Ontological approach to big data analytics in cybersecurity domain
Keywords:big data analytics, cybersecurity, ontology, thesaurus, unstructured information, metadata, wiki technologies, semantic similarity
Information security is a dynamic field in which methods and means of protection against threats and their destructive component are rapidly changing and improving, which is a challenge for organizations and society as a whole. Therefore, information systems related to cybersecurity require a constant flow of knowledge from internal and external sources, the volume of which is constantly growing. The introduction of big data sets in the field of cybersecurity provides opportunities for application for the analysis of data containing structured and unstructured data. The application of semantic technologies to search, selection of external big data, and description of knowledge about the cybersecurity domain require new approaches, methods, and algorithms of big data analysis. For selecting relevant data, we are offered a semantic analysis of metadata that accompanies big data and the construction of ontologies that formalize knowledge about metadata, cybersecurity, and the problem that needs to be solved. We are proposed to create a thesaurus of problems based on the domain ontology, which should provide a terminological basis for the integration of ontologies of different levels. The cybersecurity domain has a hierarchical structure, so the presentation of formalized knowledge about it requires the development of the hierarchy of ontologies from top to bottom. For building a thesaurus of problem, it is proposed to use an algorithm that will combine information from information security standards, open natural information resources, dictionaries, and encyclopedias. It is suggested to use semantically marked Wiki-resources, external thesauri, and ontologies to supplement the semantic models of the cybersecurity domain.
S. Grimes, “Unstructured Data and the 80 Percent Rule”, Clarabridge, Bridgepoints, 2008. [Online]. Available: http://breakthroughanalysis.com/2008/08/01/unstructured-data-and-the-80-percent-rule/. Accessed on: Aug 1, 2020.
T. Erl, W. Khattak, and P. Buhler, Big Data Fundamentals: Concepts, Drivers & Techniques. Prentice Hall, Crawfordsville USA: ServiceTech Press, 2016.
O. Savas, J. Deng, Big Data Analytics in Cybersecurity. New York, USA: CRC Press, 2018.
L. Obrst, P. Chase, and R. Markeloff, “Developing an Ontology of the Cyber Security Domain”, In Proc. 7th Inter. Conf. on Semantic Technologies for Intelligence, Defense, and Security, Fairfax, 2012, pp. 49-56.
Z. Syed, A. Padia, T. Finin, L. Mathews, and A. Joshi, “UCO: A unified IS ontology”, in Proc. AAAI Conf. Artificial Intelligence for Cyber Security, Phoenix, 2016, pp. 1-8.
P. Bhandari, and M. S. Guiral, “Ontology Based Approach for Perception of Network Security State”, in Proc.of Recent Advances in Engineering and Computational Sciences, Chandigarh, 2014, pp. 1-6.
I. V. Diorditsa, “Representation of IS policy terminology in the texts of legal acts of Ukraine”, Scientific herald of the International Humanities University. Jurisprudence, vol 1, no. 29, pp. 64-67, 2017.
R. van Heerden, L. Leenen, and B. Irwin, “Automated classification of computer network attacks”, in Inter. Conf. on Adaptive Science and Technology, South Africa, 2013, pp.157-163, doi: http://doi.org/10.1109/ICASTech.2013.6707510.
M. Ushold, and M. Gruninger, “Ontologies: Principles, Methods and Applications”, Knowl. Eng. Rev. CUP, vol. 11, no. 2, pp. 93-155, 1996, doi: https://doi.org/10.1017/S0269888900007797.
P. Buneman, S. Davidson, M. Fernandez, and D. Suciu, “Adding structure to unstructured data”, in Proc.of Inter. Conf. on Database Theory, Delphi, 1997, pp. 336-350.
Y. Zhang, J. Ren, J. Liu, C. Xu, H. Guo, and Y. Liu, “A survey on emerging computing paradigms for big data”, CJE, vol. 26, no. 1, pp.1-12, 2017, doi: https://doi.org/10.1049/cje.2016.11.016.
K. Smith, L. Seligman, and A. Rosenthal, “Big Metadata: The Need for Principled Metadata Management in Big Data Ecosystems”, in Proc. Confe. Data analytics in the Cloud, Snowbird, 2014, pp. 72-84. [Online]. Available: https://dl.acm.org/doi/10.1145/2627770. 2627776, doi: https://doi.org/10.1145/2627770.2627776. Accessed on: Aug. 15, 2020.
