Semantic System for Attacks and Intrusions Detection

The increasing development of information systems complicate task of protecting against threats. They have become vulnerable to malicious attacks that may affect the essential properties such as confidentiality, integrity and availability. Then the security becomes an overriding concern. Securing a system begins with prevention methods that are insufficient to reduce the danger of attacks, that must be accomplished by intrusion and attack detection systems. In this paper, a method for detecting web application attacks is proposed. Unlike methods based on signatures, the proposed solution is a technique based on ontology. It describes the Web attacks, the HTTP request, and the application using semantic rules. The system is able to detect effectively the sophisticated attacks by analysing user requests. The semantic rules allow inference about the ontologies models to detect complex variations of web attacks. The ontologies models was developed using description logics which was based Web Ontology Language (OWL). The proposed system is able to be installed on an HTTP server.

Download Full-text

Pay-As-You-Go Description Logic Reasoning by Coupling Tableau and Saturation Procedures

Journal of Artificial Intelligence Research ◽

10.1613/jair.4897 ◽

2015 ◽

Vol 54 ◽

pp. 535-592 ◽

Cited By ~ 2

Author(s):

Andreas Steigmiller ◽

Birte Glimm

Keyword(s):

Description Logic ◽

Description Logics ◽

The Other ◽

Web Ontology Language ◽

Ontology Language ◽

Specific Description ◽

Wide Range ◽

Detailed Evaluation ◽

Logic Reasoning ◽

The Web

Nowadays, saturation-based reasoners for the OWL EL profile of the Web Ontology Language are able to handle large ontologies such as SNOMED very efficiently. However, it is currently unclear how saturation-based reasoning procedures can be extended to very expressive Description Logics such as SROIQ--the logical underpinning of the current and second iteration of the Web Ontology Language. Tableau-based procedures, on the other hand, are not limited to specific Description Logic languages or OWL profiles, but even highly optimised tableau-based reasoners might not be efficient enough to handle large ontologies such as SNOMED. In this paper, we present an approach for tightly coupling tableau- and saturation-based procedures that we implement in the OWL DL reasoner Konclude. Our detailed evaluation shows that this combination significantly improves the reasoning performance for a wide range of ontologies.

Download Full-text

Designing Family Ontology with the Protégé OWL Plugin

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.532-533.836 ◽

2012 ◽

Vol 532-533 ◽

pp. 836-840

Author(s):

Li Ping Jiang

Keyword(s):

Description Logics ◽

Full Potential ◽

Web Ontology Language ◽

Ontology Language ◽

The Family ◽

Industrial Projects ◽

Domain Models ◽

The Rich ◽

User Friendly ◽

The Web

The growing interest in the Semantic Web and the Web Ontology Language (OWL) will reveal the potential of Description Logics in industrial projects. The rich semantics of OWL provide powerful reasoning capabilities that help build, maintain and query domain models for many purposes. However, before OWL can unfold its full potential, user-friendly tools with a scalable architecture are required. In this paper, we design and edit the family ontology using Protégé OWL Plugin, which is developed by Stanford University.

Download Full-text

WEB DDoS Attack Detection Method Based on Semisupervised Learning

Security and Communication Networks ◽

10.1155/2021/9534016 ◽

2021 ◽

Vol 2021 ◽

pp. 1-10

Author(s):

Xiang Yu ◽

Wenchao Yu ◽

Shudong Li ◽

Xianfei Yang ◽

Ying Chen ◽

...

Keyword(s):

Web Application ◽

False Positive Rate ◽

Semisupervised Learning ◽

Attack Detection ◽

Application Layer ◽

Ddos Attack ◽

Web Attacks ◽

Positive Rate ◽

Ddos Attack Detection ◽

The Web

Since the services on the Internet are becoming increasingly abundant, all walks of life are inextricably linked with the Internet. Simultaneously, the Internet’s WEB attacks have never stopped. Relative to other common WEB attacks, WEB DDoS (distributed denial of service) will cause serious damage to the availability of the target network or system resources in a short period of time. At present, most researches are centered around machine learning-related DDoS attack detection algorithms. According to previous studies, unsupervised methods generally have a high false positive rate, while supervisory methods cannot handle large amount of network traffic data, and the performance is often limited by noise and irrelevant data. Therefore, this paper proposes a semisupervised learning detection model combining spectral clustering and random forest to detect the DDoS attack of the WEB application layer and compares it with other existing detection schemes to verify the semisupervised learning model proposed in this paper. While ensuring a low false positive rate, there is a certain improvement in the detection rate, which is more suitable for the WEB application layer DDoS attack detection.

