Risk intelligence retrieval based on ontology

Information Security Risk Management is one of the key factors in ensuring security of the Information Assets of any organization. Information Security Risk Management has gained more importance recently as information security breaches increase and information infrastructures are constantly being targeted by various attacks. The risk assessment activity in information security risk management helps in identifying the potential risks to the information assets. To perform proactive risk management, the attack related information is required to construct the attack patterns which could be used to predict the future attacks. Attack patterns can be stored as they help in extracting risk intelligence for effective risk management. Storing of attack patterns is achieved by constructing Ontology. Ontologies are used to formally represent domain knowledge. The ontology stores patterns of attacks against that target the confidentiality, integrity and availability of the information assets. The extraction of risk intelligence is done by mapping the log files of the currently monitored network activity with the stored attack patterns to predict forth coming attacks. The ontology created can also help in sharing attack related information among different organizations interested in performing Information Security Risk Management.