Author(s): Leslie F. Sikos, Markus Stumptner, Wolfgang Mayer, Catherine Howard, Shaun Voigt, Dean Philp
Abstract: Cyber situational awareness is required for a wide range of applications, such as network monitoring, management, vulnerability assessment and defense. Due to the amount of network data available, formal knowledge representation, fusion and reasoning techniques are required to support network analysts’ cyber situational awareness. To this end, Semantic Web technologies have been used to formally represent network data and knowledge. While Semantic Web standards support the level of task automation required, capturing the provenance of RDF statements using Semantic Web standards, while taking scalability into account, is non-trivial. This paper proposes a formally grounded model for representing the semantics of complex communication network concepts, along with data provenance, using terms of the Cyber Situational Awareness Ontology. This novel ontology enables the formal, unified representation of complex network concepts independent of the type of data source so that network analysts can represent expert knowledge and query network data fused from disparate sources.
Keywords: RDF Provenance; Cyber Situational Awareness Ontology; Network Knowledge Discovery; Network Ontology