Ontology-Driven Cyber-Security Threat Assessment Based on Sentiment Analysis of Network Activity Data

Author

Lundquist, Doug ; Kunpeng Zhang ; Ouksel, Aris

Author_Institution

Dept. of Inf. & Decision Sci., Univ. of Illinois at Chicago, Chicago, IL, USA

fYear

2014

fDate

8-12 Sept. 2014

Firstpage

5

Lastpage

14

Abstract

Sentiment analysis is gaining acceptance as a tool for automated understanding of consumer attitudes and preferences. Based on well-designed rule sets that describe how most people express their sentiments, sentiment analysis models enable automated processes to understand human responses. In this paper, we describe our vision of extending sentiment analysis to the novel domain of cyber-security. Our proposal combines: 1) ontological modeling of attacks, defenses, and attacker goals; 2) sentiment analysis of combinations of elements indicative of probable attacks; and 3) semantic reconciliation of borderline cases to more definitively classify ambiguous network activity as threatening or innocuous. This method has achieved good results (86% correct) in assessing consumer sentiments, and we believe that more detailed models can improve on this accuracy even in the complex domain of cyber-security.

Keywords

ontologies (artificial intelligence); security of data; ambiguous network activity; automated processes; borderline cases; consumer sentiments; human responses; network activity data; ontological modeling; ontology-driven cyber security threat assessment; probable attacks; semantic reconciliation; sentiment analysis models; Analytical models; Computer security; Context; Ontologies; Semantics; Sentiment analysis; Cyber-security; ontology; semantic reconciliation; sentiment analysis; threat assessment;

fLanguage

English

Publisher

ieee

Conference_Titel

Cloud and Autonomic Computing (ICCAC), 2014 International Conference on

Conference_Location

London

Type

conf

DOI

10.1109/ICCAC.2014.42

Filename

7024039