Skip to main content
SpringerLink
Log in

Knowledge Representation of Network Semantics for Reasoning-Powered Cyber-Situational Awareness

  • Chapter
  • First Online:
AI in Cybersecurity

Part of the book series: Intelligent Systems Reference Library ((ISRL,volume 151))

Abstract

For network analysts, understanding how network devices are interconnected and how information flows around the network is crucial to the cyber-situational awareness required for applications such as proactive network security monitoring. Many heterogeneous data sources are useful for these applications, including router configuration files, routing messages, and open datasets. However, these datasets have interoperability issues, which can be overcome by using formal knowledge representation techniques for network semantics. Formal knowledge representation also enables automated reasoning over statements about network concepts, properties, entities, and relationships, thereby enabling knowledge discovery. This chapter describes formal knowledge representation formalisms to capture the semantics of communication network concepts, their properties, and the relationships between them, in addition to metadata such as data provenance. It also describes how the expressivity of these knowledge representation mechanisms can be increased to represent uncertainty and vagueness.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 149.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 199.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 199.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.w3.org/RDF/

  2. 2.

    http://purl.org/ontology/network/

  3. 3.

    Routing is the process of selecting network paths to carry network traffic.

  4. 4.

    https://www.w3.org/TR/xml11/

  5. 5.

    https://opendatacommons.org/licenses/pddl/

  6. 6.

    https://opendatacommons.org/licenses/by/

  7. 7.

    https://opendatacommons.org/licenses/odbl/

  8. 8.

    https://creativecommons.org/publicdomain/zero/1.0/

  9. 9.

    https://creativecommons.org/licenses/by-sa/4.0/

  10. 10.

    https://www.gnu.org/copyleft/fdl.html

  11. 11.

    https://www.w3.org/TR/turtle/

  12. 12.

    The decidability of a formalism ensures that an inference algorithm will not run into an infinite loop.

  13. 13.

    https://www.w3.org/OWL/

  14. 14.

    There is usually one-to-one mapping between interfaces and IP addresses.

  15. 15.

    Within a subnet, each IP address is assumed to be unique.

  16. 16.

    https://www.apnic.net

  17. 17.

    In a link state routing protocol, each router constructs a map of the connectivity of the network in which it resides.

  18. 18.

    In computer networking, a routing domain is a collection of networked systems that operate common routing protocols and are under the control of a single administrative entity. A given AS may contain multiple routing domains. A routing domain can exist without being an Internet-participating AS.

  19. 19.

    Semantic Web Rule Language.

  20. 20.

    https://www.w3.org/Submission/rdfsource/

  21. 21.

    https://www.w3.org/TR/n-quads/

  22. 22.

    https://www.w3.org/TR/void/

  23. 23.

    https://www.w3.org/TR/2004/REC-rdf-mt-20040210/#RDFSRules

  24. 24.

    https://www.w3.org/TR/2004/REC-rdf-mt-20040210/#D_entailment

  25. 25.

    https://www.w3.org/TR/owl2-profiles/#Reasoning_in_OWL_2_RL_and_RDF_Graphs_using_Rules

References

  1. Vishik C, Balduccini M (2015) Making sense of future cybersecurity technologies: using ontologies for multidisciplinary domain analysis. In: Reimer H, Pohlmann N, Schneider W (eds) ISSE 2015. Springer, Wiesbaden, pp 135–145. https://doi.org/10.1007/978-3-658-10934-9_12

    Chapter  Google Scholar 

  2. Sikos LF (2014) Web standards: mastering HTML5, CSS3, and XML, 2nd edn. Apress, New York. https://doi.org/10.1007/978-1-4842-0883-0

    Book  Google Scholar 

  3. Sikos LF (2017) Utilizing multimedia ontologies in video scene interpretation via information fusion and automated reasoning. In: Ganzha M, Maciaszek L, Paprzycki M (eds) Proceedings of the 2017 Federated Conference on Computer Science and Information Systems. IEEE, New York, pp 91–98. https://doi.org/10.15439/2017F66

  4. Miksa K, Sabina P, Kasztelnik M (2010) Combining ontologies with domain specific languages: a case study from network configuration software. In: Amann U, Bartho A, Wende C (eds) Reasoning Web: semantic technologies for software engineering. Springer, Heidelberg, pp 99–118. https://doi.org/10.1007/978-3-642-15543-7_4

