Japan's emerging trajectory as a 'cyber-power' : from securitization to militarization

Japan has been overlooked as a ‘cyber power’ but it now becoming a serious player in this new strategic domain. Japanese policy-makers have forged a consensus to move cybersecurity to the very core of national security policy, to create more centralized frameworks for cybersecurity, and for Japan’s military institutions to build dynamic cyberdefense capabilities. Japan’s stance has moved rapidly toward the securitization and now militarization of responses to cyber challenges. Japan’s cybersecurity stance has bolstered US–Japan alliance responses to securing all dimensions of the ‘global commons’ and extended its defense perimeter to further deter but potentially raise tensions with China

Dynamic Cyber-Incident Response

Doctor of Philosophy and was awarded by Brunel University LondonCyber-Incident Response (or, as it was initially called, Computer Incident response) has traditionally followed cyclic models such as the SEI Incident Response Cycle and SANS models, which aim to detect and identify incidents, stop, contain and eradicate them. Using the knowledge gained from the incidents, these models then advocate improving the capabilities to defend against subsequent attacks of the same nature. Although some later versions of these models, including the NIST model proposed in 2012, have nested the cycles to provide a more reactive response, they are neither demonstrably empirically founded nor do they represent the interests of all stakeholders within an organisation. This research addresses cyber-incident response from a broader perspective, looking from the viewpoint of a cross-functional set of stakeholders and ensures that incident response decisions are sensitive to temporal priorities, taken from an organisation-wide perspective and provide a range of responses rather than only containing and eradicating an incident. During this research, principal component analysis and structural equation modelling were used to develop the Dynamic Cyber Incident Response Model (DCIRM) which resulted in the development of a fielded prototype tool, the Cyber Operations Support Tool (COST). COST was then subjected to both controlled experimentation and operational validation. Empirical analysis of both of these activities confirmed the utility and effectiveness of the COST and the underlying DCIRM. The COST has since been used to train military cyber operational planners. The novel areas of this research are the dynamic nature of DCIRM which takes account of the changing asset values based on the point in the business/mission cycle, the trade-off between risk to the organisation and gathering intelligence during an incident, the flexibility in response options within organisational constraints and the abstraction of the information to allow a non-cyber specialist to make an appropriate incident response decision

