Building a Knowledge Base for Expert System in Information Security

Atymtayeva, Lyazzat; Kozhakhmet, Kanat T.; Bortsova, Gerda

doi:10.1007/978-3-319-05515-2_7

Cited by 19 publications

(21 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It should be noted that there are other related papers that are not directly reporting ontologies but methodological aspects of the formalization of knowledge, e.g. Atymtayeva et al (2014) proposes such a methodology. The categorization presented here provides an interpretation of the main aims and application purposes of the ontologies, however some of them may be used also for other purposes.…”

Section: Main Categoriesmentioning

confidence: 98%

“…Further, it also opens different possibilities for tasks that are not based on learning from data as done in machine learning, but on the codification of expert or technical knowledge, which is known to play an important role nowadays in information security (Fenz & Ekelhart, 2009). For example, Atymtayeva et al (2014) focuses on formalizing expert knowledge on the field, as expressed in standards or other guidance documents. This interest is a due to the fact that in this domain, a considerable part of the knowledge applied by practitioners is codified in the form of best practice guidelines or knowledge bases, some of them openly shared in communities or Web sites.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

What are Information Security Ontologies Useful for?

Sicilia

García‐Barriocanal

Higuera

et al. 2015

Communications in Computer and Information Science

View full text Add to dashboard Cite

Abstract. The engineering of ontologies in the information security domain have received some degree of attention in past years. Concretely, the use of ontologies has been proposed as a solution for a diversity of tasks related to that domain, from the modelling of cyber-attacks to easing the work of auditors or analysts. This has resulted in ontology artefacts, degrees of representation and ontological commitments of a diverse nature. In this paper, a selection of recent research in the area is categorized according to their purpose or application, highlighting their main commonalities. Then, an assessment of the current status of development in the area is provided, in an attempt to sketch a future roadmap for further research. The literature surveyed shows different levels of analysis, from the more conceptual to the more low-level, protocol-oriented, and also diverse levels of readiness for practice. Further, several of the works found use existing standardized, community-curated databases as sources for ontology population, which points out to a need to use these as a baseline for future research, adding ontology-based functionalities for those capabilities not directly supported by them.

show abstract

Section: Main Categoriesmentioning

confidence: 98%

Section: Introductionmentioning

confidence: 99%

What are Information Security Ontologies Useful for?

Sicilia

García‐Barriocanal

Higuera

et al. 2015

Communications in Computer and Information Science

View full text Add to dashboard Cite

show abstract

“…If AIS considers it appropriate to conduct a paired comparison of the informativeness of attributes of cyberattack, for example, in the situation, which requires the refinement of attributes-reasons si tl , si sd and their influence on the bond of attribute-consequence ("A-CO"), the rank scale is used [5,8,24]. A degree of influence of "A" of the attack on the indicators of OBCS IS was determined as follows:…”

Section: Fig 3 Subsystems and User Interfaces Of Dssmentioning

confidence: 99%

“…When corrected manually, an expert may change his choice, assigned at the previous step of paired estimation. A heuristic algorithm is employed during automated correction [3,5].…”

Section: Fig 3 Subsystems and User Interfaces Of Dssmentioning

confidence: 99%

See 1 more Smart Citation

Designing a decision support system for the weakly formalized problems in the provision of cybersecurity

Akhmetov

Lakhno

Boiko

et al. 2017

EEJET

View full text Add to dashboard Cite

When complex situations of the guaranteed provision of OBCP IS arise, the decision-making process should be performed under condition of active interaction with experts; in this case, such an operation proves to be rather labor consuming without computer technologies. Even the initial problem of designing the integrated systems for information protection (ISIP) can be attributed to the weakly formalized problems with incomplete information. Similar tasks include the situations, connected with the recognition of prolonged targeted cyberattacks, which are not distinguished by explicit attributes. Therefore, the subject of the study that addresses the development of models and software (SW) of DSS in the weakly structured and difficult-to-formalize tasks in the provision of OBCP IS appears relevant. Literature review and problem statementAn increase in the number of cyberattacks on MCCS in recent years has generated interest towards the development IntroductionIn connection with the growing number of complex targeted cyberattacks directed at the mission critical computer systems (MCCS), one of the vital problems of society is the information security (IS) and its component -cybersecurity (CS). When conducting targeted attacks, cybercriminals frequently are used unique harmful programs and methods of penetrating the MCCS (objects of cyberprotection -OBCP). Resisting a constant increase in the complexity of illegitimate actions on MCCS is possible, in particular, using the systems for the intelligent recognition of cyberattacks (SIRCA), equipped with the modules for decision support system (DSS). The architecture of the latter implies, as a rule, a system for intelligent data analysis (SIDA or Data Mining). SIRCA make it possible to reveal regularities in the dynamics of development of the OBCP states, combining the knowledge and experience of decision making by experts, as well as the SIDA computational potential. INFORMATION TECHNOLOGY DESIGNING A DECISION SUPPORT SYSTEM FOR THE WEAKLY FORMALIZED PROBLEMS IN THE PROVISION OF CYBERSECURITY B . A k h m e t o v Y . B o i k oAssociate Professor Department of Information Technology Security* E-mail: julia_boyko2010@ukr.net A . M i s h c h e n k oAssociate Professor Department of Information Security Protection* E-mail: partpravo@i.ua *National Aviation University Kosmonavta Komarova ave., 1, Kyiv, Ukraine, 03058Розроблено систему підтримки при-йняття рішень (СППР) в слабко форма-лізуємих завданнях забезпечення кібер-безпеки. Система базується на моделях опису завдань кіберзахисту в понятійно-му і функціональному аспектах. Описано процес формування бази знань СППР для обставин, пов'язаних з виявленням важко пояснюваних ознак аномалій та атак. Запропонована СППР дозволяє підвищи-ти розуміння ситуації, яка підлягає ана-лізу в процесі кіберзахисту комп'ютерних систем Ключові слова: система підтримки прийняття рішень, кібербезпека, слабо формалізовані завдання, інтерпретація ситуації Разработана система поддержки при-нятия решений (СППР) в слабо формали-зуемых задачах обес...

show abstract