    Chapter  Google Scholar 

  5. Abar S, Iwaya Y, Abe T, Kinoshita T (2006) Exploiting domain ontologies and intelligent agents: an automated network management support paradigm. In: Chong I, Kawahara K (eds) Information networking: advances in data communications and wireless networks. Springer, Heidelberg, pp 823–832. https://doi.org/10.1007/11919568_82

    Chapter  Google Scholar 

  6. Martínez A, Yannuzzi M, López J, Serral-Gracià R, Ramarez W (2015) Applying information extraction for abstracting and automating CLI-based configuration of network devices in heterogeneous environments. In: Laalaoui Y, Bouguila N (eds) Artificial intelligence applications in information and communication technologies. Springer, Cham, pp 167–193. https://doi.org/10.1007/978-3-319-19833-0_8

    Google Scholar 

  7. Quirolgico S, Assis P, Westerinen A, Baskey M, Stokes E (2004) Toward a formal common information model ontology. In: Bussler C, Hong S-k, Jun W, Kaschek R, Kinshuk, Krishnaswamy S, Loke SW, Oberle D, Richards D, Sharma A, Sure Y, Thalheim B (eds) Web information systems–WISE 2004 workshops. Springer, Heidelberg, pp 11–21. https://doi.org/10.1007/978-3-540-30481-4_2

    Chapter  Google Scholar 

  8. Martínez A, Yannuzzi M, Serral-Gracià R, Ramírez W (2014) Ontology-based information extraction from the configuration command line of network routers. In: Prasath R, O’Reilly P, Kathirvalavakumar T (eds) Mining intelligence and knowledge exploration. Springer, Cham, pp 312–322. https://doi.org/10.1007/978-3-319-13817-6_30

    Google Scholar 

  9. Laskey K, Chandekar S, Paris B-P (2015) A probabilistic ontology for large-scale IP geolocation. In: Laskey KB, Emmons I, Costa PCG, Oltramari A (eds) Proceedings of the Tenth Conference on Semantic Technology for Intelligence, Defense, and Security. RWTH Aachen University, Aachen, pp 18–25. http://ceur-ws.org/Vol-1523/STIDS_2015_T03_Laskey_etal.pdf

  10. ETSI Industry Specification Group (2012) Measurement ontology for IP traffic (MOI); requirements for IP traffic measurement ontologies development. ETSI GS MOI 002 V1.1.1. http://www.etsi.org/deliver/etsi_gs/MOI/001_099/002/01.01.01_60/gs_MOI002v010101p.pdf

  11. Kodeswaran P, Kodeswaran SB, Joshi A, Perich F (2008) Utilizing semantic policies for managing BGP route dissemination. In: IEEE INFOCOM workshops 2008. IEEE, New York, pp 184–187. https://doi.org/10.1109/INFOCOM.2008.4544611

  12. Voigt S, Howard C, Philp D, Penny C (2018) Representing and reasoning about logical network topologies. In: Croitoru M, Marquis P, Rudolph S, Stapleton G (eds) Graph structures for knowledge representation and reasoning. Springer, Cham, pp 73–83. https://doi.org/10.1007/978-3-319-78102-0_4

    Google Scholar 

  13. Sikos LF, Stumptner M, Mayer W, Howard C, Voigt S, Philp D (2018) Representing network knowledge using provenance-aware formalisms for cyber-situational awareness. Procedia Comput Sci 126C:29–38

    Article  Google Scholar 

  14. Sikos LF (2016) RDF-powered semantic video annotation tools with concept mapping to Linked Data for next-generation video indexing: a comprehensive review. Multim Tools Appl 76(12):14437–14460. https://doi.org/10.1007/s11042-016-3705-7

    Article  Google Scholar 

  15. Bizer C, Heath T, Berners-Lee T (2009) Linked data—the story so far. Int J Semant Web Inform Syst 5(3):1–22. https://doi.org/10.4018/jswis.2009081901

    Article  Google Scholar 

  16. Carroll JJ, Bizer C, Hayes P, Stickler P (2005) Named graphs, provenance, and trust. In: Proceedings of the 14th International Conference on World Wide Web. ACM, New York, pp 613–622. https://doi.org/10.1145/1060745.1060835

  17. Sikos LF (2017) Description logics in multimedia reasoning. Springer, Cham. https://doi.org/10.1007/978-3-319-54066-5

    Article  MathSciNet  MATH  Google Scholar 

  18. Alani MM (2017) Guide to Cisco routers configuration: becoming a router geek. Springer, Cham. https://doi.org/10.1007/978-3-319-54630-8

