Visible to the public Ontology-Driven Security Requirements Recommendation for APT Attack

Submitted by aekwall on Mon, 03/23/2020 - 1:31pm
TitleOntology-Driven Security Requirements Recommendation for APT Attack
Publication TypeConference Paper
Year of Publication2019
AuthorsKim, MinJu, Dey, Sangeeta, Lee, Seok-Won
Conference Name2019 IEEE 27th International Requirements Engineering Conference Workshops (REW)
Date Publishedsep
Keywordsadvanced persistent threat, Advanced Persistent Threat (APT), APT attack, APT ontology, cyber threats, domain-specific knowledge ontology, general security knowledge ontology, human factors, knowledge base, ontologies (artificial intelligence), Ontology, ontology knowledge base, ontology-driven security requirements recommendation, pubcrawl, recommender systems, Resiliency, Scalability, security of data, security requirement, system domain knowledge
AbstractAdvanced Persistent Threat (APT) is one of the cyber threats that continuously attack specific targets exfiltrate information or destroy the system [1]. Because the attackers use various tools and methods according to the target, it is difficult to describe APT attack in a single pattern. Therefore, APT attacks are difficult to defend against with general countermeasures. In these days, systems consist of various components and related stakeholders, which makes it difficult to consider all the security concerns. In this paper, we propose an ontology knowledge base and its design process to recommend security requirements based on APT attack cases and system domain knowledge. The proposed knowledge base is divided into three parts; APT ontology, general security knowledge ontology, and domain-specific knowledge ontology. Each ontology can help to understand the security concerns in their knowledge. While integrating three ontologies into the problem domain ontology, the appropriate security requirements can be derived with the security requirements recommendation process. The proposed knowledge base and process can help to derive the security requirements while considering both real attacks and systems.
DOI10.1109/REW.2019.00032
Citation Keykim_ontology-driven_2019
Groups: