Building an Ontology for Cyber Defence Exercises

Abstract

Over the course of recent years, the volume of cyber attacks has increased. The Cyber Defence Exercises (CDX) help organisations evaluate their security capacity by engaging in real-life cyber attack scenarios and improving the skills of the cybersecurity specialists and security measures to protect their critical systems from any potential cyber attacks. During such exercises, cybersecurity data is generated in structured and unstructured forms ranging from system-generated logs to situational reports. However, there is no united governance of all the generated data within the CDX context, which may lead to knowledge mismanagement. In this paper, we develop ontology-based structured knowledge management within the CDX environment to provide common understanding, integration, and sharing of data in this domain. The CDX ontology is developed with RDF and OWL languages assembling the data in an organised and machine-understandable format which will be very handy for computational linguistics. The validation of the ontology is conducted by ontology reasoning, competency questions, and, most importantly, expert evaluation. The CDX ontology passes the validation methods successfully and is thought to be a valuable asset for future research in its domain.