Title :
Application of Security Ontology to Context-Aware Alert Analysis
Author :
Xu, Hui ; Xiao, Debao ; Wu, Zheng
Author_Institution :
Inst. of Comput. Network & Commun., Huazhong Normal Univ., Wuhan, China
Abstract :
With rapid development of computer networks, users need a new solution for network security management, aiming at integration. This paper focuses on context-aware alert analysis, which is one of its key functionalities. A practical and efficient approach to guarantee unified representation of context information, background knowledge and attack knowledge for security alerts is still lacking these days. This paper applies security ontology by means of OWL+SWRL+OWL-S based on CIM schema to describe context information and security knowledge in a unified manner. We argue that, our proposed approach improves existing alert analysis techniques by providing formal representations with the use of security ontology, which may possibly be an important stage for implementation of unified network security management.
Keywords :
computer networks; ontologies (artificial intelligence); security of data; ubiquitous computing; CIM schema; attack knowledge; background knowledge; computer networks; context information representation; context-aware alert analysis; network security management; security management; security ontology; Collaboration; Computer network management; Data security; Information analysis; Information management; Information security; Intrusion detection; OWL; Ontologies; Resource description framework; context-aware alert analysis; network security management; security ontology;
Conference_Titel :
Computer and Information Science, 2009. ICIS 2009. Eighth IEEE/ACIS International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3641-5
DOI :
10.1109/ICIS.2009.199