T. Takahashi, and Y. Kadobayashi, “Reference ontology for cybersecurity operational information”, The Computer Journal, OUP, vol. 58, no. 10, pp. 2297-2312, 2015. [Online]. Available: https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8205615, doi: https://doi.org/10.1093/comjnl/bxu101. Accessed on: Aug. 15, 2020.
A. Salahi, and M. Ansarinia, “Predicting Network Attacks Using Ontology-Driven Inference”, IJICTR, IGI Global, vol. 4, no. 2; pp. 27-35, 2012. [Online]. Available: http://arxiv.org/ftp/arxiv/papers/1304/1304.0913.pdf. Accessed on: Aug. 15, 2019.
A. Oltramari, L. F. Cranor, R. J. Walls, and P. D. McDaniel, ”Building an Ontology of Cyber Security”, in Proc. 9th Inter. Conf. on Semantic Technologies for Intelligence, Defense, and Security, Fairfax, 2014, pp. 54-61, [Online]. Available: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.664.3593&rep=rep1&type=pdf. Accessed on: Aug. 15, 2020.
J. A. Wang, and M. Guo, “OVM: An Ontology for Vulnerability Management”, in Proc. 5th Annu. Conf on Cyber Security and Information Intelligence Research, Knoxville, 2009, pp. 1-4, doi: https://doi.org/10.1145/1558607.1558646.
A. Y. Gladun, O. O, Puchkov, I. Yu. Subach, and K. O. Khala, English-Ukrainian dictionary of terms on information technology and cybersecurity. Kiev, Ukraine: NTUU KPI named by Igor Sikorsky, 2018.
Protégé 5.0. [Online]. Available: https://protege.stanford.edu/. Accessed on: Aug. 24, 2020.
Great Ukrainian encyclopedia. [Online]. Available: https://vue.gov.ua/. Accessed on: Aug. 10, 2020.
A. Y. Gladun, and J Rogushina, “Mereological aspects of ontological analysis for thesauri constructing”, JIBS Buildings and Environment, Nova Scien. Publish., New York, pp. 301-308, 2010.
A. Y. Gladun, and J. Rogushina, “Use of Semantic Web Technologies and Multilinguistic Thesauri for Knowledge-Based Access to Biomedical Resources”, IJISA, MECS Press, no. 1, pp. 11-20, 2012. [Online]. Available: http://www.mecs-press.org/ijisa/ijisa-v4-n1/IJISA-V4-N1-2.pdf, doi: https://doi.org/10.5815/ijisa.2012.01.02. Accessed on: Aug. 15, 2020.
Y. E. Sachuk, “Professional training of specialists in IS and information protection: thesaurus and ontology”, Problems of engineering and pedagogical education, no. 59, pp. 35-40, 2018.
J. Rogushina, “Use of Similarity of Wiki Pages as an Instrument of Domain Representation for Semantic Retrieval”, in Proc. Conf. Open Semantic Technologies for Intelligent Systems, Minsk, 2020, no. 4, pp. 111-116.
Z. Wu, and M. Palmer, “Verbs semantics and lexical selection”, in Proc. 32nd Annu. Meeting on Association for Computational Linguistics, Association for Computational Linguistics, Stroudsburg, 1994, pp. 133-138, doi: https://doi.org/10.3115/981732.981751.
P. Resnik, “Using information content to evaluate semantic similarity in a taxonomy”, in Proc. 14th Inter. Joint Conf. Artificial Antelligence, vol. 1, 1995, pp. 448-453. [Online]. Available: https://arxiv.org/pdf/cmp-lg/9511007.pdf. Accessed: Aug. 22, 2020.
A. Gladun, and K. Khala, “Using ontological models for formalized knowledge assessment”, Scient. Jour. Computer Means, Networks and Systems, no. 27, pp. 67-73, 2019.
S. Pryima, A. Gladun, and J. Rogushina, “Ontological Analysis of Outcomes of Non-formal and Informal Learning for Agro-Advisory System: AdvisOnt”, CCIS, Springer, vol. 1309, pp. 3-17, 2020. [Online]. Available: https://doi.org/10.1007/978-3-030-62015-8_1, doi: https://doi.org/10.1007/978-3-030-62015-8_1.
How to Cite
Copyright (c) 2020 Information Technology and Security
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors that are published in this collection, agree to the following terms:
- The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
- The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
- Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).