attack taxonomies and ontologies
play

Attack Taxonomies and Ontologies Seminar Future Internet - PowerPoint PPT Presentation

Jul 26, 2023 •217 likes •484 views

Lehrstuhl Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen Attack Taxonomies and Ontologies Seminar Future Internet Supervisor: Nadine Herold Natascha Abrek 02.10.2014 2013 in Numbers 552 78 62

  1. Lehrstuhl Netzarchitekturen und Netzdienste Institut für Informatik Technische Universität München Attack Taxonomies and Ontologies Seminar Future Internet Supervisor: Nadine Herold Natascha Abrek 02.10.2014

  2. 2013 in Numbers 552 78 62 PERCENT PERCENT MILLION IDENTITIES OF WEBSITES WITH GROWTH OF DATA BREACHES FROM 2012 EXPOSED VULNERABILITIES New Vulnerabilities SSL and TLS protocol 6,787 2013 renogotiation vulnerabilities were most 5,291 +28% 2012 commonly exploited. Symantec Security Threat Report 2014 2 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  3. Status, Trends and Challenges Affecting Security „ Increased … Traditional security is not sophistication of attacks enough to defend  against the latest number of security vulnerabilities generation of  malware[1]. “ number of network and computer attacks  To protect against attacks we need comprehensive knowledge and understanding of attacks  a distinctive and clear classification of attacks  [1]Gavin Reid, director of threat intelligence for Cisco 3 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  4. Taxonomies A taxonomy is a system of classification which allows the unique identification of object Bishop, M., Bailey, D.;1996 A taxonomy … organizes domain specific information • in a hierarchically structure • over relationships . • 4 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  5. Well-known Taxonomies PLANT KINGDOM Spore Bearing Plants Seed Bearing Plants Algae Mosses Gymnosperms Ferns Flowering Plants … … ANIMAL KINGDOM Unicellular Animals Multicellular Animals Invertebrates Vertebrates … 5 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  6. A Commonly Used Taxonomy 6 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  7. Attack Taxonomy Example J. B. Gao, B. W. Zhang, X. H. Chen, Z. Luo, 2013 7 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  8. Attack Taxonomy Example J. B. Gao, B. W. Zhang, X. H. Chen, Z. Luo, 2013 8 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  9. Attack Taxonomy Example Attack Impact  attack impacts on security principles Attack Vector  path by which an attack is lauched Attack Target  attack targets such as hardware, software or users Vulnerability  weaknesses and flaws of the system Defense  defence and prevention methods 9 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  10. Attack Taxonomy Example Attack Impact  attack impacts on security principles Attack Vector  path by which an attack is lauched Attack Target  attack targets such as hardware, software or users Vulnerability  weaknesses and flaws of the system Defense  defence and prevention methods 10 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  11. Attack Taxonomy Example Attack Impact  attack impacts on security principles Attack Vector  path by which an attack is lauched Attack Target  attack targets such as hardware, software or users Vulnerability  weaknesses and flaws of the system Defense  defence and prevention methods 11 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  12. Attack Taxonomy Example Attack Impact  attack impacts on security principles Attack Vector  path by which an attack is lauched Attack Target  attack targets such as hardware, software or users Vulnerability  weaknesses and flaws of the system Defense  defence and prevention methods 12 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  13. Attack Taxonomy Example Attack Impact  attack impacts on security principles Attack Vector  path by which an attack is lauched Attack Target  attack targets such as hardware, software or users Vulnerability  weaknesses and flaws of the system Defense  defence and prevention methods 13 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  14. Attack Example SQL Slammer A standalone malicious program which uses computer or network resources to make complete copies of itself. May include code or other malware to damage both the system and the network. Attack Attack Attak Target Vulnerability Defense Impact Vector Availability UDP MS SQL CVE-2002-0649 Patch Integrity Buffer server 2000 (Implementation) System Overflow (Software - Worm Network) (Malicious code) DoS 14 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  15. Limitations of Taxonomies developed only for specific domains  reusability in other fields difficult  difficult extend or update  inconsistant vocabulary/ no formal language  only represent hierarchical relationships  15 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  16. From Taxonomies to Ontologies An ontology is an explicit specification of conceptualization. Gruber, T. R., 1993 An ontology consists of… classes to describe a domain  slots to describe relationships in a taxonomy  facets to describe restrictions for slots  16 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  17. Ontologies vs. Taxonomies Use hierarchical and semantical  relationships between classes Provide machine interpretable  semantic and syntax (RDF, OWL) They enable easy extension and  sharing of knowledge 17 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  18. Example Ontology Thing Human Animal Woman Man Mother Father 18 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  19. Example Ontology hasChild Thing Human Animal Woman Man hasHusband Mother Father 19 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  20. Example Ontology hasChild Thing Human Animal Woman Man hasHusband Mother Father 1. A woman can have 0 or 1 huband. 2. A human can have 0 or n children. 3. Every mother must have at least 1 child. 20 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  21. Attack Ontology Example The SQL Slammer is a computer worm and has the attack vectors buffer overflow and denial of service. The attack is enabled by the vulnerabilities due to implementation flaws. Threatened targets are networks. If a Slammer attack succeeds he can cause further DoS attacks. J. B. Gao, B. W. Zhang, X. H. Chen, Z. Luo, 2013 21 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  22. Utility of Ontologies Locate IT security vulnerabilities and risks  - Detect vulnerabilities (Vulnerabilities) on system (Attack Target) - Query what attacks can occur based on the ‚ vulnerabilities(Attack Vector) - Determine risks (Attack Impact) - Determine neccessary defense methods (Defense) Uses of other ontologies  - Intrusion Detection Systems (IDS) and application fire walls : Monitoring component collects data(traffic, requests, packets) and alerting system provides response on attempted attack and countermeasures 22 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  23. Conclusion Taxonomies are important building blocks in a full function  information architecture. Ontologies extend taxonomy functionalities by overcoming their  limitiations. A large variety of attack taxonomies and ontologies exists  focusing on different fields of research. Existing taxonomies and ontologies need to be comined to  create a flexible, extensible and standard classification scheme. 23 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  24. Literatur M. Bishop, D. Bailey: A critical analysis of vulnerability taxonomies, California University Davis, Department of Computer Science, 1996 J. B. Gao, B. W. Zhang, X. H. Chen, Z. Luo: Ontology-based model of network and computer attacks for security assessment Journal of Shanghai Jiaotong University (Science), 18. Jg., pages 554-562, 2013 T. R. Gruber: A translation approach to portable ontology specications, Knowledge acquisition, 5. Jg., Nr. 2, pages 199-220, 1993 J. Undercoer, A. Joshi, J. Pinkston: Modeling computer attacks: An ontology for intrusion detection, In: Recent Advances in Intrusion Detection. Springer Berlin Heidelberg, pages 113-135, 2003 R. P. van Heerden, B. Irwin, I. D. Burke: Classifying network attack scenarios using an Ontology, In: Proceedings of the 7th International Conference on Information Warfare and Security. Academic Conferences Limited, pages 331-324, 2012 24 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

