Mechanism for Linking and Discovering Structured Cybersecurity Information over Networks

Abstract

To cope with the increasing amount of cyber threats, cyber security information must be shared beyond organization borders. Assorted organizations have already started to provide publicly-available repositories that store XML-based cyber security information on the Internet, but users are unaware of all of them. Cyber security information must be identified and located across such repositories by the parties who need that, and then should be transported to them to advance information sharing. This paper proposes a discovery mechanism, which identifies and locates various types of cyber security information and exchanges the information over networks. The mechanism generates RDF-based metadata to manage the list of cyber security information, and the metadata structure is based on an ontology of cyber security information, which absorbs the differences of the assorted schemata of the information and incorporates them. The mechanism is also capable of propagating any information updates such that entities with obsolete information do not suffer from emerging security threats. This paper also introduces a prototype of the mechanism to demonstrate its feasibility. It then analyzes the mechanism's extensibility, scalability, and information credibility. Through this work, we wish to expedite information sharing beyond organization borders and contribute to global cyber security.