Using ontologies to assist security management

  • Luciana A. F. Martimiano USP
  • Edson dos Santos Moreira USP

Resumo


Several tools can be used to manage and store security information. These tools generate a great amount of security alerts, which are stored in different formats. This lack of standard and the amount of data make the tasks of the security administrators even harder, because they have to understand, using their tacit knowledge, different security alerts to make correlation and solve security problems. Aiming to assist the administrators in executing these tasks efficiently, this paper presents the main features and contributions of the security incident ontology developed to model, using a unique format, the concepts of the security incident domain.

Referências

Brandão, A. J. S. (2004). Using ontology to classify vulnerabilities in computational systems. Master’s thesis, Instituto de Ciências Matemáticas e de Computação - ICMC, Universidade de São Paulo - USP, São Carlos - São Paulo. In Portuguese.

Gruber, T. R. (1993). Towards principles for the design of ontologies used for knowledge sharing. In Formal Ontology in Conceptual Analysis and Knowledge Representation. Kluwer Academic Publishers.

Martimiano, L. A. F. and Moreira, E. S. (2005). An owl-based security incident ontology. In Eighth International Protégé Conference, pages 43–44.
Publicado
28/08/2006
MARTIMIANO, Luciana A. F.; MOREIRA, Edson dos Santos. Using ontologies to assist security management. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 6. , 2006, Santos. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2006 . p. 282-285. DOI: https://doi.org/10.5753/sbseg.2006.20956.