Conceptual Characterization of Cybersecurity Ontologies

[EN] Cybersecurity is known as the practice of protecting systems from digital attacks. Organizations are seeking efficient solutions for the management and protection of their assets. It is a complex issue, especially for great enterprises, because it requires an interdisciplinary approach. The kinds of problems enterprises must deal with and this domain complexity induces misinterpretations and misunderstandings about the concepts and relations in question. This article focus on dealing with Cybersecurity from an ontological perspective. The first contribution is a search of previously existing works that have defined Cybersecurity Ontologies. The paper describes the process to search these works. The second contribution of the paper is the definition of characteristics to classify the papers of Cybersecurity Ontologies previously found. This classification aims to compare the previous works with the same criteria. The third contribution of the paper is the analysis of the results of the comparison of previous works in the field of Cybersecurity Ontologies. Moreover, the paper discusses the gaps found and proposes good practice actions in Ontology Engineering for this domain. The article ends with some next steps proposed in the evolution towards a pragmatic and iterative solution that meets the needs of organizations.Martins, BF.; Serrano-Gil, LJ.; Reyes Román, JF.; Panach, JI.; Pastor López, O.; Rochwerger, B. (2020). Conceptual Characterization of Cybersecurity Ontologies. Springer. 323-338. https://doi.org/10.1007/978-3-030-63479-7_22S323338Baader, F., et al.: The Description Logic Handbook: Theory, Implementation and Applications. Cambridge University Press, Cambridge (2003)Ben-Asher, N., Oltramari, A., Erbacher, R.F., Gonzalez, C.: Ontology-based adaptive systems of cyber defense. In: STIDS. pp. 34–41 (2015)Bergner, S., Lechner, U.: Cybersecurity ontology for critical infrastructures. In: KEOD. pp. 80–85 (2017)Bizer, C., Heath, T., Berners-Lee, T.: Linked data:the story so far. In: Semantic Services, Interoperability and Web Applications: Emerging Concepts. pp. 205–227. IGI Global (2011)Blanco, C., Lasheras, J., Valencia-García, R., Fernández-Medina, E., Toval, A., Piattini, M.: A systematic review and comparison of security ontologies. In: 3th International Conference on Availability, Reliability and Security. pp. 813–820. IEEE (2008)Booth, H., Turner, C.: Vulnerability description ontology (vdo). A Framework for Characterizing Vulnerabilities, NIST (2016)Borgo, S., Masolo, C.: Ontological foundations of dolce. In: Poli, R., Healy, M., Kameas, A., (eds.) Theory and Applications of Ontology: Computer Applications. Springer, Dordrecht (2010) https://doi.org/10.1007/978-90-481-8847-5_13Degen, W., Heller, B., Herre, H., Smith, B.: Gol: toward an axiomatized upper-level ontology. In: Proceedings of the International Conference on Formal Ontology in Information Systems-Volume. pp. 34–46 (2001)Dietz, M., Putz, B., Pernul, G.: A distributed ledger approach to digital twin secure data sharing. In: IFIP Annual Conference on Data and Applications Security and Privacy. pp. 281–300. Springer (2019)https://doi.org/10.1007/978-3-030-22479-0_15Elnagdy, S.A., Qiu, M., Gai, K.: Cyber incident classifications using ontology-based knowledge representation for cybersecurity insurance in financial industry. In: 2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing (CSCloud). pp. 301–306. IEEE (2016)Falbo, R.D.A.: SABiO: Systematic Approach for Building Ontologies. In: Proceedings of the 1st Joint Workshop ONTO.COM/ODISE on Ontologies in Conceptual Modeling and Information Systems Engineering (2014)Fernández-López, M., Gómez-Pérez, A., Juristo, N.: Methontology: from ontological art towards ontological engineering. In: Proceedings of the Ontological Engineering AAAI-97 Spring Symposium Series. American Association for Artificial Intelligence (1997)Finkel, J.R., Grenager, T., Manning, C.: Incorporating non-local information into information extraction systems by gibbs sampling. In: Proceedings of the 43rd Annual Meeting on Association for Computational Linguistics. ACL 2005, p. 363–370. USA (2005)Giaretta, P., Guarino, N.: Ontologies and knowledge bases towards a terminological clarification. Towards very large knowledge bases: knowledge building & knowledge sharing 25, 32 (1995)Grégio, A., Bonacin, R., Nabuco, O., Afonso, V.M., De Geus, P.L., Jino, M.: Ontology for malware behavior: a core model proposal. In: 2014 IEEE 23rd International WETICE Conference. pp. 453–458. IEEE (2014)Guarino, N.: Formal ontology in information systems. In: Proceedings of the 1st International Conference. pp. 6–8. IOS Press, Trento, Italy (1998)Guarino, N.: The ontological level. Philosophy and the Cognitive Sciences (1994)Guizzardi, G.: The role of foundational ontology for conceptual modeling and domain ontology representation, keynote paper. In: 7th International Baltic Conference on Databases and Information Systems (DB&IS), Vilnius, IEEE Press (2006)Guizzardi, G.: Ontological Foundations for Structural Conceptual Models. CTIT, Centre for Telematics and Information Technology (2005)Guizzardi, G.: On ontology, ontologies, conceptualizations, modeling languages, and (meta) models. Front. Artif. Intell. Appl. 155, 18 (2007)Guizzardi, G., Ferreira Pires, L., van Sinderen, M.: An ontology-based approach for evaluating the domain appropriateness and comprehensibility appropriateness of modeling languages. In: Briand, L., Williams, C. (eds.) MODELS 2005. LNCS, vol. 3713, pp. 691–705. Springer, Heidelberg (2005). https://doi.org/10.1007/11557432_51Hadar, E., Hassanzadeh, A.: