Attacks based on advanced persistent threats (APTs), phishing and ransomware are increasing. Consequently, cybersecurity professionals are exhibiting a great deal of interest in establishing a cyber-ontology.
The call for the construction of a common language and a set of basic concepts that can be used to develop an ontology dates back to 2012. Yet, the term cyber-ontology is unfamiliar among cybersecurity professionals. Furthermore, opinion on the potential value offered by the cyber-ontology is divided among those who are familiar with the ontology.
Some opinions are tempered by the context in which an ontology would be used for endpoint security when dealing with malware. However, others have embraced the concepts in toto. For instance, emerging security focus area — mobile threat defense — has benefited from the more robust understanding offered by the cyber-ontology. The understanding has enabled cybersecurity professionals to build models that track the development of a threat — from initial vulnerability through exploit and data compromise.
Initially, the ontology-based definitions of cybersecurity were relatively static. This was the reason that cybersecurity professionals had divergent views on cyber-ontology. Presently, the construction of ontologies have evolved into an active purveyor of data element relationships, which can use machine learning and artificial intelligence to adapt to changes in environments.
However, cyber-ontologies may yet prove to be the adaptive dictionaries of data, application and user relationships. Additionally, it may enhance behavioral analysis and help prevent the spread of cyber threats.
Click here to read the original article published in Security Boulevard.
Please give your feedback on this article or share a similar story for publishing by clicking here.
