Abstract
We first consider network security services and then review threats, vulnerabilities and failure modes. This review is based on standard texts, using well-known concepts, categorizations, and methods, e.g. risk analysis using asset-based threat profiles and vulnerability profiles (attributes). The review is used to construct a framework which is then used to define an extensible ontology for network security attacks. We present a conceptualization of this ontology in figure 1.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Alberts, C., Dorofee, A.: OCTAVE Threat Profiles. Carnegie Mellon Software Engineering Institute, Pittsburgh, PA 15213, USA., Available from http://www.cert.org/archive/pdf/OCTAVEthreatProfiles.pdf [accessed April 12, 2004]
Krsul, A., Spafford: A Taxonomy of Security Faults. Purdue University COAST Lab (1996), Available from: http://www.cerias.purdue.edu/about/history/coast/coast-library.html [accessed March 28, 2004]
Cates, S.: The Art of Hacking. TRIPWIRE Security Industry Seminar, July 28th (2003), Available from: http://www.tripwire.com/events/archived_webcasts/ [accessed March 28, 2004]
DAML, list of ontologies from, http://www.daml.org/ontologies/keyword.html [accessed August 19, 2004]
Denker, G., et al.: Security for DAML Web Services: Annotation and Matchmaking. In: Proceedings, Second International Semantic Web Conference (September 2003)
Kagal, L., Finin, T., Joshi, A.: A Policy Based Approach to Security for the Semantic Web. In: Fensel, D., Sycara, K., Mylopoulos, J. (eds.) ISWC 2003. LNCS, vol. 2870, pp. 402–418. Springer, Heidelberg (2003)
Kagal, L., et al.:Authorization and Privacy for Semantic Web Services. In: Proceedings, First International Semantic Web Services Symposium, AAAI 2004 Spring Symposium (March 2004)
Knight, E.: Computer Vulnerabilities (2000), Available e.g. from: http://www.fi.upm.es/~flimon/compvuln_draft.pdf [accessed March 28, 2004]
McGuiness, D.: Knowledge Systems Laboratory, Stanford University, Ontologies come of age. In: Fensel, et al. (eds.) Spinning the Semantic Web: Bringing the World Wide Web to Its Full Potential, MIT Press, Cambridge (2002), Available from http://www.ksl.stanford.edu/people/dlm/papers/ontologis-come-of-age-mit-press-withcitation.htm [accessed June 6, 2004]
Schneier, B.: Interviewed for the Atlantic Monthly by Mann, Charles, Homeland Insecurity (September 2002), Available from http://www.theatlantic.com/issues/2002/09/mann.htm [accessed April 12, 2004]
Stallings, W.: Network Security Essentials: Applications and Standards. Prentice-Hall Inc., New Jersey (2000)
Tzu, S.: (400 – 320 BC ) On the Art of War. Translated by Lionel Giles (1910), Available from: http://www.kimsoft.com/polwar.htm [accessed March 28, 2004]
Wilson, B.: The OCTAVE Methodology for Self-Directed Risk Assessment. Carnegie Mellon Software Engineering Institute, Pittsburgh, PA 15213, USA. (2002), Available from http://www.fedcirc.gov/library/presentations/octave.pdf [accessed April 12, 2004]
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Simmonds, A., Sandilands, P., van Ekert, L. (2004). An Ontology for Network Security Attacks. In: Manandhar, S., Austin, J., Desai, U., Oyanagi, Y., Talukder, A.K. (eds) Applied Computing. AACC 2004. Lecture Notes in Computer Science, vol 3285. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30176-9_41
Download citation
DOI: https://doi.org/10.1007/978-3-540-30176-9_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23659-7
Online ISBN: 978-3-540-30176-9
eBook Packages: Springer Book Archive