Abstract
The paper investigates different security data sources and analyzes the possibility of their sharing in a uniform data storage on the basis of the ontological approach. An ontological model of the uniform hybrid storage is suggested. A common technique for security data inference based on this approach is developed. The results of experiments with the suggested ontology to construct the security data storage are discussed.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
OPENVAS. Web. http://www.openvas.org/
PT Application Firewall. Web. https://www.ptsecurity.com/ww-en/products/af/
Kotenko, I., Chechulin, A.: A cyber attack modeling and impact assessment framework. In: 5th International Conference on Cyber Conflict 2013 (CyCon 2013), pp. 119–142 (2013)
Kotenko, I., Chechulin, A.: Computer attack modeling and security evaluation based on attack graphs. In: 7th International Conference on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, pp. 614–619 (2013)
Chechulin, A., Kotenko, I.: Attack tree-based approach for real-time security event processing. Automatic Control Comput. Sci. 49(8), 701–704 (2015). Allerton Press Inc
Kotenko, I., Doynikova, E.: Dynamical calculation of security metrics for countermeasure selection in computer networks. In: 24th Euromicro International Conference on Parallel, Distributed and Network-Based Processing, pp. 558–565 (2016)
Doynikova, E., Kotenko, I.: Countermeasure selection based on the attack and service dependency graphs for security incident management. In: Lecture Notes in Computer Science (LNCS), vol. 9572, Springer, pp. 107–124 (2016)
Fedorchenko, A., Kotenko, I., Chechulin, A.: Design of integrated vulnerabilities database for computer networks security analysis. In: 23th Euromicro International Conference on Parallel, Distributed, and Network-Based Processing (PDP 2015), pp. 559–566 (2015)
Sufatrio, Yap, R.H.C., Zhong, L.: A machine-oriented integrated vulnerability database for automated vulnerability detection and processing. In: LISA XVIII, pp. 47–58 (2004)
Tierney, S.: Knowledge discovery in cyber vulnerability databases. A project report submitted in partial fulfillment of the requirements for the degree of Master of Science (2005)
Metasploit official website. Web. https://www.metasploit.com/
Elahi, G., Yu, E., Zannone, N.: A modeling ontology for integrating vulnerabilities into security requirements conceptual foundations. In: ER-2009, pp. 99–114. Springer-Verlag (2009)
Guo, M., Wang, J.: An ontology-based approach to model common vulnerabilities and exposures in information security. In: 2009 ASEE SE Section Conference, 10 p. (2009)
Guo, M., Wang, J.: Security data mining in an Ontology for vulnerability management. In: Conference on Bioinformatics, Systems Biology and Intelligent Computing, pp. 597–603 (2009)
Kotenko, I., Saenko, I., Polubelova, O., Chechulin, A.: Design and implementation of a hybrid ontological-relational data repository for SIEM systems. Future Int. 5(3) (2013)
Kotenko, I., Saenko, I., Polubelova, O., Doynikova, E.: The ontology of metrics for security evaluation and decision support in SIEM systems. In: 8th International Conference on Availability, Reliability and Security (ARES 2013), pp. 638–645 (2013)
Parmelee, M.C.: Toward an ontology architecture for cyber-security standards. In: 2010 Semantic Technology for Intelligence, Defense, and Security Conference, 8 p. (2010)
Waltermire, D., Quinn, S., Scarfone, K., Halbardier, A.: The technical specification for the security content automation protocol (SCAP): SCAP version 1.2. 66 p. (2011)
Common Vulnerabilities and Exposures (CVE). Web. http://cve.mitre.org
Common Configuration Enumeration (CCE). Web. https://nvd.nist.gov/cce/index.cfm
Common Platform Enumeration (CPE) official website. Web. https://nvd.nist.gov/cpe.cfm
Common Vulnerabilities and Exposures (CVE). Web. https://cve.mitre.org/
National Vulnerability Database (NVD) official website. Web. https://nvd.nist.gov
Open Source Vulnerability Database (OSVDB) blog. Web. https://blog.osvdb.org/
US Computer Emergency Readiness Team (US-CERT). Web. http://www.us-cert.gov/
SecurityFocus (BugTraq database) official website. Web. http://securityfocus.com/
IBM X-Force exchange project official website. Web. http://xforce.iss.net
Common Vulnerability Scoring System (CVSS) official website. Web. https://www.first.org/cvss
Common Weakness Enumeration (CWE) official website. Web. https://cwe.mitre.org/
ICASI Common Vulnerability Reporting Framework (CVRF) official website. Web. http://www.icasi.org/cvrf/
Offensive security’s exploit database archive. Web. https://www.exploit-db.com/
Common Attack Pattern Enumeration and Classification (CAPEC) official website. Web. https://capec.mitre.org/
Common Remediation Enumeration (CRE) official website. Web. https://scap.nist.gov/specifications/cre/
Acknowledgements
The work is performed by the grant of RSF #15-11-30029 in SPIIRAS.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this chapter
Cite this chapter
Kotenko, I., Chechulin, A., Doynikova, E., Fedorchenko, A. (2018). Ontological Hybrid Storage for Security Data. In: Ivanović, M., Bădică, C., Dix, J., Jovanović, Z., Malgeri, M., Savić, M. (eds) Intelligent Distributed Computing XI. IDC 2017. Studies in Computational Intelligence, vol 737. Springer, Cham. https://doi.org/10.1007/978-3-319-66379-1_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-66379-1_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-66378-4
Online ISBN: 978-3-319-66379-1
eBook Packages: EngineeringEngineering (R0)