2,760 research outputs found
A decision support system for corporations cyber security risk management
This thesis presents a decision aiding system named C3-SEC (Contex-aware Corporative
Cyber Security), developed in the context of a master program at Polytechnic Institute of
Leiria, Portugal. The research dimension and the corresponding software development
process that followed are presented and validated with an application scenario and case study
performed at Universidad de las Fuerzas Armadas ESPE – Ecuador.
C3-SEC is a decision aiding software intended to support cyber risks and cyber threats
analysis of a corporative information and communications technological infrastructure. The
resulting software product will help corporations Chief Information Security Officers
(CISO) on cyber security risk analysis, decision-making and prevention measures for the
infrastructure and information assets protection.
The work is initially focused on the evaluation of the most popular and relevant tools
available for risk assessment and decision making in the cyber security domain. Their
properties, metrics and strategies are studied and their support for cyber security risk
analysis, decision-making and prevention is assessed for the protection of organization's
information assets.
A contribution for cyber security experts decision support is then proposed by the means of
reuse and integration of existing tools and C3-SEC software. C3-SEC extends existing tools
features from the data collection and data analysis (perception) level to a full context-ware
reference model.
The software developed makes use of semantic level, ontology-based knowledge
representation and inference supported by widely adopted standards, as well as cyber
security standards (CVE, CPE, CVSS, etc.) and cyber security information data sources
made available by international authorities, to share and exchange information in this
domain. C3-SEC development follows a context-aware systems reference model addressing
the perception, comprehension, projection and decision/action layers to create corporative
scale cyber security situation awareness
Mapping Big Data into Knowledge Space with Cognitive Cyber-Infrastructure
Big data research has attracted great attention in science, technology,
industry and society. It is developing with the evolving scientific paradigm,
the fourth industrial revolution, and the transformational innovation of
technologies. However, its nature and fundamental challenge have not been
recognized, and its own methodology has not been formed. This paper explores
and answers the following questions: What is big data? What are the basic
methods for representing, managing and analyzing big data? What is the
relationship between big data and knowledge? Can we find a mapping from big
data into knowledge space? What kind of infrastructure is required to support
not only big data management and analysis but also knowledge discovery, sharing
and management? What is the relationship between big data and science paradigm?
What is the nature and fundamental challenge of big data computing? A
multi-dimensional perspective is presented toward a methodology of big data
computing.Comment: 59 page
Proceedings of the 4th Workshop of the MPM4CPS COST Action
Proceedings of the 4th Workshop of the
MPM4CPS COST Action with the presentations delivered during the workshop and papers with extended versions of some of them
Owl ontology quality assessment and optimization in the cybersecurity domain
The purpose of this dissertation is to assess the quality of ontologies in patterns perceived by cybersecurity context. A content analysis between ontologies indicated that there were more pronounced differences in OWL ontologies in the cybersecurity field. Results showed an increase of relevance from expressivity to variability. Additionally, no differences were found in strategies used in most of the incidents. The ontology background needs to be emphasized to understand the quality of the phenomena. In addition, ontologies are a means of representing an area of knowledge through their semantic structure. The search of information and integration of data from different origins provides a common base that guarantees the coherence of the data. This can be categorized and described in a normative way. The unification of information with the world that surrounds us allows to create synergies between entities and relationships. However, the area of cybersecurity is one of the real-world domains where knowledge is uncertain. It is therefore necessary to analyze the challenges of choosing the appropriate representation of un-structured information. Vulnerabilities are identified, but incident response is not an automatic mechanism for understanding and processing unstructured text found on the web.O objetivo desta dissertação foi avaliar a qualidade das ontologias, em padrões percebidos pelo contexto de cibersegurança. Uma análise de conteúdo entre ontologias indicou que havia diferenças mais pronunciadas por ontologias OWL no campo da cibersegurança. Os resultados mostram um aumento da relevância de expressividade para a variabilidade. Além disso, não foram encontradas diferenças em estratégias utilizadas na maioria dos incidentes. O conhecimento das ontologias precisa de ser enfatizado para se entender os fenómenos de qualidade. Além disso, as ontologias são um meio de representar uma área de conhecimento através da sua estrutura semântica e facilita a pesquisa de informações e a integração de dados de diferentes origens, pois fornecem uma base comum que garante a coerência dos dados, categorizados e descritos, de forma normativa. A unificação da informação com o mundo que nos rodeia permite criar sinergias entre entidades e relacionamentos. No entanto, a área de cibersegurança é um dos domínios do mundo real em que o conhecimento é incerto e é fundamental analisar os desafios de escolher a representação apropriada de informações não estruturadas. As vulnerabilidades são identificadas, mas a resposta a incidentes não é um mecanismo automático para se entender e processar textos não estruturados encontrados na web
Using Semantic Web Services for AI-Based Research in Industry 4.0
The transition to Industry 4.0 requires smart manufacturing systems that are
easily configurable and provide a high level of flexibility during
manufacturing in order to achieve mass customization or to support cloud
manufacturing. To realize this, Cyber-Physical Systems (CPSs) combined with
Artificial Intelligence (AI) methods find their way into manufacturing shop
floors. For using AI methods in the context of Industry 4.0, semantic web
services are indispensable to provide a reasonable abstraction of the
underlying manufacturing capabilities. In this paper, we present semantic web
services for AI-based research in Industry 4.0. Therefore, we developed more
than 300 semantic web services for a physical simulation factory based on Web
Ontology Language for Web Services (OWL-S) and Web Service Modeling Ontology
(WSMO) and linked them to an already existing domain ontology for intelligent
manufacturing control. Suitable for the requirements of CPS environments, our
pre- and postconditions are verified in near real-time by invoking other
semantic web services in contrast to complex reasoning within the knowledge
base. Finally, we evaluate our implementation by executing a cyber-physical
workflow composed of semantic web services using a workflow management system.Comment: Submitted to ISWC 202
Ontology in Information Security
The past several years we have witnessed that information has become the most precious asset, while protection and security of information is becoming an ever greater challenge due to the large amount of knowledge necessary for organizations to successfully withstand external threats and attacks. This knowledge collected from the domain of information security can be formally described by security ontologies. A large number of researchers during the last decade have dealt with this issue, and in this paper we have tried to identify, analyze and systematize the relevant papers published in scientific journals indexed in selected scientific databases, in period from 2004 to 2014. This paper gives a review of literature in the field of information security ontology and identifies a total of 52 papers systematized in three groups: general security ontologies (12 papers), specific security ontologies (32 papers) and theoretical works (8 papers). The papers were of different quality and level of detail and varied from presentations of simple conceptual ideas to sophisticated frameworks based on ontology
Cyber-Physical Systems: a multi-criteria assessment for Internet-of-Things (IoT) systems
This research work was partially supported by funds provided by the European Commission in the scope of FoF/H2020-636909 C2NET, FoF/H2020-723710 vf-OS and ICT/H2020-825631 ZDMP.This article addresses a multi-criteria decision problem regarding the more suitable device (system) to perform a task for cyber-physical systems. New embedded systems provided everyday makes engineers’ decision very difficult. Components are proposed to formally describe solutions, criteria, constraints and priorities, taking into account users’ specific aspects. To materialise all formal descriptions, a model-driven approach is followed, allowing the design of enablers for interoperability with standards. It is enabled the use of different software languages and decision methods. Proposed framework enables a better Internet-of-Things system selection, and therefore stakeholders can perform a more suitable design of their cyber-physical enterprise systems.authorsversioninpres
Definition and Verification of Security Configurations of Cyber-Physical Systems
The proliferation of Cyber-Physical Systems (CPSs) is rais ing serious security challenges. These are complex systems, integrating
physical elements into automated networked systems, often containing a
variety of devices, such as sensors and actuators, and requiring complex
management and data storage. This makes the construction of secure
CPSs a challenge, requiring not only an adequate specification of secu rity requirements and needs related to the business domain but also
an adaptation and concretion of these requirements to define a security
configuration of the CPS where all its components are related. Derived
from the complexity of the CPS, their configurations can be incorrect
according to the requirements, and must be verified. In this paper, we
propose a grammar for specifying business domain security requirements
based on the CPS components. This will allow the definition of security
requirements that, through a defined security feature model, will result
in a configuration of services and security properties of the CPS, whose
correctness can be verified. For this last stage, we have created a cata logue of feature models supported by a tool that allows the automatic
verification of security configurations. To illustrate the results, the pro posal has been applied to automated verification of requirements in a
hydroponic system scenario.Ministerio de Ciencia y Tecnología RTI2018-094283-B-C33 (ECLIPSE)Junta de Andalucía METAMORFOSIS (US-1381375)Junta de Castilla.La Mancha SBPLY-17-180501-000202 (GENESIS
Ontology-Based Data Integration in Multi-Disciplinary Engineering Environments: A Review
Today's industrial production plants are complex mechatronic systems. In the course of the production plant lifecycle, engineers from a variety of disciplines (e.g., mechanics, electronics, automation) need to collaborate in multi-disciplinary settings that are characterized by heterogeneity in terminology, methods, and tools. This collaboration yields a variety of engineering artifacts that need to be linked and integrated, which on the technical level is reflected in the need to integrate heterogeneous data. Semantic Web technologies, in particular ontologybased data integration (OBDI), are promising to tackle this challenge that has attracted strong interest from the engineering research community. This interest has resulted in a growing body of literature that is dispersed across the Semantic Web and Automation System Engineering research communities and has not been systematically reviewed so far. We address this gap with a survey reflecting on OBDI applications in the context of Multi-Disciplinary Engineering Environment (MDEE). To this end, we analyze and compare 23 OBDI applications from both the Semantic Web and the Automation System Engineering research communities. Based on this analysis, we (i) categorize OBDI variants used in MDEE, (ii) identify key problem context characteristics, (iii) compare strengths and limitations of OBDI variants as a function of problem context, and (iv) provide recommendation guidelines for the selection of OBDI variants and technologies for OBDI in MDEE
- …