in formation security. JIOS 39(2), 107–136 (2015)

    Google Scholar 

  15. Gao, J., Zhang, B., Chen, X., Luo, Z.: Ontology-based model of network and computer attacks for security assessment. 18(5), 554–562 (2013). https://doi.org/10.1007/s12204-013-1439-5

  16. Gyrard, A., Bonnet, C., Boudaoud, K.: The STAC (Security Toolbox: Attacks & Countermeasures) Ontology. Conference, pp. 165–166, Rio de Janeiro, Brazil (2013)

    Google Scholar 

  17. Villano. E.G.V.: Classification of Logs Using Machine Learning. Norwegian University of Science and Technology (2018)

    Google Scholar 

  18. Boschetti, A., Massaron. L: Python Data Science Essentials. 2nd edn. (2016). ISBN 978-1-78646-213-8

    Google Scholar 

  19. Mohasseb, B., Aziz, J.J., Lee, J.: predicting cyber security incidents using machine learning algorithms: a case study of Korean SMEs. University of Portsmouth (2019)

    Google Scholar 

  20. Martimiano, L.A.F., Moreira, E.S.: An OWL-based security incident ontology Protégé. Conference, pp. 1–4, Madrid, Spain. (2005). Semantic Scholar

    Google Scholar 

Download references

Acknowledgments

This research has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 952690. The results of this paper reflect only the author’s view and the Commission is not responsible for any use that may be made of the information it contains.

Author information

Authors and Affiliations

  1. School of Computer Science, The University of West London, Ealing, W5 5RF, London, UK

    Abel Yeboah-Ofori, Umar Ismai & Shareeful Islam

  2. Centre for Secure, Intelligent and Usable Systems, University of Brighton, Brighton, UK

    Haralambos Mouratidis

  3. Department of Computer and System Science, University of Stockholm, Stockholm, Sweden

    Haralambos Mouratidis

  4. Department of Informatics, University of Piraeus, Piraeus, Greece

    Spyridon Papastergiou

Authors
  1. Abel Yeboah-Ofori
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Haralambos Mouratidis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Umar Ismai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shareeful Islam
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Spyridon Papastergiou
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abel Yeboah-Ofori .

Editor information

Editors and Affiliations

  1. University of Piraeus, Piraeus, Greece

    Ilias Maglogiannis

  2. University of Sunderland, Sunderland, UK

    Prof. John Macintyre

  3. Democritus University of Thrace, Xanthi, Greece

    Prof. Lazaros Iliadis

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 IFIP International Federation for Information Processing

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Yeboah-Ofori, A., Mouratidis, H., Ismai, U., Islam, S., Papastergiou, S. (2021). Cyber Supply Chain Threat Analysis and Prediction Using Machine Learning and Ontology. In: Maglogiannis, I., Macintyre, J., Iliadis, L. (eds) Artificial Intelligence Applications and Innovations. AIAI 2021. IFIP Advances in Information and Communication Technology, vol 627. Springer, Cham. https://doi.org/10.1007/978-3-030-79150-6_41

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-79150-6_41

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-79149-0

  • Online ISBN: 978-3-030-79150-6

  • eBook Packages: Computer ScienceComputer Science (R0)