Title :
The Ontology of Metrics for Security Evaluation and Decision Support in SIEM Systems
Author :
Kotenko, Igor ; Polubelova, Olga ; Saenko, Igor ; Doynikova, Elena
Author_Institution :
Lab. of Comput. Security Problems, St. Petersburg Inst. for Inf. & Autom., St. Petersburg, Russia
Abstract :
Analysis of computer network security is a serious challenge. Many security metrics has been proposed for this purpose, but their effective use for rapid and reliable security evaluation and generation of countermeasures in SIEM systems remains an important problem. The use of ontologies for security information representation in SIEM systems contributes largely to the success of this task. However, most of works on ontological security data representation does not take into account the ontologies of security metrics. This paper proposes a new approach on using security metrics which is based on their ontological representation and serves for comprehensive security evaluation and subsequent countermeasure generation. The novelty of the proposed approach is that ontology of security metrics is viewed as a core component of a countermeasure decision support system. The proposed solutions are tested on a specific example.
Keywords :
computer network security; decision support systems; ontologies (artificial intelligence); SIEM systems; comprehensive security evaluation; computer network security; countermeasure decision support system; countermeasure generation; metrics ontology; ontological security data representation; security evaluation; security information representation; security metrics; Cognition; Computer security; Laboratories; Measurement; Ontologies; Probability; countermeasure decision support; ontology; security information and event management; security metrics;
Conference_Titel :
Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
Conference_Location :
Regensburg
DOI :
10.1109/ARES.2013.84
