Using ontologies to assist security management
ResumoSeveral tools can be used to manage and store security information. These tools generate a great amount of security alerts, which are stored in different formats. This lack of standard and the amount of data make the tasks of the security administrators even harder, because they have to understand, using their tacit knowledge, different security alerts to make correlation and solve security problems. Aiming to assist the administrators in executing these tasks efficiently, this paper presents the main features and contributions of the security incident ontology developed to model, using a unique format, the concepts of the security incident domain.
Gruber, T. R. (1993). Towards principles for the design of ontologies used for knowledge sharing. In Formal Ontology in Conceptual Analysis and Knowledge Representation. Kluwer Academic Publishers.
Martimiano, L. A. F. and Moreira, E. S. (2005). An owl-based security incident ontology. In Eighth International Protégé Conference, pages 43–44.