A computational ontology for cyber operations

Clara Maathuis; Wolter Pieters; Jan Van Den Berg

A computational ontology for cyber operations

Clara Maathuis, Wolter Pieters, Jan Van Den Berg

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

9 Citations (Scopus)

Abstract

Due to the advancement of technology and continuing emergence of international conflict situations, wars are now also conducted into the official new battlefield: Cyberspace. Although several incidents have been characterized in terms of cyber operations, there is an important gap in the existing body of knowledge concerning the definition of this concept, and a formal mechanism of representing such operations is lacking. This can produce dissonance and disturbance in the decision making processes and communication in cyber operations, for instance, when planning or assessing their effects. In order to understand what cyber operations represent and to make communication more effective, this article proposes a multidisciplinary definition and a knowledge base for cyber operations implemented as a computational ontology. This article follows a design science approach and grounds its sources in extensive literature review, reports, military doctrine, case studies, evaluation interviews and direct participation and observation in joint military operations exercises and experience in writing cyber operations scenarios. The computational ontology has been designed to reflect the understanding of and the necessary communication in cyber operations based on the abovementioned sources. Its upper classes are: Context, Actor, Type, MilitaryObjective, Phase, Target, Cyber Weapon, Asset, Geolocation, Action and Effect. The ontology has been developed in Protégé by using the Ontology Engineering Methodology, and contains 140 classes, 37 individuals and 94 properties. This ontology makes possible the classification of the essential entities of a cyber operation: Military objective, target, cyber weapon/capability and effect. The proposed ontology has been exemplified and evaluated on two case studies conducted on Operation Olympic Games/Stuxnet and Georgia and with the help of two military experts with international experience. The validation results show that the proposed ontology is effective in representing cyber operations accurately, clearly and concisely. To increase its applicability, future research will focus on assessing the effects of Cyber Operations.

Original language	English
Title of host publication	Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018
Editors	Audun Josang
Publisher	IARIA / Curran Associates
Pages	278-287
Number of pages	10
Volume	2018-June
ISBN (Electronic)	9781911218852
Publication status	Published - 2018
Event	17th European Conference on Cyber Warfare and Security, ECCWS 2018 - Oslo, Norway Duration: 28 Jun 2018 → 29 Jun 2018

Conference

Conference	17th European Conference on Cyber Warfare and Security, ECCWS 2018
Country/Territory	Norway
City	Oslo
Period	28/06/18 → 29/06/18

Keywords

Artificial intelligence
Cyber operations
Cyber security
Cyber warfare
Cyber weapons
Ontology

Cite this

@inproceedings{af924e2fe5ba4b2e93ac1b1ccf662f7e,

title = "A computational ontology for cyber operations",

abstract = "Due to the advancement of technology and continuing emergence of international conflict situations, wars are now also conducted into the official new battlefield: Cyberspace. Although several incidents have been characterized in terms of cyber operations, there is an important gap in the existing body of knowledge concerning the definition of this concept, and a formal mechanism of representing such operations is lacking. This can produce dissonance and disturbance in the decision making processes and communication in cyber operations, for instance, when planning or assessing their effects. In order to understand what cyber operations represent and to make communication more effective, this article proposes a multidisciplinary definition and a knowledge base for cyber operations implemented as a computational ontology. This article follows a design science approach and grounds its sources in extensive literature review, reports, military doctrine, case studies, evaluation interviews and direct participation and observation in joint military operations exercises and experience in writing cyber operations scenarios. The computational ontology has been designed to reflect the understanding of and the necessary communication in cyber operations based on the abovementioned sources. Its upper classes are: Context, Actor, Type, MilitaryObjective, Phase, Target, Cyber Weapon, Asset, Geolocation, Action and Effect. The ontology has been developed in Prot{\'e}g{\'e} by using the Ontology Engineering Methodology, and contains 140 classes, 37 individuals and 94 properties. This ontology makes possible the classification of the essential entities of a cyber operation: Military objective, target, cyber weapon/capability and effect. The proposed ontology has been exemplified and evaluated on two case studies conducted on Operation Olympic Games/Stuxnet and Georgia and with the help of two military experts with international experience. The validation results show that the proposed ontology is effective in representing cyber operations accurately, clearly and concisely. To increase its applicability, future research will focus on assessing the effects of Cyber Operations.",

keywords = "Artificial intelligence, Cyber operations, Cyber security, Cyber warfare, Cyber weapons, Ontology",

author = "Clara Maathuis and Wolter Pieters and {Van Den Berg}, Jan",

year = "2018",

language = "English",

volume = "2018-June",

pages = "278--287",

editor = "Audun Josang",

booktitle = "Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018",

publisher = "IARIA / Curran Associates",

note = "17th European Conference on Cyber Warfare and Security, ECCWS 2018 ; Conference date: 28-06-2018 Through 29-06-2018",

}

A computational ontology for cyber operations. / Maathuis, Clara; Pieters, Wolter; Van Den Berg, Jan.
Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018. ed. / Audun Josang. Vol. 2018-June IARIA / Curran Associates, 2018. p. 278-287.

