Visible to the public Research on Vulnerability Ontology Model

TitleResearch on Vulnerability Ontology Model
Publication TypeConference Paper
Year of Publication2019
AuthorsZhu, L., Zhang, Z., Xia, G., Jiang, C.
Conference Name2019 IEEE 8th Joint International Information Technology and Artificial Intelligence Conference (ITAIC)
Keywordscapec, Communication networks, compositionality, CVE, CWE, Databases, Economics, finance, industry public standards, inference mechanisms, Inference Rules, Information Reuse and Security, information security public databases, knowledge inference, Ontologies, ontologies (artificial intelligence), Ontology, pubcrawl, public information systems, Resiliency, security, security of data, security vulnerability ontology model, Standards, Vulnerability, vulnerability class, weakness class
AbstractIn order to standardize and describe vulnerability information in detail as far as possible and realize knowledge sharing, reuse and extension at the semantic level, a vulnerability ontology is constructed based on the information security public databases such as CVE, CWE and CAPEC and industry public standards like CVSS. By analyzing the relationship between vulnerability class and weakness class, inference rules are defined to realize knowledge inference from vulnerability instance to its consequence and from one vulnerability instance to another vulnerability instance. The experimental results show that this model can analyze the causal and congeneric relationships between vulnerability instances, which is helpful to repair vulnerabilities and predict attacks.
DOI10.1109/ITAIC.2019.8785783
Citation Keyzhu_research_2019