    Article  Google Scholar 

  19. Systems C (2009) Cisco uBR7200 series universal broadband router software configuration guide. Cisco Press, Indianapolis

    Google Scholar 

  20. Rekhter Y, Li T, Hares S (eds) (2006) A border gateway protocol 4 (BGP-4). https://tools.ietf.org/html/rfc4271

  21. Moy J (ed) (1998) OSPF version 2. https://tools.ietf.org/html/rfc2328

  22. Callon R (ed) (1990) Use of OSI IS-IS for routing in TCP/IP and dual environments. https://tools.ietf.org/html/rfc1195

  23. Hedrick C (ed) (1988) Routing information protocol. https://tools.ietf.org/html/rfc1058

  24. Nakibly G, Gonikman D, Kirshon A, Boneh D (eds) (2012) Persistent OSPF attacks. In: 19th Annual Network and Distributed System Security Conference, San Diego, CA, USA, 5–8 Feb 2012

    Google Scholar 

  25. Dijkstra EW (1959) A note on two problems in connexion with graphs. Numer Math 1(1):269–271. https://doi.org/10.1007/BF01386390

    Article  MathSciNet  MATH  Google Scholar 

  26. Braden R (ed) (1989) Requirements for internet hosts–application and support. https://tools.ietf.org/html/rfc1123

  27. Sikos LF, Stumptner M, Mayer W, Howard C, Voigt S, Philp D (2018) Summarizing network information for cyber-situational awareness via cyber-knowledge integration. In: AOC 2018 Convention, Adelaide, Australia, 28–30 May 2018

    Google Scholar 

  28. Clemente FJG, Calero JMA, Bernabe JB, Perez JMM, Perez GM, Skarmeta AFG (2011) Semantic Web-based management of routing configurations. J Netw Syst Manag 19(2):209–229. https://doi.org/10.1007/s10922-010-9169-6

    Article  Google Scholar 

  29. Udrea O, Recupero DR, Subrahmanian VS (2010) Annotated RDF. ACM Trans Comput Logic 11, Article 10. https://doi.org/10.1145/1656242.1656245

    Article  MathSciNet  Google Scholar 

  30. Sahoo SS, Bodenreider O, Hitzler P, Sheth A, Thirunarayan K (2010) Provenance context entity (PaCE): scalable provenance tracking for scientific RDF data. In: Gertz M, Ludascher B (eds) Scientific and statistical database management. Springer, Heidelberg, pp 461–470. https://doi.org/10.1007/978-3-642-13818-8_32

    Google Scholar 

  31. Nguyen V, Bodenreider O, Sheth A (2014) Don’t like RDF reification? Making statements about statements using singleton property. In: Chung C-W (ed) Proceedings of the 23rd International Conference on World Wide Web. ACM, New York, pp 759–770. https://doi.org/10.1145/2566486.2567973

  32. Hartig O, Thompson B (2014) Foundations of an alternative approach to reification in RDF. arXiv:1406.3399

  33. Zimmermann A, Gimenez-Garcea JM (2017) Integrating context of statements within description logics. arXiv:1709.04970

  34. Watkins ER, Nicole DA (2006) Named graphs as a mechanism for reasoning about provenance. In: Zhou X, Li J, Shen HT, Kitsuregawa M, Zhang Y (eds) Frontiers of WWW research and development. Springer, Heidelberg, pp 943–948. https://doi.org/10.1007/11610113_99

    Chapter  Google Scholar 

  35. Flouris G, Fundulaki I, Pediaditis P, Theoharis Y, Christophides V (2009) Coloring RDF triples to capture provenance. In: Bernstein A, Karger DR, Heath T, Feigenbaum L, Maynard D, Motta E, Thirunarayan K (eds) The Semantic Web–ISWC 2009. Springer, Heidelberg, pp 196–212. https://doi.org/10.1007/978-3-642-04930-9_13

    Google Scholar 

  36. Pediaditis P, Flouris G, Fundulaki I, Christophides V (2009) On explicit provenance management in RDF/S graphs. In: Proceedings of the First Workshop on the Theory and Practice of Provenance, Article 4. USENIX Association, Berkeley

    Google Scholar 

  37. Groth P, Gibson A, Velterop J (2010) The anatomy of a nanopublication. Inform Serv Use 30(1–2):51–56. https://doi.org/10.3233/ISU-2010-0613

    Article  Google Scholar 

  38. Straccia U, Lopes N, Lukácsy G, Polleres A (2010) A general framework for representing and reasoning with annotated semantic web data. In: Proceedings of the 24th AAAI Conference on Artificial Intelligence. AAAI Press, Menlo Park, CA, USA, pp 1437–1442. https://www.aaai.org/ocs/index.php/AAAI/AAAI10/paper/view/1590/2228