Research output: Chapter in Book/Conference proceedings/Edited volume › Conference contribution › Scientific › peer-review

TY - GEN

T1 - A computational ontology for cyber operations

AU - Maathuis, Clara

AU - Pieters, Wolter

AU - Van Den Berg, Jan

PY - 2018

Y1 - 2018

N2 - Due to the advancement of technology and continuing emergence of international conflict situations, wars are now also conducted into the official new battlefield: Cyberspace. Although several incidents have been characterized in terms of cyber operations, there is an important gap in the existing body of knowledge concerning the definition of this concept, and a formal mechanism of representing such operations is lacking. This can produce dissonance and disturbance in the decision making processes and communication in cyber operations, for instance, when planning or assessing their effects. In order to understand what cyber operations represent and to make communication more effective, this article proposes a multidisciplinary definition and a knowledge base for cyber operations implemented as a computational ontology. This article follows a design science approach and grounds its sources in extensive literature review, reports, military doctrine, case studies, evaluation interviews and direct participation and observation in joint military operations exercises and experience in writing cyber operations scenarios. The computational ontology has been designed to reflect the understanding of and the necessary communication in cyber operations based on the abovementioned sources. Its upper classes are: Context, Actor, Type, MilitaryObjective, Phase, Target, Cyber Weapon, Asset, Geolocation, Action and Effect. The ontology has been developed in Protégé by using the Ontology Engineering Methodology, and contains 140 classes, 37 individuals and 94 properties. This ontology makes possible the classification of the essential entities of a cyber operation: Military objective, target, cyber weapon/capability and effect. The proposed ontology has been exemplified and evaluated on two case studies conducted on Operation Olympic Games/Stuxnet and Georgia and with the help of two military experts with international experience. The validation results show that the proposed ontology is effective in representing cyber operations accurately, clearly and concisely. To increase its applicability, future research will focus on assessing the effects of Cyber Operations.

AB - Due to the advancement of technology and continuing emergence of international conflict situations, wars are now also conducted into the official new battlefield: Cyberspace. Although several incidents have been characterized in terms of cyber operations, there is an important gap in the existing body of knowledge concerning the definition of this concept, and a formal mechanism of representing such operations is lacking. This can produce dissonance and disturbance in the decision making processes and communication in cyber operations, for instance, when planning or assessing their effects. In order to understand what cyber operations represent and to make communication more effective, this article proposes a multidisciplinary definition and a knowledge base for cyber operations implemented as a computational ontology. This article follows a design science approach and grounds its sources in extensive literature review, reports, military doctrine, case studies, evaluation interviews and direct participation and observation in joint military operations exercises and experience in writing cyber operations scenarios. The computational ontology has been designed to reflect the understanding of and the necessary communication in cyber operations based on the abovementioned sources. Its upper classes are: Context, Actor, Type, MilitaryObjective, Phase, Target, Cyber Weapon, Asset, Geolocation, Action and Effect. The ontology has been developed in Protégé by using the Ontology Engineering Methodology, and contains 140 classes, 37 individuals and 94 properties. This ontology makes possible the classification of the essential entities of a cyber operation: Military objective, target, cyber weapon/capability and effect. The proposed ontology has been exemplified and evaluated on two case studies conducted on Operation Olympic Games/Stuxnet and Georgia and with the help of two military experts with international experience. The validation results show that the proposed ontology is effective in representing cyber operations accurately, clearly and concisely. To increase its applicability, future research will focus on assessing the effects of Cyber Operations.

KW - Artificial intelligence

KW - Cyber operations

KW - Cyber security

KW - Cyber warfare

KW - Cyber weapons

KW - Ontology

UR - http://www.scopus.com/inward/record.url?scp=85050811217&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:85050811217

VL - 2018-June

SP - 278

EP - 287

BT - Proceedings of the 17th European Conference on Cyber Warfare and Security, ECCWS 2018

A2 - Josang, Audun

PB - IARIA / Curran Associates

T2 - 17th European Conference on Cyber Warfare and Security, ECCWS 2018

Y2 - 28 June 2018 through 29 June 2018

ER -

A computational ontology for cyber operations

Abstract

Conference

Keywords

Other files and links

Fingerprint

Cybersecurity (TPM)

Cite this

A computational ontology for cyber operations

Abstract

Conference

Keywords

Other files and links

Fingerprint

Projects

Cybersecurity (TPM)

Cite this