Cyber Threat Ontology and Adversarial Machine Learning Attacks: Analysis and Prediction Perturbance

Yeboah-Ofori, Abel; Ismail, Umar Mukhtar; Swidurski, Tymoteusz; Opoku-Boateng, Francisca Afua

doi:10.1109/iccma53594.2021.00020

Cited by 3 publications

(1 citation statement)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cyber threat ontology (CTO) from a security perspective describes organizational security concepts, properties relationships, and interdependencies in a formal and structured approach for analysis and intelligence gatherings [24]. The goal of CTO considers the extraction of relevant attack instances and threat information from data to ensure consistency and accuracy in the cybersecurity concepts for knowledge reuse in the threat intelligence domain [24]. The work of Ulicny et al [25] is considered among the first in this field and has taken an important step forward.…”

Section: Threat Ontology Constructionmentioning

confidence: 99%

Multiontology Construction and Application of Threat Model Based on Adversarial Attack and Defense Under ISO/IEC 27032

Cheng

Chen

et al. 2022

IEEE Access

View full text Add to dashboard Cite

Research pertaining to threat modeling is significant. However, the existing threat modeling methods suffer from ambiguity, heterogeneity and incompleteness; furthermore, the threat models at different abstraction levels are separated from each other, and the model elements are fragmented. In the knowledge engineering community, an ontology is an explicit specification of a conceptualization. Introducing the ontology method into the study of threat models is an effective way to solve the above problems. This paper creates a multiontology framework for the threat model of information systems (IS) based on domain knowledge (attack and defense knowledge), engineering experience, and industry standards (ISO/IEC 27032). The multiontology framework includes a generalized ontology (GO), a domain ontology (DO), and an application ontology (AO). This paper builds the ontology of each layer and ultimately presents case studies. The results show that the multiontology threat model based on adversarial attack and defense effectively solves the above problems of the existing threat modeling methods. In addition, systematic threat modeling using the multiontology method can be used not only for attack pathbased threat analysis but also for adversarial attack and defense-based threat analysis. This method can help detect security issues and effectively guide security personnel.

show abstract

Section: Threat Ontology Constructionmentioning

confidence: 99%

Multiontology Construction and Application of Threat Model Based on Adversarial Attack and Defense Under ISO/IEC 27032

Cheng

Chen

et al. 2022

IEEE Access

View full text Add to dashboard Cite

show abstract

Knowledge Graphs and Semantic Web Tools in Cyber Threat Intelligence: A Systematic Literature Review

Bratsas,

Anastasiadis,

Angelidis

et al. 2024

JCP

View full text Add to dashboard Cite

The amount of data related to cyber threats and cyber attack incidents is rapidly increasing. The extracted information can provide security analysts with useful Cyber Threat Intelligence (CTI) to enhance their decision-making. However, because the data sources are heterogeneous, there is a lack of common representation of information, rendering the analysis of CTI complicated. With this work, we aim to review ongoing research on the use of semantic web tools such as ontologies and Knowledge Graphs (KGs) within the CTI domain. Ontologies and KGs can effectively represent information in a common and structured schema, enhancing interoperability among the Security Operation Centers (SOCs) and the stakeholders on the field of cybersecurity. When fused with Machine Learning (ML) and Deep Learning (DL) algorithms, the constructed ontologies and KGs can be augmented with new information and advanced inference capabilities, facilitating the discovery of previously unknown CTI. This systematic review highlights the advancements of this field over the past and ongoing decade and provides future research directions.

show abstract

A Robust Machine Learning Model for Cyber Incident Classification and Prioritization

Dwarampudi,

Yogi

2024

JTCSST

View full text Add to dashboard Cite

Cyber incident classification and prioritization are crucial tasks in cybersecurity, enabling rapid response and resource allocation to mitigate potential threats effectively. This study presents a robust machine learning model designed for accurate classification and prioritization of cyber incidents, aiming to enhance cyber defense mechanisms. The proposed model integrates diverse machine learning algorithms, including Random Forest, Support Vector Machines, and Gradient Boosting, leveraging their complementary strengths to improve predictive performance and robustness. Extensive experimentation on real-world cyber threat datasets demonstrates the efficacy of the model, achieving high accuracy and reliability in identifying and prioritizing diverse types of cyber incidents. The model's performance is assessed using standard evaluation metrics such as accuracy, precision, recall, and F1-score, highlighting its ability to effectively distinguish between different classes of cyber threats and prioritize incidents based on their severity and potential impact on organizational assets. It was found that the model's interpretability is enhanced through feature importance analysis, providing insights into the key factors influencing cyber incident classification and prioritization decisions. The proposed machine learning model offers a promising approach to bolstering cyber defense capabilities, enabling organizations to proactively respond to cyber threats and safeguard their digital assets.

show abstract

Cyber Threat Ontology and Adversarial Machine Learning Attacks: Analysis and Prediction Perturbance

Cited by 3 publications

References 19 publications

Multiontology Construction and Application of Threat Model Based on Adversarial Attack and Defense Under ISO/IEC 27032

Multiontology Construction and Application of Threat Model Based on Adversarial Attack and Defense Under ISO/IEC 27032

Knowledge Graphs and Semantic Web Tools in Cyber Threat Intelligence: A Systematic Literature Review

A Robust Machine Learning Model for Cyber Incident Classification and Prioritization

Contact Info

Product

Resources

About