Mohamad Imad Mahaini
Shujun Li
ABSTRACT
Taxonomies and ontologies are handy tools in many application domains such as knowledge systematization and automatic reasoning. In the cyber security field, many researchers have proposed such taxonomies and ontologies, most of which were built based on manual work. Some researchers proposed the use of computing tools to automate the building process, but mainly on very narrow sub-areas of cyber security. Thus, there is a lack of general cyber security taxonomies and ontologies, possibly due to the difficulties of manually curating keywords and concepts for such a diverse, inter-disciplinary and dynamically evolving field.
This paper presents a new human-machine teaming based process to build taxonomies, which allows human experts to work with automated natural language processing (NLP) and information retrieval (IR) tools to co-develop a taxonomy from a set of relevant textual documents. The proposed process could be generalized to support non-textual documents and to build (more complicated) ontologies as well. Using the cyber security as an example, we demonstrate how the proposed taxonomy building process has allowed us to build a general cyber security taxonomy covering a wide range of data-driven keywords (topics) with a reasonable amount of human effort.
- June Abbas. 2010. Structures for Organizing Knowledge: Exploring Taxonomies, Ontologies, and Other Schema. Neal-Schuman Publishers, Inc.Google Scholar
- Çağrı B. Aslan, Rahime Belen Sağlam, and Shujun Li. 2018. Automatic Detection of Cyber Security Related Accounts on Online Social Networks: Twitter As an Example. In Proceedings of the 9th International Conference on Social Media and Society. ACM, 236--240. Google ScholarDigital Library
- Eric W. Burger, Michael D. Goodman, Panos Kampanakis, and Kevin A. Zhu. 2014. Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies. In Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security. ACM, 51--60. Google ScholarDigital Library
- Gürol Canbek, Seref Sagiroglu, and Nazife Baykal. 2016. New Comprehensive Taxonomies on Mobile Security and Malware Analysis. International Journal of Information Security 5, 4 (2016), 106--138.Google Scholar
- Philipp Cimiano, Andreas Hotho, and Andreas Hotho. 2004. Comparing Conceptual, Divisive and Agglomerative Clustering for Learning Taxonomies from Text. In Proceedings of the 16th European Conference on Artificial Intelligence. IOS Press, 435--439. Google ScholarDigital Library
- Daniel Costa, Michael Albrethsen, Matthew Collins, Samuel Perl, George Silowash, and Derrick Spooner. 2016. An Insider Threat Indicator Ontology. Technical Report CMU/SEI-2016-TR-007. Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA, USA. http://resources.sei.cmu.edu/library/asset-view.cfm?AssetID=454613Google Scholar
- R. Danyliw. 2016. The Incident Object Description Exchange Format Version 2. IETF RFC 7970. https://tools.ietf.org/html/rfc7970Google Scholar
- Development, Concepts and Doctrine Centre, Ministry of Defence, UK. 2018. Human-machine teaming. Joint Concept Note 1/18. https://www.gov.uk/government/publications/human-machine-teaming-jcn-118Google Scholar
- Golnaz Elahi, Eric Yu, and Nicola Zannone. 2009. A Modeling Ontology for Integrating Vulnerabilities into Security Requirements Conceptual Foundations. In Conceptual Modeling - ER 2009: 28th International Conference on Conceptual Modeling, Gramado, Brazil, November 9-12, 2009. Proceedings. Springer, 99--114. Google ScholarDigital Library
- Sam Adam Elnagdy, Meikang Qiu, and Keke Gai. 2016. Understanding Taxonomy of Cyber Risks for Cybersecurity Insurance of Financial Industry in Cloud Computing. In Proceedings of 2016 IEEE 3rd International Conference on Cyber Security and Cloud Computing. IEEE, 295--300.Google ScholarCross Ref
- Will Gibb. 2013. Back to Basics Series: OpenIOC. https://www.fireeye.com/blog/threat-research/2013/09/basics-series-openioc.htmlGoogle Scholar
- Ryan Heartfield, George Loukas, Sanja Budimir, Anatolij Bezemskij, Johnny R.J. Fontaine, Avgoustinos Filippoupolitis, and Etienne Roesch. 2018. A taxonomy of cyber-physical threats and impact in the smart home. Computers & Security 78 (2018), 398--428.Google ScholarCross Ref
- ISO/IEC. 2018. Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary. ISO/IEC 27000:2018. https://www.iso.org/standard/73906.htmlGoogle Scholar
