Archivio Istituzionale della RicercaConsidering the continuous growth in the complexity of both information systems and security information, it becomes more and more necessary to provide solutions that facilitate the user in the management and use of these large and complex knowledge-bases. In the last years we have seen the birth of more and more examples that propose ontologies, semantically rich descriptions of entities and relations for the management of security information. The aim of this work is to provide an ontology that (i) supports a formal description of an ICT system, (ii) relates it to its potential vulnerabilities, possible attack vectors, and available mitigations, (iii) allows inferring a tight relationship between IT/OT assets and their vulnerabilities. Given the description of the ICT system, the ontology is automatically populated with security information items obtained by querying external knowledge bases (e.g., CWE, CVE, MITRE ATT&CK) and then providing the user with the necessary information to support operations such as Vulnerability Assessment and Penetration Testing and countermeasure planning.
Ontology for Cybersecurity Governance of ICT Systems / De Rosa, Fabio; Maunero, Nicolò; Nicoletti, Luca; Prinetto, Paolo; Trussoni, Martina. - ELETTRONICO. - 3260:(2022), pp. 52-63. (Intervento presentato al convegno Italian Conference on Cybersecurity (ITASEC22) (2022) tenutosi a Rome (ITA) nel 20-23 June, 2022).
Ontology for Cybersecurity Governance of ICT Systems
Maunero, Nicolò;Prinetto, Paolo;
2022
Abstract
Considering the continuous growth in the complexity of both information systems and security information, it becomes more and more necessary to provide solutions that facilitate the user in the management and use of these large and complex knowledge-bases. In the last years we have seen the birth of more and more examples that propose ontologies, semantically rich descriptions of entities and relations for the management of security information. The aim of this work is to provide an ontology that (i) supports a formal description of an ICT system, (ii) relates it to its potential vulnerabilities, possible attack vectors, and available mitigations, (iii) allows inferring a tight relationship between IT/OT assets and their vulnerabilities. Given the description of the ICT system, the ontology is automatically populated with security information items obtained by querying external knowledge bases (e.g., CWE, CVE, MITRE ATT&CK) and then providing the user with the necessary information to support operations such as Vulnerability Assessment and Penetration Testing and countermeasure planning.
| File | Dimensione | Formato | |
|---|---|---|---|
|
ITASEC-3558.pdf
accesso aperto
Descrizione: Manoscritto accettato, camera ready version.
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Creative commons
Dimensione
792.65 kB
Formato
Adobe PDF
|
792.65 kB | Adobe PDF | Visualizza/Apri |
|
paper4.pdf
accesso aperto
Descrizione: versione pubblicata del paper
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Creative commons
Dimensione
1.12 MB
Formato
Adobe PDF
|
1.12 MB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2971406