Citation Export
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Kim, Min Ju | - |
| dc.contributor.author | Dey, Sangeeta | - |
| dc.contributor.author | Lee, Seok Won | - |
| dc.date.issued | 2019-09-01 | - |
| dc.identifier.uri | https://aurora.ajou.ac.kr/handle/2018.oak/36471 | - |
| dc.identifier.uri | https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85078041429&origin=inward | - |
| dc.description.abstract | Advanced Persistent Threat (APT) is one of the cyber threats that continuously attack specific targets exfiltrate information or destroy the system [1]. Because the attackers use various tools and methods according to the target, it is difficult to describe APT attack in a single pattern. Therefore, APT attacks are difficult to defend against with general countermeasures. In these days, systems consist of various components and related stakeholders, which makes it difficult to consider all the security concerns. In this paper, we propose an ontology knowledge base and its design process to recommend security requirements based on APT attack cases and system domain knowledge. The proposed knowledge base is divided into three parts; APT ontology, general security knowledge ontology, and domain-specific knowledge ontology. Each ontology can help to understand the security concerns in their knowledge. While integrating three ontologies into the problem domain ontology, the appropriate security requirements can be derived with the security requirements recommendation process. The proposed knowledge base and process can help to derive the security requirements while considering both real attacks and systems. | - |
| dc.language.iso | eng | - |
| dc.publisher | Institute of Electrical and Electronics Engineers Inc. | - |
| dc.subject.mesh | Advanced Persistent Threat (APT) | - |
| dc.subject.mesh | Design process | - |
| dc.subject.mesh | Domain-specific knowledge | - |
| dc.subject.mesh | Knowledge base | - |
| dc.subject.mesh | Knowledge ontology | - |
| dc.subject.mesh | Problem domain | - |
| dc.subject.mesh | Security requirements | - |
| dc.subject.mesh | Tools and methods | - |
| dc.title | Ontology-driven security requirements recommendation for APT attack | - |
| dc.type | Conference | - |
| dc.citation.conferenceDate | 2019.9.23. ~ 2019.9.27. | - |
| dc.citation.conferenceName | 27th IEEE International Requirements Engineering Conference Workshops, REW 2019 | - |
| dc.citation.edition | Proceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019 | - |
| dc.citation.endPage | 156 | - |
| dc.citation.startPage | 150 | - |
| dc.citation.title | Proceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019 | - |
| dc.identifier.bibliographicCitation | Proceedings - 2019 IEEE 27th International Requirements Engineering Conference Workshops, REW 2019, pp.150-156 | - |
| dc.identifier.doi | 10.1109/rew.2019.00032 | - |
| dc.identifier.scopusid | 2-s2.0-85078041429 | - |
| dc.identifier.url | http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=8932374 | - |
| dc.subject.keyword | Advanced Persistent Threat (APT) | - |
| dc.subject.keyword | Knowledge Base | - |
| dc.subject.keyword | Ontology | - |
| dc.subject.keyword | Security Requirement | - |
| dc.type.other | Conference Paper | - |
| dc.description.isoa | false | - |
| dc.subject.subarea | Computer Networks and Communications | - |
| dc.subject.subarea | Software | - |
| dc.subject.subarea | Safety, Risk, Reliability and Quality | - |
| dc.subject.subarea | Artificial Intelligence | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.
