Application of Security Ontology to Context-Aware Alert Analysis

Author

Xu, Hui ; Xiao, Debao ; Wu, Zheng

Author_Institution

Inst. of Comput. Network & Commun., Huazhong Normal Univ., Wuhan, China

fYear

2009

fDate

1-3 June 2009

Firstpage

171

Lastpage

176

Abstract

With rapid development of computer networks, users need a new solution for network security management, aiming at integration. This paper focuses on context-aware alert analysis, which is one of its key functionalities. A practical and efficient approach to guarantee unified representation of context information, background knowledge and attack knowledge for security alerts is still lacking these days. This paper applies security ontology by means of OWL+SWRL+OWL-S based on CIM schema to describe context information and security knowledge in a unified manner. We argue that, our proposed approach improves existing alert analysis techniques by providing formal representations with the use of security ontology, which may possibly be an important stage for implementation of unified network security management.

Keywords

computer networks; ontologies (artificial intelligence); security of data; ubiquitous computing; CIM schema; attack knowledge; background knowledge; computer networks; context information representation; context-aware alert analysis; network security management; security management; security ontology; Collaboration; Computer network management; Data security; Information analysis; Information management; Information security; Intrusion detection; OWL; Ontologies; Resource description framework; context-aware alert analysis; network security management; security ontology;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer and Information Science, 2009. ICIS 2009. Eighth IEEE/ACIS International Conference on

Conference_Location

Shanghai

Print_ISBN

978-0-7695-3641-5

Type

conf

DOI

10.1109/ICIS.2009.199

Filename

5223087