  39. Schüler B, Sizov S, Staab S, Tran DT (2008) Querying for meta knowledge. In: Proceedings of the 17th International Conference on World Wide Web. ACM, New York, pp 625–634. https://doi.org/10.1145/1367497.1367582

  40. Sikos LF (2015) Mastering structured data on the Semantic Web: from HTML5 Microdata to Linked Open Data. Apress, New York. https://doi.org/10.1007/978-1-4842-1049-9

    Book  Google Scholar 

  41. Alexander K, Cyganiak R, Hausenblas M, Zhao J (2009) Describing linked datasets. In: Bizer C, Heath T, Berners-Lee T, Idehen K (eds) Proceedings of the WWW2009 Workshop on Linked Data on the Web. RWTH Aachen University, Aachen. http://ceur-ws.org/Vol-538/ldow2009_paper20.pdf

  42. Akar Z, Halaç TG, Ekinci EE, Dikenelli O (2012) Querying the Web of interlinked datasets using VoID descriptions. In: Bizer C, Heath T, Berners-Lee T, Hausenblas M (eds) Proceedings of the WWW2012 Workshop on Linked Data on the Web. RWTH Aachen University, Aachen. http://ceur-ws.org/Vol-937/ldow2012-paper-06.pdf

  43. Klinov P, Parsia B (2013) Understanding a probabilistic description logic via connections to first-order logic of probability. In: Bobillo F, Costa PCG, d’Amato C, Fanizzi N, Laskey KB, Laskey KJ, Lukasiewicz T, Nickles M, Pool M (eds) Uncertainty reasoning for the Semantic Web II. Springer, Heidelberg, pp 41–58. https://doi.org/10.1007/978-3-642-35975-0_3

    Chapter  Google Scholar 

  44. Bal-Bourai S, Mokhtari A (2016) \(\pi \)-\(\cal{SROIQ}\)\(^{(\cal{D})}\): possibilistic description logic for uncertain geographic information. In: Fujita H, Ali M, Selamat A, Sasaki J, Kurematsu M (eds) Trends in applied knowledge-based systems and data science. Springer, Cham, pp 818–829. https://doi.org/10.1007/978-3-319-42007-3_69

    Google Scholar 

  45. Sikos LF (2018) Handling uncertainty and vagueness in network knowledge representation for cyberthreat intelligence. In: Proceedings of the 2018 IEEE International Conference on Fuzzy Systems. Curran Associates, Red Hook, NY, USA

    Google Scholar 

  46. Bobillo F, Straccia U (2011) Reasoning with the finitely many-valued Łukasiewicz fuzzy description logic \(\cal{SROIQ}\). Inform Sci 181(4):758–778. https://doi.org/10.1016/j.ins.2010.020

    Article  MathSciNet  MATH  Google Scholar 

  47. Sikos LF, Stumptner M, Mayer W, Howard C, Voigt S, Philp D (2018) Automated reasoning over provenance-aware communication network knowledge in support of cyber-situational awareness. In: Liu W, Giunchiglia F, Yang B (eds) Knowledge science, engineering, and management. Springer, Cham, pp 132–143. https://doi.org/10.1007/978-3-319-99247-1_12

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of South Australia, Adelaide, Australia

    Leslie F. Sikos, Markus Stumptner & Wolfgang Mayer

  2. Defence Science and Technology Group, Department of Defence, Australian Government, Adelaide, Australia

    Dean Philp, Catherine Howard & Shaun Voigt

Authors
  1. Leslie F. Sikos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dean Philp
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Catherine Howard
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shaun Voigt
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Markus Stumptner
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Wolfgang Mayer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Leslie F. Sikos or Shaun Voigt .

Editor information

Editors and Affiliations

  1. School of Information Technology and Mathematical Sciences, University of South Australia, Adelaide, SA, Australia

    Leslie F. Sikos

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Sikos, L.F., Philp, D., Howard, C., Voigt, S., Stumptner, M., Mayer, W. (2019). Knowledge Representation of Network Semantics for Reasoning-Powered Cyber-Situational Awareness. In: Sikos, L. (eds) AI in Cybersecurity. Intelligent Systems Reference Library, vol 151. Springer, Cham. https://doi.org/10.1007/978-3-319-98842-9_2

Download citation

Publish with us

Policies and ethics

Search

Navigation