Open Access
Subscription Access
Semantic Web Based Technique for Network Security Situation Awareness Status Prediction
As the computer network has evolved to provide the user many services, the attacks on these networks to disrupt the services and to gain access to resources has also evolved. New entities in form of services, hardware, network protocols etc. are being added to the network, which is leading to new ways to attack the network. The complexity of the system is increasing so fast that it is becoming increasingly difficult for network administrator to comprehend the situation and react in an appropriate manner. Situation becomes more complex as there is not uniform terminology. Though serious efforts in form of Common Vulnerability Enumeration (CVE), Common Weakness Enumeration (CWE), Common Attack Pattern Enumeration and Classification(CAPEC) etc. has been made, still a long way is to go. In this paper we model a computer network by modelling its components i.e. hardware, software, services using ontology. Also vulnerabilities and attacks on these computers are modelled. We populate our ontology with various instances of vulnerabilities, CVSS scores, attacks and possible services in the network. Knowledge representation methods are used in order to provide Description Logic reasoning and inference over network security status concept. Secondly we propose an ontology based system which predicts probable attacks using inference and information provided by the environment. Results show that proposed method is scalable for large systems and also flexible to incorporate new evolutions in the field of study.
User
Font Size
Information
Abstract Views: 204
PDF Views: 5