Toward principles for the design of ontologies used for knowledge sharing
International Journal of Human-Computer Studies - Special issue: the role of formal ontology in the information technology
The description logic handbook: theory, implementation, and applications
The description logic handbook: theory, implementation, and applications
Security Ontologies: Improving Quantitative Risk Analysis
HICSS '07 Proceedings of the 40th Annual Hawaii International Conference on System Sciences
Integration of an Ontological Information Security Concept in Risk Aware Business Process Management
HICSS '08 Proceedings of the Proceedings of the 41st Annual Hawaii International Conference on System Sciences
Fortification of IT Security by Automatic Security Advisory Processing
AINA '08 Proceedings of the 22nd International Conference on Advanced Information Networking and Applications
Temporal metrics for software vulnerabilities
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
Research on software design level security vulnerabilities
ACM SIGSOFT Software Engineering Notes
Detecting recurring and similar software vulnerabilities
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
Ontological approach toward cybersecurity in cloud computing
Proceedings of the 3rd international conference on Security of information and networks
Measuring and ranking attacks based on vulnerability analysis
Information Systems and e-Business Management
Collaborative remediation of configuration vulnerabilities in autonomic networks and systems
Proceedings of the 8th International Conference on Network and Service Management
| Hi-index | 0.00 |
In order to reach the goals of the Information Security Automation Program (ISAP) [1], we propose an ontological approach to capturing and utilizing the fundamental concepts in information security and their relationship, retrieving vulnerability data and reasoning about the cause and impact of vulnerabilities. Our ontology for vulnerability management (OVM) has been populated with all vulnerabilities in NVD [2] with additional inference rules, knowledge representation, and data-mining mechanisms. With the seamless integration of common vulnerabilities and their related concepts such as attacks and countermeasures, OVM provides a promising pathway to making ISAP successful.