Towards an ontology of state actors in cyberspace
This work addresses the need for better cyber threat analysis tools for cybersecurity professionals, but it is incremental as it builds on existing ontological tools and proposes extensions rather than introducing a new paradigm.
The paper tackles the problem of improving cyber threat analysis by proposing a plan to build a formal ontological representation of state actors and cyber operations, aiming to enable coherent data integration, automated reasoning, and intelligence extraction from diverse sources.
To improve cyber threat analysis practices in cybersecurity, I present a plan to build a formal ontological representation of state actors in cyberspace and of cyber operations. I argue that modelling these phenomena via ontologies allows for coherent integration of data coming from diverse sources, automated reasoning over such data, as well as intelligence extraction and reuse from and of them. Existing ontological tools in cybersecurity can be ameliorated by connecting them to neighboring domains such as law, regulations, governmental institutions, and documents. In this paper, I propose metrics to evaluate currently existing ontological tools to create formal representations in the cybersecurity domain, and I provide a plan to develop and extend them when they are lacking.