I have been reading the paper Towards a Cognitive System for Decision Support in Cyber Operations. And I have been trying to understand the role of two ontologies proposed here, cyber security ontologies and scenario ontologies.
I have asked a question on CGS SE, What are the practical uses of ontologies? and the role of the ACT-R architecture in this system have become clear to some extent, but the question about the ontologies is that:
Does the cyber security ontologies make the ideas in the TENA's Repo understandable for ACT-R or the ideas that are in the repo has to be represented by an ontology called cyber security ontologies in order to be understandable for the ACT-R architecture?
The Cognitive System realized in the TENA framework:
Questions raising from this Figure can be:
- What is the difference between the cyber security ontologies and the scenario ontologies?
- What kind of knowledge the scenario ontologies represent?
- And of course what is the reason that the scenario ontologies are connected to Event data management module instead of TENA's Repo?
ACT-R Architecture:
TENA Architecture:
Asked By : Ali Nfr
Answered By : vzn
Some more detail can be found p97. Here "ontologies" are basically encodings of database contents (which represent cyber attacks, incidents, and malicious/ impacted software programs) parseable by external sources, e.g. ACT-R. The event data management system keeps track of (real) attacks/ incidents, or possibly simulated ones. TENA is a Testing and Training Enabling Architecture. In a sense the Cyber Security Ontologies are all the "Nouns", and the Scenario Ontologies are "Verbs" that operate on the Nouns. ACT-R takes these inputs and attempts to create a conceptual linking or model. In a sense the ACT-R is a machine learning system for cyber-attack-related events and entities. It is a framework for outputting a (maybe statistical) analysis that could be used to predict future attacks from the structure of past ones.
The need for controlled vocabularies, taxonomies, and ontologies to make progress toward a science of cyber security is recognized in [26] and [27] as well. In the domain of cyber security, the ontologies would include, among other things, the classification of cyber attacks, cyber incidents, and malicious and impacted software programs. From our point of view, which seeks to accurately represent the human-side of cyber security, we also expand our analysis to: (i) the different roles that system users, defenders and policy makers play in the context of cyber security; (ii) the different jobs and functions that the members of cyber defender team play and the knowledge, skills and abilities needed to fulfill these functions. In order to reduce the level of effort, we will reuse existing ontologies when possible6 and only create new ontologies that support the use cases we select.
Best Answer from StackOverflow
Question Source : http://cs.stackexchange.com/questions/43558
0 comments:
Post a Comment
Let us know your responses and feedback