UMBC ebiquity

Supporting Situationally Aware Cybersecurity Systems

Authors: Zareen Syed, Tim Finin, Ankur Padia, and M. Lisa Mathews

Date: September 30, 2015

Abstract: In this report, we describe the Unified Cyber Security ontology (UCO) to support situational awareness in cyber security systems. The ontology is an effort to incorporate and integrate heterogeneous information available from different cyber security systems and most commonly used cyber security standards for information sharing and exchange. The ontology has also been mapped to a number of existing cyber security ontologies as well as concepts in the Linked Open Data cloud. Similar to DBpedia which serves as the core for Linked Open Data cloud, we envision UCO to serve as the core for the specialized cyber security Linked Open Data cloud which would evolve and grow with the passage of time with additional cybersecurity data sets as they become available. We also present a prototype system and concrete use-cases supported by the UCO ontology. To the best of our knowledge, this is the first cyber security ontology that has been mapped to general world ontologies to support broader and diverse security use-cases. We compare the resulting ontology with previous efforts, discuss its strengths and limitations, and describe potential future work directions.

Type: TechReport

Institution: University of Maryland Baltimore County

Number: EBQ-9-1

Tags: semantic web, ontology, reasoning, cybersecurity, uco

Google Scholar: search

Number of downloads: 587

 

Available for download as


size: 2006347 bytes