A decision support system for corporations cyber security risk management

This thesis presents a decision aiding system named C3-SEC (Contex-aware Corporative Cyber Security), developed in the context of a master program at Polytechnic Institute of Leiria, Portugal. The research dimension and the corresponding software development process that followed are presented and validated with an application scenario and case study performed at Universidad de las Fuerzas Armadas ESPE – Ecuador. C3-SEC is a decision aiding software intended to support cyber risks and cyber threats analysis of a corporative information and communications technological infrastructure. The resulting software product will help corporations Chief Information Security Officers (CISO) on cyber security risk analysis, decision-making and prevention measures for the infrastructure and information assets protection. The work is initially focused on the evaluation of the most popular and relevant tools available for risk assessment and decision making in the cyber security domain. Their properties, metrics and strategies are studied and their support for cyber security risk analysis, decision-making and prevention is assessed for the protection of organization's information assets. A contribution for cyber security experts decision support is then proposed by the means of reuse and integration of existing tools and C3-SEC software. C3-SEC extends existing tools features from the data collection and data analysis (perception) level to a full context-ware reference model. The software developed makes use of semantic level, ontology-based knowledge representation and inference supported by widely adopted standards, as well as cyber security standards (CVE, CPE, CVSS, etc.) and cyber security information data sources made available by international authorities, to share and exchange information in this domain. C3-SEC development follows a context-aware systems reference model addressing the perception, comprehension, projection and decision/action layers to create corporative scale cyber security situation awareness

Automatic knowledge exchange between ontologies and semantic graphs

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.This paper presents an innovative knowledge management approach for the validation and transfer of knowledge between semantic networks or ontologies and a target ontology represented in OWL format. This process has been designed for addressing the quality improvement of ontologies automatically created by learning techniques. The knowledge transfer process is a semi-automatic computer aided method to assist the domain expert to improve the target ontology. To validate our proposal, we have used an automatically generated target ontology. We used knowledge transfer from the well-known Babelnet semantic graph and a manually generated ontology to improve the quality of the target ontology. Finally, to show the suitability of our proposal in the ontology fixing process, we compare the improved target ontology resulting from the application of the proposed validation and knowledge transfer techniques with its original version. We developed an example of our proposal in our OntologyFixer tool which is available on a GitHub repository (https://github.com/gabyluna/OntologyFixer/tree/ontofixer_v2)