Vladimir Dimitrov
@uni-sofia.bg
Faculty of Mathematics and Informatics
Sofia University "St. Kliment Ohridski"
Scopus Publications
Scopus Publications
Vladimir Dimitrov
Sofia University "St. Kliment Ohridski"
CAPEC is an effort coordinated by MITRE Corporation. Its aim is attack pattern database structured in taxonomies. CAPEC is available as XML document from its project site. CAPEC structure and content are under permanent change and development. It is still not mature database but may be never will.CAPEC, CWE, and CVE are databases devoted to attacks, weaknesses, and vulnerabilities. They refer each other forming a knowledge ecosystem in cybersecurity area.Traditional approach for knowledge presentation as information does not work well with conceptualizations under dynamics of this ecosystem and particularly of CAPEC. In this paper, an alternative approach to CAPEC knowledge presentation is proposed, as ontology. First, CAPEC structure and content are discussed and then ontology structure is introduced. CAPEC as ontology opens doors to ``open world'' concept that is more adequate to ecosystem dynamics.CAPEC ontology is programmatically generated from CAPEC database.CAPEC ontology generator in implemented in Python.
V. Dimitrov
Pleiades Publishing Ltd
Vladimir Dimitrov
Sofia University "St. Kliment Ohridski"
CAPEC is an effort coordinated by MITRE Corporation. Its aim is attack pattern database structured in taxonomies. CAPEC is available as XML document from its project site. CAPEC structure and content are under permanent change and development. It is still not mature database but may be never will.CAPEC, CWE, and CVE are databases devoted to attacks, weaknesses, and vulnerabilities. They refer each other forming a knowledge ecosystem in cybersecurity area.Traditional approach for knowledge presentation as information does not work well with conceptualizations under dynamics of this ecosystem and particularly of CAPEC. In this paper an alternative approach to CAPEC knowledge presentation is proposed, as ontology. First, CAPEC structure and content are discussed and then ontology structure is introduced. CAPEC as ontology opens doors to ``open world'' concept that is more adequate to ecosystem dynamics.
Vladimir Dimitrov
Sofia University "St. Kliment Ohridski"
CVE (NVD, CPE), CWE and CAPEC are databases in the Cybersecurity area sponsored and maintained by the US government. These are lists (databases) organized in taxonomies where it is appropriate. They contain information about known vulnerabilities, weaknesses and attacks. CVE (NVD, CPE), CWE and CAPEC are the corner stone in many cybersecurity tools.The usage of traditional database systems for the tasks in the cybersecurity require extended knowledge and skills in querying for identification of vulnerabilities, weaknesses and attacks. CVE (NVD, CPE), CWE and CAPEC contain hidden facts and relationships (knowledge) buried in the data. This knowledge can be effectively accessed by the Semantic web tools.The paper presents an approach for transition to the Semantic web of above-mentioned databases. The approach is presented in illustrative way. This means without duplication with information about the contents available for CVE (NVD, CPE), CWE and CAPEC.
Zh. E. Sartabanova, V. T. Dimitrov, and S. M. Sarsimbayeva
al-Farabi Kazakh National University