ResearchSpace

Description of a network attack ontology presented formally

Show simple item record

dc.contributor.author Van Heerden, Renier P
dc.contributor.author Leenen, L
dc.contributor.author Irwin, B
dc.contributor.editor Misra, S
dc.contributor.editor Tyagi, AK
dc.date.accessioned 2022-01-10T09:26:49Z
dc.date.available 2022-01-10T09:26:49Z
dc.date.issued 2021-06
dc.identifier.citation Van Heerden, R.P., Leenen, L. & Irwin, B. 2021. Description of a network attack ontology presented formally. In <i>Artificial Intelligence for Cyber Security: Methods, Issues and Possible Horizons or Opportunities</i>. S. Misra & A. Tyagi, Eds. S.l.: Springer. http://hdl.handle.net/10204/12210 . en_ZA
dc.identifier.isbn 978-3-030-72235-7
dc.identifier.isbn 978-3-030-72236-4
dc.identifier.uri https://doi.org/10.1007/978-3-030-72236-4_14
dc.identifier.uri http://hdl.handle.net/10204/12210
dc.description.abstract The identification of network attacks in real-time is becoming increasingly important. Most Artificial Intelligence (AI) applications use machine learning to do the classification of attack types but the advantage of an ontological approach is that automated reasoning is the underpinning theory rather than automated learning. Automated reasoners allow automated classification and this powerful feature is the basis for the developing of an early warning system for active network attacks. In this paper, the authors describe how to employ Semantic Technologies by building an ontology to identify network attack types in order to support the automated classification of current network attacks by recognising relevant properties which are then mapped to relevant attack scenarios depicted in the ontology. The ontology engineering guidelines provided by Noy and McGuinness (2001) were used to build the ontology. The classes and relationships of the ontology are described formally and implemented in Protégé, an ontology editor. A core class in the ontology is the Attack Scenario class that represents different types of network attacks, for example, a Denial of Service attack. The ontology is evaluated by showing two examples of real attacks that correctly classified by the presented ontology. The presented ontology is to be expanded in future work. The aim of this paper is not to present a complete network attack ontology, but rather to present a proof of the concept of how to formally describe such an ontology, with the view to providing a baseline for future development of details. Row examples are explored to demonstrate how specific instances of attacks are classified using the ontology. en_US
dc.format Fulltext en_US
dc.language.iso en en_US
dc.publisher Springer en_US
dc.relation.uri https://link.springer.com/chapter/10.1007%2F978-3-030-72236-4_14 en_US
dc.source Artificial Intelligence for Cyber Security: Methods, Issues and Possible Horizons or Opportunities en_US
dc.subject Distributed Denial-of-Service en_US
dc.subject DDoS en_US
dc.subject Network attack ontology en_US
dc.subject SCO attack en_US
dc.subject Taxonomy en_US
dc.title Description of a network attack ontology presented formally en_US
dc.type Book Chapter en_US
dc.description.pages 343-368 en_US
dc.description.placeofpublication Cham, Switzerland en_US
dc.description.note © The Author(s), under exclusive license to Springer Nature Switzerland AG 2021 This is the preprint version of the work. en_US
dc.description.cluster National Integrated Cyber InfraStructure en_US
dc.description.impactarea SANReN en_US
dc.identifier.apacitation Van Heerden, R. P., Leenen, L., & Irwin, B. (2021). Description of a network attack ontology presented formally. In S. Misra & A. Tyagi. (Eds.), <i>Artificial Intelligence for Cyber Security: Methods, Issues and Possible Horizons or Opportunities</i> Springer. http://hdl.handle.net/10204/12210 en_ZA
dc.identifier.chicagocitation Van Heerden, Renier P, L Leenen, and B Irwin. "Description of a network attack ontology presented formally" In <i>ARTIFICIAL INTELLIGENCE FOR CYBER SECURITY: METHODS, ISSUES AND POSSIBLE HORIZONS OR OPPORTUNITIES</i>, edited by S Misra. n.p.: Springer. 2021. http://hdl.handle.net/10204/12210. en_ZA
dc.identifier.vancouvercitation Van Heerden RP, Leenen L, Irwin B. Description of a network attack ontology presented formally. In Misra S, Tyagi A, editors.. Artificial Intelligence for Cyber Security: Methods, Issues and Possible Horizons or Opportunities. [place unknown]: Springer; 2021. [cited yyyy month dd]. http://hdl.handle.net/10204/12210. en_ZA
dc.identifier.ris TY - Book Chapter AU - Van Heerden, Renier P AU - Leenen, L AU - Irwin, B AB - The identification of network attacks in real-time is becoming increasingly important. Most Artificial Intelligence (AI) applications use machine learning to do the classification of attack types but the advantage of an ontological approach is that automated reasoning is the underpinning theory rather than automated learning. Automated reasoners allow automated classification and this powerful feature is the basis for the developing of an early warning system for active network attacks. In this paper, the authors describe how to employ Semantic Technologies by building an ontology to identify network attack types in order to support the automated classification of current network attacks by recognising relevant properties which are then mapped to relevant attack scenarios depicted in the ontology. The ontology engineering guidelines provided by Noy and McGuinness (2001) were used to build the ontology. The classes and relationships of the ontology are described formally and implemented in Protégé, an ontology editor. A core class in the ontology is the Attack Scenario class that represents different types of network attacks, for example, a Denial of Service attack. The ontology is evaluated by showing two examples of real attacks that correctly classified by the presented ontology. The presented ontology is to be expanded in future work. The aim of this paper is not to present a complete network attack ontology, but rather to present a proof of the concept of how to formally describe such an ontology, with the view to providing a baseline for future development of details. Row examples are explored to demonstrate how specific instances of attacks are classified using the ontology. DA - 2021-06 DB - ResearchSpace DP - CSIR ED - Misra, S ED - Tyagi, AK J1 - Artificial Intelligence for Cyber Security: Methods, Issues and Possible Horizons or Opportunities KW - Distributed Denial-of-Service KW - DDoS KW - Network attack ontology KW - SCO attack KW - Taxonomy LK - https://researchspace.csir.co.za PY - 2021 SM - 978-3-030-72235-7 SM - 978-3-030-72236-4 T1 - Description of a network attack ontology presented formally TI - Description of a network attack ontology presented formally UR - http://hdl.handle.net/10204/12210 ER - en_ZA
dc.identifier.worklist 25246 en_US


Files in this item

This item appears in the following Collection(s)

Show simple item record