  25. Contact Fakultät für Informatik Natascha Abrek abrek@in.tum.de Informatik VIII: Lehrstuhl für Netzarchitekturen und Netzdienste 25 ATTACK TAXONOMIES AND ONTOLOGIES HIER THEMA EINTRAGEN

Recommend

Ontologies for NLP NLP for Ontologies FOIS 2014 - LogOnto Workshop on Logics and Ontologies for

Ontologies for NLP NLP for Ontologies FOIS 2014 - LogOnto Workshop on Logics and Ontologies for

Ontologies for NLP NLP for Ontologies FOIS 2014 - LogOnto Workshop on Logics and Ontologies for Natural Language Overview NLP for Ontologies Ontologies for NLP Portuguese resources Research at PUCRS Introduction We think and we

757 views • 71 slides
A Similarity Measure for Formal Ontologies with an application to ontologies of a geographic kind

A Similarity Measure for Formal Ontologies with an application to ontologies of a geographic kind

A Similarity Measure for Formal Ontologies with an application to ontologies of a geographic kind Mark Hall Midflight presentation for the master thesis 27 .01.2006 Overview I Topic Evaluation of data instance statistics Progress &

566 views • 13 slides
Higher Levels of Learning Diana Skrzydlo, Continuing Lecturer Outline Learning Taxonomies

Higher Levels of Learning Diana Skrzydlo, Continuing Lecturer Outline Learning Taxonomies

Designing Exams to Test Higher Levels of Learning Diana Skrzydlo, Continuing Lecturer Outline Learning Taxonomies Assessment is Curriculum Higher Level Questions Examples How you can use these ideas Learning Taxonomies

283 views • 17 slides
Formal rmal Foundations oundations of of Ontologies Ontologies and and Reasoning Reasoning

Formal rmal Foundations oundations of of Ontologies Ontologies and and Reasoning Reasoning

Formal Ontologies Introduction to DLs Formal rmal Foundations oundations of of Ontologies Ontologies and and Reasoning Reasoning Ivan Ivan Varzinczak rzinczak Universit dArtois & CNRS, France http://www.ijv.ovh Ivan

1.3k views • 101 slides
Formal rmal Foundations oundations of of Ontologies Ontologies and and Reasoning Reasoning

Formal rmal Foundations oundations of of Ontologies Ontologies and and Reasoning Reasoning

