{"title":"基于主动本体的网络威胁情报分析","authors":"Yazid Merah, Tayeb Kenaza","doi":"10.1109/ICRAMI52622.2021.9585984","DOIUrl":null,"url":null,"abstract":"Exploiting Cyber Threat Intelligence (CTI) as a valuable, updated, and structured source of information on threats and vulnerabilities can be a strong support for providing effective cybersecurity solutions. CTIs are shared across dedicated online platforms via a machine-readable format, such as Structured Threat Information eXpression (STIX). Meanwhile, ontology-based semantic knowledge modeling has become a promising solution that provides a machine-readable language for downstream work to address cybersecurity issues. Hence, by incorporating STIX concepts we propose in this paper an ontological-based CTI analysis that provides valuable threats information according to the security alerts reported by an analyzer. To test our ontology, we developed a set of reasoning rules to infer new knowledge on cyber threats. The experimental results show that such knowledge can be inferred by applying our approach for an ongoing and effective monitoring of cyber threats.","PeriodicalId":440750,"journal":{"name":"2021 International Conference on Recent Advances in Mathematics and Informatics (ICRAMI)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"Proactive Ontology-based Cyber Threat Intelligence Analytic\",\"authors\":\"Yazid Merah, Tayeb Kenaza\",\"doi\":\"10.1109/ICRAMI52622.2021.9585984\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Exploiting Cyber Threat Intelligence (CTI) as a valuable, updated, and structured source of information on threats and vulnerabilities can be a strong support for providing effective cybersecurity solutions. CTIs are shared across dedicated online platforms via a machine-readable format, such as Structured Threat Information eXpression (STIX). Meanwhile, ontology-based semantic knowledge modeling has become a promising solution that provides a machine-readable language for downstream work to address cybersecurity issues. Hence, by incorporating STIX concepts we propose in this paper an ontological-based CTI analysis that provides valuable threats information according to the security alerts reported by an analyzer. To test our ontology, we developed a set of reasoning rules to infer new knowledge on cyber threats. The experimental results show that such knowledge can be inferred by applying our approach for an ongoing and effective monitoring of cyber threats.\",\"PeriodicalId\":440750,\"journal\":{\"name\":\"2021 International Conference on Recent Advances in Mathematics and Informatics (ICRAMI)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-09-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 International Conference on Recent Advances in Mathematics and Informatics (ICRAMI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICRAMI52622.2021.9585984\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 International Conference on Recent Advances in Mathematics and Informatics (ICRAMI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICRAMI52622.2021.9585984","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Exploiting Cyber Threat Intelligence (CTI) as a valuable, updated, and structured source of information on threats and vulnerabilities can be a strong support for providing effective cybersecurity solutions. CTIs are shared across dedicated online platforms via a machine-readable format, such as Structured Threat Information eXpression (STIX). Meanwhile, ontology-based semantic knowledge modeling has become a promising solution that provides a machine-readable language for downstream work to address cybersecurity issues. Hence, by incorporating STIX concepts we propose in this paper an ontological-based CTI analysis that provides valuable threats information according to the security alerts reported by an analyzer. To test our ontology, we developed a set of reasoning rules to infer new knowledge on cyber threats. The experimental results show that such knowledge can be inferred by applying our approach for an ongoing and effective monitoring of cyber threats.