Big data analytics on cyber attack graphs for prioritizing agile security requirements. In: 2019 IEEE 27th International Requirements Engineering Conference (RE). pp. 330–339. IEEE (2019)Herre, H.: General formal ontology (gfo): a foundational ontology for conceptual modelling. In: Poli, R., Healy, M., Kameas, A. (eds) Theory and Applications of Ontology: Computer Applications. Springer, Dordrecht (2010) https://doi.org/10.1007/978-90-481-8847-5_14Horrocks, I., et al.: Daml+oil: a description logic for the semantic web. IEEE Data Eng. Bull. 25(1), 4–9 (2002)Iannacone, M., et al.: Developing an ontology for cyber security knowledge graphs. In: 10th Annual Cyber and Information Security Research Conference (2015)Jia, Y., Qi, Y., Shang, H., Jiang, R., Li, A.: A practical approach to constructing a knowledge graph for cybersecurity. Engineering 4(1), 53–60 (2018)Kang, D., Lee, J., Choi, S., Kim, K.: An ontology-based enterprise architecture. Expert Syst. Appl. 37(2), 1456–1464 (2010)Keil, J.M., Schindler, S.: Comparison and evaluation of ontologies for units of measurement. Semantic Web 10(1), 33–51 (2019)Mascardi, V., Cordì, V., Rosso, P.: A comparison of upper ontologies. In: Woa. vol. 2007, pp. 55–64 (2007)Mozzaquatro, B.A., Agostinho, C., Goncalves, D., Martins, J., Jardim-Goncalves, R.: An ontology-based cybersecurity framework for the internet of things. Sensors 18(9), 3053 (2018)Mundie, D.A., Ruefle, R., Dorofee, A.J., Perl, S.J., McCloud, J., Collins, M.: An incident management ontology. In: STIDS. pp. 62–71 (2014)Narayanan, S., Ganesan, A., Joshi, K., Oates, T., Joshi, A., Finin, T.: Cognitive techniques for early detection of cybersecurity events. arXiv preprint arXiv:1808.00116 (2018)Obrst, L., Chase, P., Markeloff, R.: Developing an ontology of the cyber security domain. In: STIDS. pp. 49–56 (2012)Oltramari, A., Cranor, L.F., Walls, R.J., McDaniel, P.: Computational ontology of network operations. In: MILCOM 2015–2015 IEEE Military Communications Conference. pp. 318–323. IEEE (2015)Oltramari, A., Cranor, L.F., Walls, R.J., McDaniel, P.D.: Building an ontology of cyber security. In: STIDS. pp. 54–61. Citeseer (2014)Oltramari, A., Henshel, D.S., Cains, M., Hoffman, B.: Towards a human factors ontology for cyber security. In: STIDS. pp. 26–33 (2015)Oltramari, A., Vetere, G., Lenzerini, M., Gangemi, A., Guarino, N.: Senso comune. In: LREC (2010)Onwubiko, C.: Cocoa: An ontology for cybersecurity operations centre analysis process. In: 2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA). pp. 1–8 (2018)Ou, X., Govindavajhala, S., Appel, A.W.: Mulval: A logic-based network security analyzer. In: USENIX security symposium. vol. 8, pp. 113–128. Baltimore (2005)Parmelee, M.C.: Toward an ontology architecture for cyber-security standards. STIDS 713, 116–123 (2010)Pipa, A.M.C.: OWL ontology quality assessment and optimization in the cybersecurity domain. Ph.D. thesis, Instituto Universitário de Lisboa (2018)Rose, S., Engel, D., Cramer, N., Cowley, W.: Automatic keyword extraction from individual documents. In: Berry, M.W., Kogan, J. (eds.) Text Mining. Applications and Theory, pp. 1–20. John Wiley and Sons, Ltd (2010)Rutkowski, A., et al.: Cybex: The cybersecurity information exchange framework (x.1500). SIGCOMM Comput. Commun. Rev. 40(5), 59–64 (2010)Sikos, L.F.: OWL ontologies in cybersecurity: conceptual modeling of cyber-knowledge. In: Sikos, L.F. (ed.) AI in Cybersecurity. ISRL, vol. 151, pp. 1–17. Springer, Cham (2019). https://doi.org/10.1007/978-3-319-98842-9_1Singhal, A., Ou, X.: Security risk analysis of enterprise networks using probabilistic attack graphs. Network Security Metrics, pp. 53–73. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66505-4_3Syed, R., Zhong, H.: Cybersecurity vulnerability management: An ontology-based conceptual model (2018)Syed, Z., Padia, A., Finin, T., Mathews, L., Joshi, A.: UCO: A unified cybersecurity ontology. In: Workshops at the Thirtieth AAAI Conference on Artificial Intelligence (2016)Takahashi, T., Kadobayashi, Y.: Reference ontology for cybersecurity operational information. Comput. J. 58(10), 2297–2312 (2015)Takahashi, T., Fujiwara, H., Kadobayashi, Y.: Building ontology of cybersecurity operational information. In: Proceedings of the Sixth Annual Workshop on Cyber Security and Information intelligence Research. pp. 1–4 (2010)Takahashi, T., Kadobayashi, Y.: Cybersecurity information exchange techniques: Cybersecurity information ontology and cybex. J. National Instit. Inf. Commun. Technol. 58(3/4), 127–135 (2011)Takahashi, T., Kadobayashi, Y., Fujiwara, H.: Ontological approach toward cybersecurity in cloud computing. In: Proceedings of the 3rd International Conference on Security of Information and Networks. pp. 100–109 (2010)Undercofer, J., Joshi, A., Finin, T., Pinkston, J., et al.: A target-centric ontology for intrusion detection. In: Workshop on Ontologies in Distributed Systems, held at The 18th International Joint Conference on Artificial Intelligence (2003)Wand, Y., Weber, R.: On the deep structure of information systems. Inf. Syst. J. 5(3), 203–223 (1995)Wang, J.Z., Ali, F.: An efficient ontology comparison tool for semantic web applications. In: The 2005 IEEE/WIC/ACM International Conference on Web Intelligence (WI 2005). pp. 372–378. IEEE (2005)Wang, J.A., Guo, M.: Ovm: an ontology for vulnerability management. In: 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies. pp. 1–4 (2009)Wieringa, R.: Design Science Methodology for Information Systems and Software Engineering. Springer, Berlin (2014)Zuanelli, E.: The cybersecurity ontology platform: the poc solution. e-AGE2017 p. 1 (2017