IEEE Transactions on Software Engineering - Special issue on computer security and privacy
A translation approach to portable ontology specifications
Knowledge Acquisition - Special issue: Current issues in knowledge modeling
Fundamentals of computer security technology
Fundamentals of computer security technology
A taxonomy of computer program security flaws
ACM Computing Surveys (CSUR)
ACM Transactions on Information and System Security (TISSEC)
Abstraction-based intrusion detection in distributed environments
ACM Transactions on Information and System Security (TISSEC)
Ontology in information security: a useful theoretical foundation and methodological tool
Proceedings of the 2001 workshop on New security paradigms
Principal Direction Divisive Partitioning
Data Mining and Knowledge Discovery
STATL: an attack language for state-based intrusion detection
Journal of Computer Security
Contemporary Application-Domain Taxonomies
IEEE Software
Analysis and Results of the 1999 DARPA Off-Line Intrusion Detection Evaluation
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Reasoning with Individuals for the Description Logic SHIQ
CADE-17 Proceedings of the 17th International Conference on Automated Deduction
A secure infrastructure for service discovery and access in pervasive computing
Mobile Networks and Applications - Security in mobile computing environments
Log Auditing through Model-Checking
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
How to Systematically Classify Computer Security Intrusions
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Data mining approaches for intrusion detection
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Low-complexity fuzzy relational clustering algorithms for Web mining
IEEE Transactions on Fuzzy Systems
Network security via reverse engineering of TCP code: vulnerability analysis and proposed solutions
IEEE Network: The Magazine of Global Internetworking
Learning accurate and concise naïve Bayes classifiers from attribute value taxonomies and data
Knowledge and Information Systems
Extracting Information about Security Vulnerabilities from Web Text
WI-IAT '11 Proceedings of the 2011 IEEE/WIC/ACM International Conferences on Web Intelligence and Intelligent Agent Technology - Volume 03
Multinomial event model based abstraction for sequence and text classification
SARA'05 Proceedings of the 6th international conference on Abstraction, Reformulation and Approximation
Learning ontology-aware classifiers
DS'05 Proceedings of the 8th international conference on Discovery Science
Hi-index | 0.00 |
We have produced an ontology specifying a model of computer attack. Our ontology is based upon an analysis of over 4000 classes of computer intrusions and their corresponding attack strategies and is categorised according to system component targeted, means of attack, consequence of attack and location of attacker. We argue that any taxonomic characteristics used to define a computer attack be limited in scope to those features that are observable and measurable at the target of the attack. We present our model as a target-centric ontology that is to be refined and expanded over time. We state the benefits of forgoing dependence upon taxonomies in favour of ontologies for the classification of computer attacks and intrusions. We have specified our ontology using the DARPA Agent Markup Language+Ontology Inference Layer and have prototyped it using DAMLJessKB. We present our model as a target-centric ontology and illustrate the benefits of utilising an ontology in lieu of a taxonomy, by presenting a use-case scenario of a distributed intrusion detection system.