Making Statements DL Knowledge Bases Entailment in DLs Formal rmal Foundations oundations of of Ontologies Ontologies and and Reasoning Reasoning Ivan Ivan Varzinczak rzinczak Universit dArtois & CNRS, France

896 views • 74 slides
Ontologies: Weather and Ontologies: Weather and Flight Information Kajal Claypool Kelly Moran

Ontologies: Weather and Ontologies: Weather and Flight Information Kajal Claypool Kelly Moran

Ontologies: Weather and Ontologies: Weather and Flight Information Kajal Claypool Kelly Moran y MIT Lincoln Laboratory 1 This work was sponsored by the Federal Aviation Administration under Air Force Contract No. FA8721-05-C-0002. Opinions,

719 views • 39 slides
Attack on Traffic Systems These attack examples have happened in the past. We will take an

Attack on Traffic Systems These attack examples have happened in the past. We will take an

From start to finish how a cyber attack would be performed on traffic system, we will go over first day >> exploitation of the device >> the real-world aftermath. Mission Secure, Inc. Attack on Traffic Systems These attack examples

556 views • 18 slides
Listening to Programmers Taxonomies and Characteristics of Comments in Operating System Code

Listening to Programmers Taxonomies and Characteristics of Comments in Operating System Code

Listening to Programmers Taxonomies and Characteristics of Comments in Operating System Code written by Yoann Padioleau, Lin Tan and Yuanyuan Zhou talk by Gerd Zellweger Software Engineering Seminar SS10 ETH Z urich March 9, 2010

510 views • 30 slides
Software taxonomies Patterns, styles, tactics,... School of Computer Science Jose E. Labra Gayo

Software taxonomies Patterns, styles, tactics,... School of Computer Science Jose E. Labra Gayo

Software Architecture University of Oviedo Software taxonomies Patterns, styles, tactics,... School of Computer Science Jose E. Labra Gayo Course 2018/2019 Software Architecture Software taxonomies University of Oviedo Construction &

1.29k views • 106 slides
over Taxonomies Yodsawalai Chodpathumwan University of Illinois at Urbana-Champaign Ali Vakilian

over Taxonomies Yodsawalai Chodpathumwan University of Illinois at Urbana-Champaign Ali Vakilian

Cost-Effective Conceptual Design over Taxonomies Yodsawalai Chodpathumwan University of Illinois at Urbana-Champaign Ali Vakilian Massachusetts Institute of Technology Arash Termehchy, Amir Nayyeri Oregon State University Users have to query

759 views • 30 slides
over Taxonomies Yodsawalai Chodpathumwan University of Illinois at Urbana-Champaign Ali Vakilian

over Taxonomies Yodsawalai Chodpathumwan University of Illinois at Urbana-Champaign Ali Vakilian

Cost-Effective Conceptual Design over Taxonomies Yodsawalai Chodpathumwan University of Illinois at Urbana-Champaign Ali Vakilian Massachusetts Institute of Technology Arash Termehchy, Amir Nayyeri Oregon State University Most information

704 views • 24 slides
TDDD04: Test plans and software defect taxonomies Lena Buffoni lena.buffoni@liu.se 3 Lecture

TDDD04: Test plans and software defect taxonomies Lena Buffoni lena.buffoni@liu.se 3 Lecture

TDDD04: Test plans and software defect taxonomies Lena Buffoni lena.buffoni@liu.se 3 Lecture plan Test planning (ISO/IEC/IEEE 29119) Scripted vs Exploratory testing Defect taxonomies (ISO/IEC/IEEE 1044) 4 Scripted testing Testing

492 views • 46 slides
TDDD04: Test plans and software defect taxonomies Lena Buffoni lena.buffoni@liu.se 3 Lecture

TDDD04: Test plans and software defect taxonomies Lena Buffoni lena.buffoni@liu.se 3 Lecture

TDDD04: Test plans and software defect taxonomies Lena Buffoni lena.buffoni@liu.se 3 Lecture plan Test planning (ISO/IEC/IEEE 29119) Scripted vs Exploratory testing Defect taxonomies (ISO/IEC/IEEE 1044) 4 Scripted testing Testing

750 views • 47 slides
On Flat versus Hierarchical Classification in Large-Scale Taxonomies R. Babbar, I. Partalas,

On Flat versus Hierarchical Classification in Large-Scale Taxonomies R. Babbar, I. Partalas,

On Flat versus Hierarchical Classification in Large-Scale Taxonomies R. Babbar, I. Partalas, E. Gaussier, M.-R. Amini Gargantua (CNRS Mastodons) - November the 26 th , 2013 2/21 Challenges Proposed approach Hierarchy Pruning Experiments

588 views • 21 slides
Creating and Using Taxonomies to Support Implementation of High Impact Practices (rise.iupui.edu/

Creating and Using Taxonomies to Support Implementation of High Impact Practices (rise.iupui.edu/

