{"title":"针对APT攻击的本体驱动安全需求建议","authors":"Min-Ju Kim, Sangeeta Dey, Seok-Won Lee","doi":"10.1109/REW.2019.00032","DOIUrl":null,"url":null,"abstract":"Advanced Persistent Threat (APT) is one of the cyber threats that continuously attack specific targets exfiltrate information or destroy the system [1]. Because the attackers use various tools and methods according to the target, it is difficult to describe APT attack in a single pattern. Therefore, APT attacks are difficult to defend against with general countermeasures. In these days, systems consist of various components and related stakeholders, which makes it difficult to consider all the security concerns. In this paper, we propose an ontology knowledge base and its design process to recommend security requirements based on APT attack cases and system domain knowledge. The proposed knowledge base is divided into three parts; APT ontology, general security knowledge ontology, and domain-specific knowledge ontology. Each ontology can help to understand the security concerns in their knowledge. While integrating three ontologies into the problem domain ontology, the appropriate security requirements can be derived with the security requirements recommendation process. The proposed knowledge base and process can help to derive the security requirements while considering both real attacks and systems.","PeriodicalId":166923,"journal":{"name":"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)","volume":"103 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Ontology-Driven Security Requirements Recommendation for APT Attack\",\"authors\":\"Min-Ju Kim, Sangeeta Dey, Seok-Won Lee\",\"doi\":\"10.1109/REW.2019.00032\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Advanced Persistent Threat (APT) is one of the cyber threats that continuously attack specific targets exfiltrate information or destroy the system [1]. Because the attackers use various tools and methods according to the target, it is difficult to describe APT attack in a single pattern. Therefore, APT attacks are difficult to defend against with general countermeasures. In these days, systems consist of various components and related stakeholders, which makes it difficult to consider all the security concerns. In this paper, we propose an ontology knowledge base and its design process to recommend security requirements based on APT attack cases and system domain knowledge. The proposed knowledge base is divided into three parts; APT ontology, general security knowledge ontology, and domain-specific knowledge ontology. Each ontology can help to understand the security concerns in their knowledge. While integrating three ontologies into the problem domain ontology, the appropriate security requirements can be derived with the security requirements recommendation process. The proposed knowledge base and process can help to derive the security requirements while considering both real attacks and systems.\",\"PeriodicalId\":166923,\"journal\":{\"name\":\"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)\",\"volume\":\"103 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/REW.2019.00032\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/REW.2019.00032","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Ontology-Driven Security Requirements Recommendation for APT Attack
Advanced Persistent Threat (APT) is one of the cyber threats that continuously attack specific targets exfiltrate information or destroy the system [1]. Because the attackers use various tools and methods according to the target, it is difficult to describe APT attack in a single pattern. Therefore, APT attacks are difficult to defend against with general countermeasures. In these days, systems consist of various components and related stakeholders, which makes it difficult to consider all the security concerns. In this paper, we propose an ontology knowledge base and its design process to recommend security requirements based on APT attack cases and system domain knowledge. The proposed knowledge base is divided into three parts; APT ontology, general security knowledge ontology, and domain-specific knowledge ontology. Each ontology can help to understand the security concerns in their knowledge. While integrating three ontologies into the problem domain ontology, the appropriate security requirements can be derived with the security requirements recommendation process. The proposed knowledge base and process can help to derive the security requirements while considering both real attacks and systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
