Ajou University repository

Ontology-driven security requirements recommendation for APT attack
Citations

SCOPUS

8

Citation Export

Publication Year
2019-09-01
Journal
Proceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019
Publisher
Institute of Electrical and Electronics Engineers Inc.
Citation
Proceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019, pp.150-156
Keyword
Advanced Persistent Threat (APT)Knowledge BaseOntologySecurity Requirement
Mesh Keyword
Advanced Persistent Threat (APT)Design processDomain-specific knowledgeKnowledge baseKnowledge ontologyProblem domainSecurity requirementsTools and methods
All Science Classification Codes (ASJC)
Computer Networks and CommunicationsSoftwareSafety, Risk, Reliability and QualityArtificial Intelligence
Abstract
Advanced Persistent Threat (APT) is one of the cyber threats that continuously attack specific targets exfiltrate information or destroy the system [1]. Because the attackers use various tools and methods according to the target, it is difficult to describe APT attack in a single pattern. Therefore, APT attacks are difficult to defend against with general countermeasures. In these days, systems consist of various components and related stakeholders, which makes it difficult to consider all the security concerns. In this paper, we propose an ontology knowledge base and its design process to recommend security requirements based on APT attack cases and system domain knowledge. The proposed knowledge base is divided into three parts; APT ontology, general security knowledge ontology, and domain-specific knowledge ontology. Each ontology can help to understand the security concerns in their knowledge. While integrating three ontologies into the problem domain ontology, the appropriate security requirements can be derived with the security requirements recommendation process. The proposed knowledge base and process can help to derive the security requirements while considering both real attacks and systems.
Language
eng
URI
https://aurora.ajou.ac.kr/handle/2018.oak/36471
https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85078041429&origin=inward
DOI
https://doi.org/10.1109/rew.2019.00032
Journal URL
http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=8932374
Type
Conference
Show full item record

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

Lee, Seok-Won Image
Lee, Seok-Won이석원
Department of Software and Computer Engineering
Read More

Total Views & Downloads

File Download

  • There are no files associated with this item.