An Ontology for Network Security Attacks

Simmonds, Andrew; Sandilands, Peter; van Ekert, Louis

doi:10.1007/978-3-540-30176-9_41

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3285))

Included in the following conference series:

Asian Applied Computing Conference

2063 Accesses
80 Citations
3 Altmetric

Abstract

We first consider network security services and then review threats, vulnerabilities and failure modes. This review is based on standard texts, using well-known concepts, categorizations, and methods, e.g. risk analysis using asset-based threat profiles and vulnerability profiles (attributes). The review is used to construct a framework which is then used to define an extensible ontology for network security attacks. We present a conceptualization of this ontology in figure 1.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic

€34.99 /Month

Get 10 units per month
Download Article/Chapter or eBook
1 Unit = 1 Article or 1 Chapter
Cancel anytime

Buy Now

Chapter: EUR 29.95; Price includes VAT (Germany)

eBook: EUR 42.79; Price includes VAT (Germany)

Softcover Book: EUR 53.49; Price includes VAT (Germany)

Tax calculation will be finalised at checkout

Purchases are for personal use only

') var buybox = document.querySelector("[data-id=id_"+ timestamp +"]").parentNode var buyingOptions = buybox.querySelectorAll(".buying-option") ;[].slice.call(buyingOptions).forEach(initCollapsibles) var buyboxMaxSingleColumnWidth = 480 function initCollapsibles(subscription, index) { var toggle = subscription.querySelector(".buying-option-price") subscription.classList.remove("expanded") var form = subscription.querySelector(".buying-option-form") var priceInfo = subscription.querySelector(".price-info") var buyingOption = toggle.parentElement if (toggle && form && priceInfo) { toggle.setAttribute("role", "button") toggle.setAttribute("tabindex", "0") toggle.addEventListener("click", function (event) { var expandedBuyingOptions = buybox.querySelectorAll(".buying-option.expanded") var buyboxWidth = buybox.offsetWidth ;[].slice.call(expandedBuyingOptions).forEach(function(option) { if (buyboxWidth buyboxMaxSingleColumnWidth) { toggle.click() } else { if (index === 0) { toggle.click() } else { toggle.setAttribute("aria-expanded", "false") form.hidden = "hidden" priceInfo.hidden = "hidden" } } }) } initialStateOpen() if (window.buyboxInitialised) return window.buyboxInitialised = true initKeyControls() })()

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Introduction to Network Security Technologies

Network Security Metrics: From Known Vulnerabilities to Zero Day Attacks

Network Security Situational Assessment Based on the ATT&CK Tactics Framework and Transformer Model

References

Alberts, C., Dorofee, A.: OCTAVE Threat Profiles. Carnegie Mellon Software Engineering Institute, Pittsburgh, PA 15213, USA., Available from http://www.cert.org/archive/pdf/OCTAVEthreatProfiles.pdf [accessed April 12, 2004]
Krsul, A., Spafford: A Taxonomy of Security Faults. Purdue University COAST Lab (1996), Available from: http://www.cerias.purdue.edu/about/history/coast/coast-library.html [accessed March 28, 2004]
Cates, S.: The Art of Hacking. TRIPWIRE Security Industry Seminar, July 28th (2003), Available from: http://www.tripwire.com/events/archived_webcasts/ [accessed March 28, 2004]
DAML, list of ontologies from, http://www.daml.org/ontologies/keyword.html [accessed August 19, 2004]
Denker, G., et al.: Security for DAML Web Services: Annotation and Matchmaking. In: Proceedings, Second International Semantic Web Conference (September 2003)
Google Scholar
Kagal, L., Finin, T., Joshi, A.: A Policy Based Approach to Security for the Semantic Web. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 402–418. Springer, Heidelberg (2003)
Chapter Google Scholar
Kagal, L., et al.:Authorization and Privacy for Semantic Web Services. In: Proceedings, First International Semantic Web Services Symposium, AAAI 2004 Spring Symposium (March 2004)
Google Scholar
Knight, E.: Computer Vulnerabilities (2000), Available e.g. from: http://www.fi.upm.es/~flimon/compvuln_draft.pdf [accessed March 28, 2004]
McGuiness, D.: Knowledge Systems Laboratory, Stanford University, Ontologies come of age. In: Fensel, et al. (eds.) Spinning the Semantic Web: Bringing the World Wide Web to Its Full Potential, MIT Press, Cambridge (2002), Available from http://www.ksl.stanford.edu/people/dlm/papers/ontologis-come-of-age-mit-press-withcitation.htm [accessed June 6, 2004]
Schneier, B.: Interviewed for the Atlantic Monthly by Mann, Charles, Homeland Insecurity (September 2002), Available from http://www.theatlantic.com/issues/2002/09/mann.htm [accessed April 12, 2004]
Stallings, W.: Network Security Essentials: Applications and Standards. Prentice-Hall Inc., New Jersey (2000)
Google Scholar
Tzu, S.: (400 – 320 BC ) On the Art of War. Translated by Lionel Giles (1910), Available from: http://www.kimsoft.com/polwar.htm [accessed March 28, 2004]
Wilson, B.: The OCTAVE Methodology for Self-Directed Risk Assessment. Carnegie Mellon Software Engineering Institute, Pittsburgh, PA 15213, USA. (2002), Available from http://www.fedcirc.gov/library/presentations/octave.pdf [accessed April 12, 2004]

Download references

Author information

Authors and Affiliations

Faculty of IT, University of Technology Sydney, PO Box 123, Broadway, NSW 2007, Australia
Andrew Simmonds, Peter Sandilands & Louis van Ekert

Authors

Andrew Simmonds
View author publications
Search author on:PubMed Google Scholar
Peter Sandilands
View author publications
Search author on:PubMed Google Scholar
Louis van Ekert
View author publications
Search author on:PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computer Science, The University of York, YO10 5NG, Heslington, York, UK
Suresh Manandhar
Advanced Computer Architectures Group, Department of Computer Science, University of York, York, UK
Jim Austin
Department of Electrical Engineering, Indian Institute of Technology, 400076, Powai, Bombay, India
Uday Desai
Department of Computer Science, University of Tokyo, 7-3-1 Hongo, Bunkyo-ku, 113-8654, Tokyo, Japan
Yoshio Oyanagi
Indian Institute of Information Technology, Bangalore, 26/C, Electronics City, Hosur Road, 560100, Bangalore, India
Asoke K. Talukder

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Simmonds, A., Sandilands, P., van Ekert, L. (2004). An Ontology for Network Security Attacks. In: Manandhar, S., Austin, J., Desai, U., Oyanagi, Y., Talukder, A.K. (eds) Applied Computing. AACC 2004. Lecture Notes in Computer Science, vol 3285. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30176-9_41

Download citation

DOI: https://doi.org/10.1007/978-3-540-30176-9_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23659-7
Online ISBN: 978-3-540-30176-9
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics