Ontological approach to big data analytics in cybersecurity domain

Authors

  • Anatoly Gladun Institute of special communication and information protection National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv, http://orcid.org/0000-0002-4133-8169
  • Katerina Khala International research and training center for information technologies and systems under National Academy of Sciences and Ministry of Education and Science of Ukraine, Kyiv, http://orcid.org/0000-0002-9477-970X
  • Ihor Subach Institute of special communication and information protection National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv, http://orcid.org/0000-0002-9344-713X

DOI:

https://doi.org/10.20535/2411-1031.2020.8.2.222559

Keywords:

big data analytics, cybersecurity, ontology, thesaurus, unstructured information, metadata, wiki technologies, semantic similarity

Abstract

Information security is a dynamic field in which methods and means of protection against threats and their destructive component are rapidly changing and improving, which is a challenge for organizations and society as a whole. Therefore, information systems related to cybersecurity require a constant flow of knowledge from internal and external sources, the volume of which is constantly growing. The introduction of big data sets in the field of cybersecurity provides opportunities for application for the analysis of data containing structured and unstructured data. The application of semantic technologies to search, selection of external big data, and description of knowledge about the cybersecurity domain require new approaches, methods, and algorithms of big data analysis. For selecting relevant data, we are offered a semantic analysis of metadata that accompanies big data and the construction of ontologies that formalize knowledge about metadata, cybersecurity, and the problem that needs to be solved. We are proposed to create a thesaurus of problems based on the domain ontology, which should provide a terminological basis for the integration of ontologies of different levels. The cybersecurity domain has a hierarchical structure, so the presentation of formalized knowledge about it requires the development of the hierarchy of ontologies from top to bottom. For building a thesaurus of problem, it is proposed to use an algorithm that will combine information from information security standards, open natural information resources, dictionaries, and encyclopedias. It is suggested to use semantically marked Wiki-resources, external thesauri, and ontologies to supplement the semantic models of the cybersecurity domain.

Author Biographies

Anatoly Gladun, Institute of special communication and information protection National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv,

candidate of technical sciences,
associate professor at the cybersecurity
and application of information systems
and technologies academic department

Katerina Khala, International research and training center for information technologies and systems under National Academy of Sciences and Ministry of Education and Science of Ukraine, Kyiv,

researcher

Ihor Subach, Institute of special communication and information protection National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv,

doctor of technical science,
associate professor, head
at the cybersecurity and
application of information
systems and technologies
academic department

References

S. Grimes, “Unstructured Data and the 80 Percent Rule”, Clarabridge, Bridgepoints, 2008. [Online]. Available: http://breakthroughanalysis.com/2008/08/01/unstructured-data-and-the-80-percent-rule/. Accessed on: Aug 1, 2020.

T. Erl, W. Khattak, and P. Buhler, Big Data Fundamentals: Concepts, Drivers & Techniques. Prentice Hall, Crawfordsville USA: ServiceTech Press, 2016.

O. Savas, J. Deng, Big Data Analytics in Cybersecurity. New York, USA: CRC Press, 2018.

L. Obrst, P. Chase, and R. Markeloff, “Developing an Ontology of the Cyber Security Domain”, In Proc. 7th Inter. Conf. on Semantic Technologies for Intelligence, Defense, and Security, Fairfax, 2012, pp. 49-56.

Z. Syed, A. Padia, T. Finin, L. Mathews, and A. Joshi, “UCO: A unified IS ontology”, in Proc. AAAI Conf. Artificial Intelligence for Cyber Security, Phoenix, 2016, pp. 1-8.

P. Bhandari, and M. S. Guiral, “Ontology Based Approach for Perception of Network Security State”, in Proc.of Recent Advances in Engineering and Computational Sciences, Chandigarh, 2014, pp. 1-6.

I. V. Diorditsa, “Representation of IS policy terminology in the texts of legal acts of Ukraine”, Scientific herald of the International Humanities University. Jurisprudence, vol 1, no. 29, pp. 64-67, 2017.

R. van Heerden, L. Leenen, and B. Irwin, “Automated classification of computer network attacks”, in Inter. Conf. on Adaptive Science and Technology, South Africa, 2013, pp.157-163, doi: http://doi.org/10.1109/ICASTech.2013.6707510.

M. Ushold, and M. Gruninger, “Ontologies: Principles, Methods and Applications”, Knowl. Eng. Rev. CUP, vol. 11, no. 2, pp. 93-155, 1996, doi: https://doi.org/10.1017/S0269888900007797.

P. Buneman, S. Davidson, M. Fernandez, and D. Suciu, “Adding structure to unstructured data”, in Proc.of Inter. Conf. on Database Theory, Delphi, 1997, pp. 336-350.

Y. Zhang, J. Ren, J. Liu, C. Xu, H. Guo, and Y. Liu, “A survey on emerging computing paradigms for big data”, CJE, vol. 26, no. 1, pp.1-12, 2017, doi: https://doi.org/10.1049/cje.2016.11.016.

