An Ontology of Cyberspace as a Basis for Decision-making in Cyberoperations

International Conference on Cyber Warfare and Security Pub Date : 2024-03-21 DOI:10.34190/iccws.19.1.2023

Alexander Grandin

{"title":"An Ontology of Cyberspace as a Basis for Decision-making in Cyberoperations","authors":"Alexander Grandin","doi":"10.34190/iccws.19.1.2023","DOIUrl":null,"url":null,"abstract":"In the cyberoperations community there is a commonly accepted starting point for describing cyberspace as comprising of multiple planes through which information flows. However, the model is not a tool that facilitates planning and executing cyberoperations. Tools do exist in the form of technical cybersecurity ontologies. At the moment the link between technical ontologies, that are the tools of experts, and the operational planning process is limited. These technical ontologies provide automated information that would support operational planning. At the moment cybersecurity experts translate the information that military professionals need, which may cause insufficiencies or distortions in communication or cause inconsistencies in the planning process. This paper presents the ongoing work of developing a model of cyberspace in the form of a core ontology. The ontology describes the flow of digital information between persons and the enabling technology as well as geographical data. It is intended as a tool that supports operational planning and decision-making in and through cyberspace, by enabling automation and reasoning. The model is created using the well-established Constructive Research Approach (CRA) methodology, and is developed on earlier research. CRA consists of six phases in which (1) the problem is defined, (2) an understanding of the topic is generated, (3) a solution (model) is constructed which then is (4) demonstrated. Then the models (5) theoretical connections are presented and the (6) scope of applicability is assessed. The challenges of developing an ontology of cyberspace as part of the third phase of the methodology are in focus. The ontology serves as an operational core ontology, aiming to link cybersecurity domain ontologies to the DOLCE+DnS Ultralite (DUL) foundational ontology. The ontology is based on research in Cyberspace Geography and Cyber Terrain. No earlier attempts at creating a core ontology of cyberspace grounded in a foundational ontology, based on these concepts, were found. Overall, the use of reference ontologies in cyberspace research is scarce and few are grounded in a foundational ontology. The starting point for the ontology is a model of cyberspace comprising of six layers, which are the 1) geographic layer, 2) physical network layer, 3) logical network layer, 4) socio-organizational layer, 5) virtual persona layer and finally the 6) persona layer. The model was complemented with levels describing action and information and partially excluded the outer levels 1 and 6, which were directly linked to the DUL foundational ontology.","PeriodicalId":429427,"journal":{"name":"International Conference on Cyber Warfare and Security","volume":"127 3","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-03-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Cyber Warfare and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.34190/iccws.19.1.2023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In the cyberoperations community there is a commonly accepted starting point for describing cyberspace as comprising of multiple planes through which information flows. However, the model is not a tool that facilitates planning and executing cyberoperations. Tools do exist in the form of technical cybersecurity ontologies. At the moment the link between technical ontologies, that are the tools of experts, and the operational planning process is limited. These technical ontologies provide automated information that would support operational planning. At the moment cybersecurity experts translate the information that military professionals need, which may cause insufficiencies or distortions in communication or cause inconsistencies in the planning process. This paper presents the ongoing work of developing a model of cyberspace in the form of a core ontology. The ontology describes the flow of digital information between persons and the enabling technology as well as geographical data. It is intended as a tool that supports operational planning and decision-making in and through cyberspace, by enabling automation and reasoning. The model is created using the well-established Constructive Research Approach (CRA) methodology, and is developed on earlier research. CRA consists of six phases in which (1) the problem is defined, (2) an understanding of the topic is generated, (3) a solution (model) is constructed which then is (4) demonstrated. Then the models (5) theoretical connections are presented and the (6) scope of applicability is assessed. The challenges of developing an ontology of cyberspace as part of the third phase of the methodology are in focus. The ontology serves as an operational core ontology, aiming to link cybersecurity domain ontologies to the DOLCE+DnS Ultralite (DUL) foundational ontology. The ontology is based on research in Cyberspace Geography and Cyber Terrain. No earlier attempts at creating a core ontology of cyberspace grounded in a foundational ontology, based on these concepts, were found. Overall, the use of reference ontologies in cyberspace research is scarce and few are grounded in a foundational ontology. The starting point for the ontology is a model of cyberspace comprising of six layers, which are the 1) geographic layer, 2) physical network layer, 3) logical network layer, 4) socio-organizational layer, 5) virtual persona layer and finally the 6) persona layer. The model was complemented with levels describing action and information and partially excluded the outer levels 1 and 6, which were directly linked to the DUL foundational ontology.

查看原文本刊更多论文

作为网络行动决策依据的网络空间本体论

在网络行动界，人们普遍接受的出发点是将网络空间描述为由多个平面组成，信息在其中流动。然而，该模型并不是促进规划和执行网络行动的工具。以技术网络安全本体论形式存在的工具确实存在。目前，作为专家工具的技术本体与行动规划流程之间的联系十分有限。这些技术本体可提供支持行动规划的自动化信息。目前，网络安全专家负责翻译军事专业人员所需的信息，这可能会导致交流不充分或失真，或造成规划过程中的不一致。本文介绍了正在进行的以核心本体论形式开发网络空间模型的工作。本体论描述了人与人之间的数字信息流、使能技术以及地理数据。其目的是作为一种工具，通过实现自动化和推理，支持网络空间内和网络空间中的业务规划和决策。该模型是利用成熟的建设性研究方法（CRA）创建的，是在早期研究的基础上发展起来的。CRA 包括六个阶段：(1) 界定问题；(2) 生成对主题的理解；(3) 构建解决方案（模型），然后进行 (4) 演示。然后展示模型 (5) 的理论联系，并评估 (6) 的适用范围。作为方法论第三阶段的一部分，开发网络空间本体论所面临的挑战是重点。本体论是一个可操作的核心本体论，旨在将网络安全领域本体论与 DOLCE+DnS Ultralite（DUL）基础本体论联系起来。本体基于网络空间地理学和网络地形学的研究。目前还没有发现基于这些概念在基础本体中创建网络空间核心本体的早期尝试。总体而言，在网络空间研究中使用参考本体论的情况很少，而且很少以基础本体论为基础。本体论的出发点是一个由六层组成的网络空间模型，这六层是：1）地理层；2）物理网络层；3）逻辑网络层；4）社会组织层；5）虚拟人物层；最后是 6）人物层。该模型补充了描述行动和信息的层次，部分排除了与 DUL 基础本体论直接相关的外层 1 和 6。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Conference on Cyber Warfare and Security

自引率

0.00%

发文量