Reference Ontology for Cybersecurity Operational Information

October 2015
Computer Journal;Oct2015, Vol. 58 Issue 10, p2297
Academic Journal
As our cyber society develops and expands, the importance of cybersecurity operations is growing in response to cybersecurity threats coming from beyond national borders. Efficient cybersecurity operations require information exchanges that go beyond organizational borders. Various industry specifications defining information schemata for such exchanges are thus emerging. These specifications, however, define their own schemata since their objectives and the types of information they deal with differ, and desirable schemata differ depending on the purposes. They need to be organized and orchestrated so that individual organizations can fully exchange information and collaborate with one another. To establish the foundations of such orchestration and facilitate information exchanges, this paper proposes a reference ontology for cybersecurity operational information. The ontology structures cybersecurity information and orchestrates industry specifications. We built it from the standpoint of cybersecurity operations in close collaboration with cybersecurity organizations including security operation centers handling actual cybersecurity operations in the USA, Japan and South Korea. This paper demonstrates its usability by discussing the coverage of industry specifications. It then defines an extensible information structure that collaborates with such specifications by using the ontology and describes a prototype cybersecurity knowledge base we constructed that facilitates cybersecurity information exchanges among various parties. Finally, it discusses the usage scenarios of the ontology and knowledge base in cybersecurity operations. Through this work, we wish to contribute to the advancement of cybersecurity information exchanges.


Related Articles

  • AhnLab Reports 2012 Mobile Security Threat Trends.  // Computer Security Update;Feb2012, Vol. 13 Issue 2, p1 

    The article reports on the major mobile security threat trends in 2011 and threat predictions for 2012 announced by integrated security solutions provider, AhnLab Inc. Mobile security threats in 2011 includes the growth of malicious codes that make direct billing, malware disguised as famous...

  • Malicious Nodes Identification for Complex Network Based on Local Views. VERNIZE, GRAZIELLE; PIRES GUEDES, ANDRÉ LUIZ; PESSOA ALBINI, LUIZ CARLOS // Computer Journal;Oct2015, Vol. 58 Issue 10, p2476 

    Several social, biological and information systems can be described through complex network models. All complex networks display common structural features, such as the small-world and scale-free properties. However, the presence of selfish and/or malicious nodes can damage the network...

  • Toward a Taxonomy of Malware Behaviors. ABED GRÉGIO, ANDRÉ RICARDO; MONTE AFONSO, VITOR; FERNANDES FILHO, DARIO SIMÕES; DE GEUS, PAULO LÍCIO; JINO, MARIO // Computer Journal;Oct2015, Vol. 58 Issue 10, p2758 

    Malicious code attacks pose a serious threat to the security of information systems, as malware evolved from innocuous conceptual software to advanced and destructive cyber weapons. However, there is still the lack of a comprehensive and useful taxonomy to classify malware according to their...

  • Data Mining Techniques for Predicting the Cyber Security Threats. SAID, HANAA. M.; HAMDY, MOHAMED; El GOHARY, RANIA; SALEM, ABDEL-BADEEH M. // International Conference on Intelligent Computing & Information ;2013, p245 

    Data Mining is the process of automatically searching large volumes of data for patterns using association rules, for evaluating security threats related to the detection of cyberattacks, moreover cybercrime, and information security. In this paper, we have focused a variety of techniques,...

  • Analysis and Estimation of Expected Cyber-Attack Scenarios and Consequences. Mugavero, Roberto; Sabato, Valentina // Journal of Information Privacy & Security;2014, Vol. 10 Issue 3, p138 

    The cyberspace is becoming one of the main elements of vulnerability in national security and has led to a critical situation because the system is always more focused on information sharing and on quick communication all over the world than security. The cyberspace is, in fact, the "easier...

  • Epidemic of Healthcare Cyberattacks Requires Action, Says WEDI. Slabodkin, Greg // Healthdatamanagement.com;6/25/2015, p1 

    The Workgroup for Electronic Data Interchange has released a "primer" addressing some of the challenges that healthcare organizations face in defending themselves against the epidemic of cyberattacks and how to counter them.


    The article reports that Ernst & Young (EY) opened its Managed Security Operations Center (SOC) to offer cybersecurity services to clients through advanced analytics. Topics cited include the aim of the company to spend over 20 million dollars to maintain the center and boost the income of its...

  • Outlook Optimistic Despite Tough Year In Cybersecurity. Knapp, Eric D. // Pipeline & Gas Journal;Aug2015, Vol. 242 Issue 8, p64 

    The article reports on advancements in awareness related to cybersecurity and optimism for countering the industrial cyberattacks by cybersecurity professionals. Topics discussed include development of industrial cybersecurity products by security firms such as Cisco Systems and Intel Security,...

  • Information Security Law and Strategy in Hungary. Tánias, SZÁDECZKY // AARMS: Academic & Applied Research in Military & Public Manageme;2015, Vol. 14 Issue 4, p281 

    Information security has an emerging importance, even in people's daily life, even in country-level policymaking, but these two are inseparable. National information security strategy, applied legal regulation and the actual awareness of citizens are interconnected. The article shows the legal...


Read the Article


Sorry, but this item is not currently available from your library.

Try another library?
Sign out of this library

Other Topics