{"title":"Proactive Ontology-based Cyber Threat Intelligence Analytic","authors":"Yazid Merah, Tayeb Kenaza","doi":"10.1109/ICRAMI52622.2021.9585984","DOIUrl":null,"url":null,"abstract":"Exploiting Cyber Threat Intelligence (CTI) as a valuable, updated, and structured source of information on threats and vulnerabilities can be a strong support for providing effective cybersecurity solutions. CTIs are shared across dedicated online platforms via a machine-readable format, such as Structured Threat Information eXpression (STIX). Meanwhile, ontology-based semantic knowledge modeling has become a promising solution that provides a machine-readable language for downstream work to address cybersecurity issues. Hence, by incorporating STIX concepts we propose in this paper an ontological-based CTI analysis that provides valuable threats information according to the security alerts reported by an analyzer. To test our ontology, we developed a set of reasoning rules to infer new knowledge on cyber threats. The experimental results show that such knowledge can be inferred by applying our approach for an ongoing and effective monitoring of cyber threats.","PeriodicalId":440750,"journal":{"name":"2021 International Conference on Recent Advances in Mathematics and Informatics (ICRAMI)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Recent Advances in Mathematics and Informatics (ICRAMI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRAMI52622.2021.9585984","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Exploiting Cyber Threat Intelligence (CTI) as a valuable, updated, and structured source of information on threats and vulnerabilities can be a strong support for providing effective cybersecurity solutions. CTIs are shared across dedicated online platforms via a machine-readable format, such as Structured Threat Information eXpression (STIX). Meanwhile, ontology-based semantic knowledge modeling has become a promising solution that provides a machine-readable language for downstream work to address cybersecurity issues. Hence, by incorporating STIX concepts we propose in this paper an ontological-based CTI analysis that provides valuable threats information according to the security alerts reported by an analyzer. To test our ontology, we developed a set of reasoning rules to infer new knowledge on cyber threats. The experimental results show that such knowledge can be inferred by applying our approach for an ongoing and effective monitoring of cyber threats.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