- Yuning Jiang, Manfred Jeusfeld, Yacine Atif, Jianguo Ding, Christoffer Brax, and Eva Nero. 2018. A language and repository for cyber security of smart grids. In Proceedings of 2018 IEEE 22nd International Enterprise Distributed Object Computing Conference. IEEE, 164--170.Google ScholarCross Ref
- George Loukas, Eirini Karapistoli, Emmanouil Panaousis, Panagiotis Sarigiannidis, Anatolij Bezemskij, and Tuan Vuong. 2019. A taxonomy and survey of cyber-physical intrusion detection approaches for vehicles. Ad Hoc Networks 84 (2019), 124--147.Google ScholarCross Ref
- H.A.M. Luiijf and A.H. Nieuwenhuijs. 2008. Extensible threat taxonomy for critical infrastructures. International Journal of Critical Infrastructures 4, 4 (2008), 409--417.Google ScholarCross Ref
- Vasileios Mavroeidis and Siri Bromander. 2017. Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In Proceedings of 2017 European Intelligence and Security Informatics Conference. IEEE, 91--98.Google ScholarCross Ref
- New Idea Engineering, Inc. 2018. What's the difference between Taxonomies and Ontologies? - Ask Dr. Search. http://www.ideaeng.com/taxonomies-ontologies-0602Google Scholar
- OASIS Open. 2019. Introduction to STIX. https://oasis-open.github.io/cti-documentation/stix/introGoogle Scholar
- Sergio Pastrana, Daniel R. Thomas, Alice Hutchings, and Richard Clayton. 2018. CrimeBB: Enabling Cybercrime Research on Underground Forums at Scale. In Proceedings of the 2018 World Wide Web Conference. International World Wide Web Conferences Steering Committee, 1845--1854. Google ScholarDigital Library
- Uta Priss. 2006. Formal Concept Analysis in Information Science. Annual Review of Information Science and Technology 40, 1 (2006), 521--543. Google ScholarDigital Library
- Pedram Radmand, Alex Talevski, Stig Petersen, and Simon Carlsen. 2010. Taxonomy of Wireless Sensor Network Cyber Security Attacks in the Oil and Gas Industries. In Proceedings of 2010 24th IEEE International Conference on Advanced Information Networking and Applications. IEEE, 949--957. Google ScholarDigital Library
- Abdul Razzaq, Khalid Latif, H. Farooq Ahmad, Ali Hur, Zahid Anwar, and Peter Charles Bloodsworth. 2014. Semantic security against web application attacks. Information Sciences 254 (2014), 19--38. Google ScholarDigital Library
- Hichem Sedjelmaci and Sidi Mohamed Senouci. 2018. Cyber security methods for aerial vehicle networks: taxonomy, challenges and solution. Journal of Supercomputing 74, 10 (2018), 4928--4944. Google ScholarDigital Library
- Ju An Wang and Minzhe Guo. 2009. OVM: An ontology for vulnerability management. In Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research. ACM, Article 34. Google ScholarDigital Library
- Hui Yang and Jamie Callan. 2009. A Metric-based Framework for Automatic Taxonomy Induction. In Proceedings of the Joint Conference of the 47th Annual Meeting of the ACL and the 4th International Joint Conference on Natural Language. Association for Computational Linguistics, 271--279. Google ScholarDigital Library
- Andrei C. Zamfira and Horia Ciocarlie. 2018. Developing An Ontology Of Cyber-Operations In Networks Of Computers. In Proceedings of 2018 IEEE 14th International Conference on Intelligent Computer Communication and Processing. IEEE, 395--400.Google Scholar
- Building Taxonomies based on Human-Machine Teaming: Cyber Security as an Example
Recommendations
Enhancing information retrieval through statistical natural language processing: a study of collocation indexing
Although the management of information assets-specifically, of text documents that make up 80 percent of these assets-an provide organizations with a competitive advantage, the ability of information retrieval (IR) systems to deliver relevant ...
Taxonomies in software engineering
Context: Software Engineering (SE) is an evolving discipline with new subareas being continuously developed and added. To structure and better understand the SE body of knowledge, taxonomies have been proposed in all SE knowledge areas.Objective: The ...
RDFS(FA): Connecting RDF(S) and OWL DL
Semantic Web (SW) languages are supposed to be compatible with each other in a meaningful way, so as to facilitate machine understanding. Recent research, however, shows that the semantics of the standard SW annotation language RDF (as well as its ...
Comments