K. Smith, L. Seligman, and A. Rosenthal, “Big Metadata: The Need for Principled Metadata Management in Big Data Ecosystems”, in Proc. Confe. Data analytics in the Cloud, Snowbird, 2014, pp. 72-84. [Online]. Available: https://dl.acm.org/doi/10.1145/2627770. 2627776, doi: https://doi.org/10.1145/2627770.2627776. Accessed on: Aug. 15, 2020.

T. Takahashi, and Y. Kadobayashi, “Reference ontology for cybersecurity operational information”, The Computer Journal, OUP, vol. 58, no. 10, pp. 2297-2312, 2015. [Online]. Available: https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8205615, doi: https://doi.org/10.1093/comjnl/bxu101. Accessed on: Aug. 15, 2020.

A. Salahi, and M. Ansarinia, “Predicting Network Attacks Using Ontology-Driven Inference”, IJICTR, IGI Global, vol. 4, no. 2; pp. 27-35, 2012. [Online]. Available: http://arxiv.org/ftp/arxiv/papers/1304/1304.0913.pdf. Accessed on: Aug. 15, 2019.

A. Oltramari, L. F. Cranor, R. J. Walls, and P. D. McDaniel, ”Building an Ontology of Cyber Security”, in Proc. 9th Inter. Conf. on Semantic Technologies for Intelligence, Defense, and Security, Fairfax, 2014, pp. 54-61, [Online]. Available: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.664.3593&rep=rep1&type=pdf. Accessed on: Aug. 15, 2020.

J. A. Wang, and M. Guo, “OVM: An Ontology for Vulnerability Management”, in Proc. 5th Annu. Conf on Cyber Security and Information Intelligence Research, Knoxville, 2009, pp. 1-4, doi: https://doi.org/10.1145/1558607.1558646.

A. Y. Gladun, O. O, Puchkov, I. Yu. Subach, and K. O. Khala, English-Ukrainian dictionary of terms on information technology and cybersecurity. Kiev, Ukraine: NTUU KPI named by Igor Sikorsky, 2018.

Protégé 5.0. [Online]. Available: https://protege.stanford.edu/. Accessed on: Aug. 24, 2020.

Great Ukrainian encyclopedia. [Online]. Available: https://vue.gov.ua/. Accessed on: Aug. 10, 2020.

A. Y. Gladun, and J Rogushina, “Mereological aspects of ontological analysis for thesauri constructing”, JIBS Buildings and Environment, Nova Scien. Publish., New York, pp. 301-308, 2010.

A. Y. Gladun, and J. Rogushina, “Use of Semantic Web Technologies and Multilinguistic Thesauri for Knowledge-Based Access to Biomedical Resources”, IJISA, MECS Press, no. 1, pp. 11-20, 2012. [Online]. Available: http://www.mecs-press.org/ijisa/ijisa-v4-n1/IJISA-V4-N1-2.pdf, doi: https://doi.org/10.5815/ijisa.2012.01.02. Accessed on: Aug. 15, 2020.

Y. E. Sachuk, “Professional training of specialists in IS and information protection: thesaurus and ontology”, Problems of engineering and pedagogical education, no. 59, pp. 35-40, 2018.

J. Rogushina, “Use of Similarity of Wiki Pages as an Instrument of Domain Representation for Semantic Retrieval”, in Proc. Conf. Open Semantic Technologies for Intelligent Systems, Minsk, 2020, no. 4, pp. 111-116.

Z. Wu, and M. Palmer, “Verbs semantics and lexical selection”, in Proc. 32nd Annu. Meeting on Association for Computational Linguistics, Association for Computational Linguistics, Stroudsburg, 1994, pp. 133-138, doi: https://doi.org/10.3115/981732.981751.

P. Resnik, “Using information content to evaluate semantic similarity in a taxonomy”, in Proc. 14th Inter. Joint Conf. Artificial Antelligence, vol. 1, 1995, pp. 448-453. [Online]. Available: https://arxiv.org/pdf/cmp-lg/9511007.pdf. Accessed: Aug. 22, 2020.

A. Gladun, and K. Khala, “Using ontological models for formalized knowledge assessment”, Scient. Jour. Computer Means, Networks and Systems, no. 27, pp. 67-73, 2019.

S. Pryima, A. Gladun, and J. Rogushina, “Ontological Analysis of Outcomes of Non-formal and Informal Learning for Agro-Advisory System: AdvisOnt”, CCIS, Springer, vol. 1309, pp. 3-17, 2020. [Online]. Available: https://doi.org/10.1007/978-3-030-62015-8_1, doi: https://doi.org/10.1007/978-3-030-62015-8_1.

Downloads

Published

2020-12-30

How to Cite

Gladun, A., Khala, K., & Subach, I. (2020). Ontological approach to big data analytics in cybersecurity domain. Information Technology and Security, 8(2), 120–132. https://doi.org/10.20535/2411-1031.2020.8.2.222559

Issue

Section

INFORMATION TECHNOLOGY