Creating and Using Taxonomies to Support Implementation of High Impact Practices (rise.iupui.edu/ taxonom ies) Jennifer Thorington Springer Julie Hatcher Matthew Rust Enrollm ent Research Com m unity Engagem ent 30K students $428.9

432 views • 28 slides
Ontologies & Its Applications Ontologies & Its Applications San Su Lee, Jong Lim, Rami

Ontologies & Its Applications Ontologies & Its Applications San Su Lee, Jong Lim, Rami

Ontologies & Its Applications Ontologies & Its Applications San Su Lee, Jong Lim, Rami Al-Ghanmi San Su Lee, Jong Lim, Rami Al-Ghanmi Outline Outline Introduction to Ontologies Introduction to Ontologies Definition

477 views • 28 slides
Description logics, ontologies, and automated reasoning: an introduction Day 1, Part 1

Description logics, ontologies, and automated reasoning: an introduction Day 1, Part 1

Basics DLs and other logics Ontologies OWL Description logics, ontologies, and automated reasoning: an introduction Day 1, Part 1 Uli Sattler 1 1 School of Computer Science, University of Manchester, UK Logic Colloqium 2018, Udine,

329 views • 28 slides
Management of Quantified Semantic Taxonomies for Biothreat Response Cliff Joslyn Computer and

Management of Quantified Semantic Taxonomies for Biothreat Response Cliff Joslyn Computer and

Management of Quantified Semantic Taxonomies for Biothreat Response Cliff Joslyn Computer and Computational Sciences Los Alamos National Laboratory Modeling, Algorithms, and Informatics (CCS-3) DIMACS Tutorial and Working Group on

871 views • 49 slides
Competing Ontologies and Verbal Disputes Jakub Mcha Department of Philosophy Masaryk

Competing Ontologies and Verbal Disputes Jakub Mcha Department of Philosophy Masaryk

Competing Ontologies and Verbal Disputes Jakub Mcha Department of Philosophy Masaryk University, Brno, Czech Republic LogOnto - Workshop on Logic and Ontologies for Natural Language, 22 nd September 2014 Overview of the talk The background

556 views • 16 slides
DO EDUCATIONAL TAXONOMIES LEAD TO EXCELLENCE IN TEACHING? Bonnie Bachman 1 , Alyson Y. Jones 1

DO EDUCATIONAL TAXONOMIES LEAD TO EXCELLENCE IN TEACHING? Bonnie Bachman 1 , Alyson Y. Jones 1

DO EDUCATIONAL TAXONOMIES LEAD TO EXCELLENCE IN TEACHING? Bonnie Bachman 1 , Alyson Y. Jones 1 and Ian Ferguson 1,2,* 1 Dept. of Economics, Missouri University of Science and Technology 2 Dept. of Electrical and Computer Engineering,

462 views • 20 slides
On Querying OBO Ontologies using a DAG Pattern Query Language Amarnath Gupta Simone Santini

On Querying OBO Ontologies using a DAG Pattern Query Language Amarnath Gupta Simone Santini

On Querying OBO Ontologies using a DAG Pattern Query Language Amarnath Gupta Simone Santini Univ. of California San Diego What is an OBO Ontology? OBO Open Biomedical Ontologies is a consortium Serves a standard for developing

483 views • 29 slides
HIP Taxonomies Jerry Daday Executive Director Center for Innovative Teaching & Learning

HIP Taxonomies Jerry Daday Executive Director Center for Innovative Teaching & Learning

HIP Taxonomies Jerry Daday Executive Director Center for Innovative Teaching & Learning Western Kentucky University Criteria for High Quality HIPs Expectations set at appropriately high levels Intentional (clear Essential Learning

305 views • 27 slides
SRI Work on Science Taxonomies Jeffrey Alexander, Ph.D. Senior Science & Technology Policy

SRI Work on Science Taxonomies Jeffrey Alexander, Ph.D. Senior Science & Technology Policy

SRI Work on Science Taxonomies Jeffrey Alexander, Ph.D. Senior Science & Technology Policy Analyst Center for Science, Technology & Economic Development August 2011 Who We Are SRI is a worldleading independent R&D organiza>on

854 views • 13 slides
Learning Concept Taxonomies from Multi-modal Data Hao Zhang Zhiting Hu, Yuntian Deng, Mrinmaya

Learning Concept Taxonomies from Multi-modal Data Hao Zhang Zhiting Hu, Yuntian Deng, Mrinmaya

Learning Concept Taxonomies from Multi-modal Data Hao Zhang Zhiting Hu, Yuntian Deng, Mrinmaya Sachan, Zhicheng Yan and Eric P. Xing Carnegie Mellon University 1 Outline Problem Taxonomy Induction Model Features Evaluation

879 views • 32 slides

More recommend