Ontology of Metrics for Cyber Security Assessment

Doynikova, Elena; Fedorchenko, Andrey; Kotenko, Igor

doi:10.1145/3339252.3341496

Cited by 24 publications

(11 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The ontology and the related technique were firstly introduced in the paper presented on the IWCC'2019 workshop held in conjunction with the ARES'2019 [10]. In this paper we are extending the results of this paper, including related works, specification of the approach, and the case study.…”

Section: Introductionmentioning

confidence: 77%

A Semantic Model for Security Evaluation of Information Systems

Doynikova

Fedorchenko

Kotenko

2020

JCSANDM

Self Cite

View full text Add to dashboard Cite

Modern information systems are characterized by huge security related data streams. For cyber security management in such systems, novel models and techniques for efficient processing of these data streams are required. The paper considers development and application of a semantic model for security evaluation. The proposed model is represented as the ontology of metrics that is based on the relations between sources of security related data, primary features of initial security data and goals of security evaluation. The set of hierarchically interconnected security metrics is mapped to the data features and security evaluation goals. The relations between these metrics within the proposed ontology provide the basis for security evaluation technique. The paper introduces the proposed ontology and its foundations, and briefly describes the developed technique. The analysis of data in the open sources is conducted, and the case study is provided to show applicability of the approach.

show abstract

Section: Introductionmentioning

confidence: 77%

A Semantic Model for Security Evaluation of Information Systems

Doynikova

Fedorchenko

Kotenko

2020

JCSANDM

Self Cite

View full text Add to dashboard Cite

show abstract

“…The tools used for the ontology development usually incorporate languages that help in the definition of ontologies. We observe that 24% (12 papers) of the relevant documents (Chukkapalli et al, 2020;Vega Barbas et al, 2019;Doynikova et al, 2019;Zheng et al, 2018;Petrenko and Makoveichuk, 2017;Elnagdy et al, 2016;Falk, 2016;Iannacone et al, 2015;Salem and Wacek, 2015;Laskey et al, 2015) report the use of the OWL language (Dean and Schreiber, 2003).…”

Section: Table 5 Ontology Classification By Used Toolsmentioning

confidence: 97%

“…As shown in Figure 1, the first ontology related to cybersecurity was reported in 2004 (Simmonds et al, 2004), from that year onwards, other works sporadically arise, it is from 2014 that the number of ontologies related to cybersecurity increases, for example in 2019 eleven ontologies were reported (Burita, 2019;Vega Barbas et al, 2019;Gasmi et al, 2019;Doynikova et al, 2019;Scarpato et al, 2019;Niyazova et al, 2019;Islam et al, 2019;Baesso Moreira et al, 2019;Katsantonis et al, 2019;Shaaban et al, 2019;Zamfira et al, 2019). It is worth to note that the relevant papers used in this SLR were subjected to a quality assessment.…”

Section: Executionmentioning

confidence: 99%

Cybersecurity Ontologies: A Systematic LiteratureReview

Rivadeneira¹,

Gómez

de³

2021

recibe

View full text Add to dashboard Cite

Cybersecurity is a young discipline that has gained relevance in our modern society.Thisresearchreportsthefindingsofasystematicreviewoftheliteratureonontologiesinthefieldofcybersecurity. From an initial set of 214 papers on the subject, 50 relevant papers were selected forthis SLR. With these documents we answered research questions related to the domains in whichontologies are reported, the methodologies, tools and languages used, and the verification andvalidation mechanisms reported. As results, we observed that the largest number of ontologies areclassified in the domains of infrastructure and networking, software and human factor. Regardingthe papers that report the use of a methodology for developing the ontologies (12%), Methontologyis the commonly used one. Protégé, in conjunction with the OWL language, are the preferred toolsfor ontology development. Regarding verification and validation (V&V) mechanisms, we observethat morethanhalf(62%) reporttheapplicationofV&Vmechanisms totheir ontologies.

show abstract

“…Assessing information security levels in each of its dimensions will ensure business continuity, as well as early identification of security risks and potential damage to information. The evaluation of security controls and metrics is necessary since they provide information for decision-making at the three decision levels of organizations: operational, tactical and strategic [8].…”

Section: Introductionmentioning

confidence: 99%

Analysis for the Adoption of Security Standards to Improve the Management of Securities in Public Organizations

Ronquillo¹,

Lilibeth²

2020

Machine Learning and Artificial Intelligence

View full text Add to dashboard Cite

Public organizations have the ongoing task of properly managing the security of the information they handle. The objective of this research is to analyze the security standards adopted by public organizations in Ecuador to improve their management of information security. The deductive method was applied for the review and analysis of appropriate standards for public institutions. As a result, information was obtained on the different security policies, standards and guidelines that apply, national and international public organizations. A Diagram of activities for the adoption of standards for public organizations resulted; a prototype standards-based Information Security Management Model; and an Information Security Management Matrix, from which the Risk Mitigation Percentage was calculated. It was concluded that maintaining high levels of security in public organizations requires the adoption of control standards in different areas and the collaboration of the different organizational and hierarchical levels of public organizations.

show abstract

Ontology of Metrics for Cyber Security Assessment

Cited by 24 publications

References 9 publications

A Semantic Model for Security Evaluation of Information Systems

A Semantic Model for Security Evaluation of Information Systems

Cybersecurity Ontologies: A Systematic LiteratureReview

Analysis for the Adoption of Security Standards to Improve the Management of Securities in Public Organizations

Contact Info

Product

Resources

About