Article: An ontological approach to threats pattern collection and classification: a preliminary study to security management Journal: International Journal of Electronic Security and Digital Forensics (IJESDF) 2020 Vol.12 No.3 pp.323 - 335 Abstract: This study presents an agent based approach to resolve issues related to the collection and classification of software application anomalies and misuses with the aim of facilitating the reappraisal of security controls of information system (IS). The proposed system is assumed to be integrated with the existing IS in order to enhance information system security maintenance by continuously collecting identified threat behaviour from the application intrusion detection system (IDS). The system comprises of several functional agents like the input collector agent, classifier agent, and tracking agent. The collector agent collects the identified threats by the IDS, the categoriser agent categorises according to STRIDE model using pattern matching algorithm on the content of security knowledge base. The security knowledge repository is developed based on existing security ontology. The classifier classifies based on the threats IP address while the tracking agent collates all the threats profile. The collect-categorise-classify-track (C3T) model is hereby presented. The potential usability of this work is demonstrated by a case study and its useful integration with further studies is also discussed. Inderscience Publishers - linking academia, business and industry through research

Title: An ontological approach to threats pattern collection and classification: a preliminary study to security management

Authors: Oluwasefunmi T. Arogundade; Temitope Elizabeth Abioye; Misra Sanjay

Addresses: Department of Computer Science, Federal University of Agriculture, Abeokuta PMB 2240, Ogun State Nigeria ' Department of Computer Science, Federal University of Agriculture, Abeokuta PMB 2240, Ogun State Nigeria ' Department of Electrical and Information Engineering, Covenant University, Nigeria

Abstract: This study presents an agent based approach to resolve issues related to the collection and classification of software application anomalies and misuses with the aim of facilitating the reappraisal of security controls of information system (IS). The proposed system is assumed to be integrated with the existing IS in order to enhance information system security maintenance by continuously collecting identified threat behaviour from the application intrusion detection system (IDS). The system comprises of several functional agents like the input collector agent, classifier agent, and tracking agent. The collector agent collects the identified threats by the IDS, the categoriser agent categorises according to STRIDE model using pattern matching algorithm on the content of security knowledge base. The security knowledge repository is developed based on existing security ontology. The classifier classifies based on the threats IP address while the tracking agent collates all the threats profile. The collect-categorise-classify-track (C3T) model is hereby presented. The potential usability of this work is demonstrated by a case study and its useful integration with further studies is also discussed.

Keywords: threats; STRIDE; ontology; intrusion detection system; IDS; agents; risk; security.

DOI: 10.1504/IJESDF.2020.108320

International Journal of Electronic Security and Digital Forensics, 2020 Vol.12 No.3, pp.323 - 335

Received: 12 Feb 2019
Accepted: 03 Oct 2019
Published online: 08 Jul 2020 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: An ontological approach to threats pattern collection and classification: a preliminary study to security management

Keep up-to-date