Ontology in Information Security

The past several years we have witnessed that information has become the most precious asset, while protection and security of information is becoming an ever greater challenge due to the large amount of knowledge necessary for organizations to successfully withstand external threats and attacks. This knowledge collected from the domain of information security can be formally described by security ontologies. A large number of researchers during the last decade have dealt with this issue, and in this paper we have tried to identify, analyze and systematize the relevant papers published in scientific journals indexed in selected scientific databases, in period from 2004 to 2014. This paper gives a review of literature in the field of information security ontology and identifies a total of 52 papers systematized in three groups: general security ontologies (12 papers), specific security ontologies (32 papers) and theoretical works (8 papers). The papers were of different quality and level of detail and varied from presentations of simple conceptual ideas to sophisticated frameworks based on ontology

An Integrated System Using Open source Nethserver OS; A Case Study of Kessben University College Local Area Network

An integrated system refers to a collection of software’s on a computer system that provides services to users on a network like a Local area network. These services are used by an organization in their day to day operations. The services include Email, Web service, File sharing, DHCP, DNS, Secure shell, and several others. This research seeks to implement a suite of these applications on a single computer architecture using Kessben University College local area network as a case study. Small and large organizations can benefit from such integrated systems because of reduced operating costs and the provision of an increase in business agility. This paper also proposes and explores additional services like remote network control software using open source Guacamole which is based on HTML5 technology. The advantages of integrated systems go beyond cost. Systems and network administrators will have a single point of system to control and monitor other systems for quality of service. This design ensures an improved network access to the services by implementing strong firewall designed to control inbound and outbound

Classifying network attack scenarios using an ontology

This paper presents a methodology using network attack ontology to classify computer-based attacks. Computer network attacks differ in motivation, execution and end result. Because attacks are diverse, no standard classification exists. If an attack could be classified, it could be mitigated accordingly. A taxonomy of computer network attacks forms the basis of the ontology. Most published taxonomies present an attack from either the attacker's or defender's point of view. This taxonomy presents both views. The main taxonomy classes are: Actor, Actor Location, Aggressor, Attack Goal, Attack Mechanism, Attack Scenario, Automation Level, Effects, Motivation, Phase, Scope and Target. The "Actor" class is the entity executing the attack. The "Actor Location" class is the Actor‟s country of origin. The "Aggressor" class is the group instigating an attack. The "Attack Goal" class specifies the attacker‟s goal. The "Attack Mechanism" class defines the attack methodology. The "Automation Level" class indicates the level of human interaction. The "Effects" class describes the consequences of an attack. The "Motivation" class specifies incentives for an attack. The "Scope" class describes the size and utility of the target. The "Target" class is the physical device or entity targeted by an attack. The "Vulnerability" class describes a target vulnerability used by the attacker. The "Phase" class represents an attack model that subdivides an attack into different phases. The ontology was developed using an "Attack Scenario" class, which draws from other classes and can be used to characterize and classify computer network attacks. An "Attack Scenario" consists of phases, has a scope and is attributed to an actor and aggressor which have a goal. The "Attack Scenario" thus represents different classes of attacks. High profile computer network attacks such as Stuxnet and the Estonia attacks can now be been classified through the “Attack Scenario” class

State-of-the-Art in Security Thinking for the Internet of Things (IoT)

In this paper we propose a model for Internet of Things (IoT) practitioners and researchers on how to use security thinking in parallel with the IoT technological developments. While security is recognized as a top priority, repeatedly, IoT products have become a target by diverse security attacks. This raises the importance for an IoT security mindset that contributes to building more holistic security measures. In understanding this, we present the state-of-the-art in IoT security. This resulted in the identification of three dimensions (awareness, assessment and challenges) that are needed to develop an IoT security mindset. We then interviewed four security and IoT-related experts from three different organizations that formed the basis for our pilot study to test the model. Our results show that the identified three-dimensional model highlights continuous security thinking as a serious matter to sustain IoT development with positive outcomes for its users

Modelling trust in information systems development: existing approaches and limitations

This paper presents the current stage of our research, in respect to modelling and reasoning about trust and its related concepts during information systems development. In particular, it reviews the current state of the art with respect to modelling trust in information systems development and it concludes with the fact that there is no ontology which takes into account trust and all its related concepts. However, before discussing this matter, trust definitions and models are demonstrated, directly moving onto the current treatment of trust in information systems development and why it is important for trust and its related concepts to be modelled collectively in one methodology. It then briefly discusses the foundations for an ontology that advances the current state of the art, concluding with our future work and conclusion

iTrust: a trust-aware ontology for information systems development

This paper gives a synopsis of our present state of affairs in modelling an ontology which reflects trust related concepts collectively in information systems development. The main problem is that there is a lack of ontological and methodological support to model and reason about trust with its related concepts in one allied framework. This situation provides the foremost motivation for our research. In particular, our aim is to develop a reasoning and modelling framework that will enable information system developers to consider trust and its related concepts collectively during the development of information systems

CNA Tactics and Techniques: A Structure Proposal

[EN] Destructive and control operations are today a major threat for cyber physical systems. These operations, known as Computer Network Attack (CNA), and usually linked to state-sponsored actors, are much less analyzed than Computer Network Exploitation activities (CNE), those related to intelligence gathering. While in CNE operations the main tactics and techniques are defined and well structured, in CNA there is a lack of such consensuated approaches. This situation hinders the modeling of threat actors, which prevents an accurate definition of control to identify and to neutralize malicious activities. In this paper, we propose the first global approach for CNA operations that can be used to map real-world activities. The proposal significantly reduces the amount of effort need to identify, analyze, and neutralize advanced threat actors targeting cyber physical systems. It follows a logical structure that can be easy to expand and adapt.Villalón-Huerta, A.; Ripoll-Ripoll, I.; Marco-Gisbert, H. (2021). CNA Tactics and Techniques: A Structure Proposal. Journal of Sensor and Actuator Networks. 10(1):1-23. https://doi.org/10.3390/jsan10010014S12310

Короткий термінологічний словник «Суспільство, засноване на знаннях»

Короткий термінологічний словник охоплює низку термінів, понять і дефініцій, необхідних для розуміння теми «Суспільство, засноване на знаннях». Словник складено в межах виконання НДР «Методологія кількісного оцінювання та аналізу розвитку суспільства, заснованого на знаннях» (0114U000670), затверджено на засіданні Координаційної ради комлексної НТП «Сталий розвиток» КПІ ім. І. Сікорського (протокол № 5 від 18.10.2016 р.) та рекомендовано науковцям різного кола інтересів і студентам спеціальностей 053 «Економіка» та 122 «Комп’ютерні науки та інформаційні технології»