Download Full-text

Representing SimModel in the Web Ontology Language

Computing in Civil and Building Engineering (2014) ◽

10.1061/9780784413616.282 ◽

2014 ◽

Cited By ~ 2

Author(s):

P. Pauwels ◽

E. Corry ◽

J. O'Donnell

Keyword(s):

Web Ontology Language ◽

Ontology Language ◽

The Web

Download Full-text

Modular Ontology Modeling: A Tutorial

Applications and Practices in Ontology Design, Extraction, and Reasoning - Studies on the Semantic Web ◽

10.3233/ssw200032 ◽

2020 ◽

Author(s):

Cogan Shimizu ◽

Pascal Hitzler ◽

Adila Krisnadhi

Keyword(s):

Design Patterns ◽

Ontology Engineering ◽

Web Ontology Language ◽

Ontology Language ◽

Ontology Modeling ◽

Ontology Design ◽

Modular Ontology ◽

The Web

We provide an in-depth example of modular ontology engineering with ontology design patterns. The style and content of this chapter is adapted from previous work and tutorials on Modular Ontology Modeling. It offers expanded steps and updated tool information. The tutorial is largely self-contained, but assumes that the reader is familiar with the Web Ontology Language OWL; however, we do briefly review some foundational concepts. By the end of the tutorial, we expect the reader to have an understanding of the underlying motivation and methodology for producing a modular ontology.

Download Full-text

A Good Role Model for Ontologies

Enterprise Information Systems and Advancing Business Solutions ◽

10.4018/978-1-4666-1761-2.ch013 ◽

2012 ◽

pp. 225-235 ◽

Cited By ~ 1

Author(s):

Michael Pradel ◽

Jakob Henriksson ◽

Uwe Aßmann

Keyword(s):

Role Models ◽

Role Model ◽

Building Blocks ◽

Role Modeling ◽

Web Ontology Language ◽

Existing Building ◽

Ontology Language ◽

Ontology Languages ◽

The Web

Although ontologies are gaining more and more acceptance, they are often not engineered in a component-based manner due to, among various reasons, a lack of appropriate constructs in current ontology languages. This hampers reuse and makes creating new ontologies from existing building blocks difficult. We propose to apply the notion of roles and role modeling to ontologies and present an extension of the Web Ontology Language OWL for this purpose. Ontological role models allow for clearly separating different concerns of a domain and constitute an intuitive reuse unit.

Download Full-text

Overview and Utilization of the NCI Thesaurus

Comparative and Functional Genomics ◽

10.1002/cfg.445 ◽

2004 ◽

Vol 5 (8) ◽

pp. 648-654 ◽

Cited By ~ 55

Author(s):

Gilberto Fragoso ◽

Sherri de Coronado ◽

Margaret Haber ◽

Frank Hartel ◽

Larry Wright

Keyword(s):

National Cancer Institute ◽

Description Logic ◽

Biological Processes ◽

Gene Products ◽

Collaborative Effort ◽

Web Ontology Language ◽

Ontology Language ◽

File Formats ◽

History Of ◽

The Web

The NCI Thesaurus is a reference terminology covering areas of basic and clinical science, built with the goal of facilitating translational research in cancer. It contains nearly 110 000 terms in approximately 36000 concepts, partitioned in 20 subdomains, which include diseases, drugs, anatomy, genes, gene products, techniques, and biological processes, among others, all with a cancer-centric focus in content, and originally designed to support coding activities across the National Cancer Institute. Each concept represents a unit of meaning and contains a number of annotations, such as synonyms and preferred name, as well as annotations such as textual definitions and optional references to external authorities. In addition, concepts are modelled with description logic (DL) and defined by their relationships to other concepts; there are currently approximately 90 types of named relations declared in the terminology. The NCI Thesaurus is produced by the Enterprise Vocabulary Services project, a collaborative effort between the NCI Center for Bioinformatics and the NCI Office of Communications, and is part of the caCORE infrastructure stack (http://ncicb.nci.nih.gov/NCICB/core). It can be accessed programmatically through the open caBIO API and browsed via the web (http://nciterms.nci.nih.gov). A history of editing changes is also accessible through the API. In addition, the Thesaurus is available for download in various file formats, including OWL, the web ontology language, to facilitate its utilization by others.

Download Full-text

An Invariant-Based Approach for Detecting Attacks Against Data in Web Applications

International Journal of Secure Software Engineering ◽

10.4018/ijsse.2014010102 ◽

2014 ◽

Vol 5 (1) ◽

pp. 19-38

Author(s):

Romaric Ludinard ◽

Éric Totel ◽

Frédéric Tronel ◽

Vincent Nicomette ◽

Mohamed Kaâniche ◽

...

Keyword(s):

Intrusion Detection ◽

Intrusion Detection System ◽

Web Application ◽

Web Applications ◽

Detection System ◽

Source Code ◽

Web Attacks ◽

Application Profile ◽

The Web ◽

Ruby On Rails

RRABIDS (Ruby on Rails Anomaly Based Intrusion Detection System) is an application level intrusion detection system (IDS) for applications implemented with the Ruby on Rails framework. The goal of this intrusion detection system is to detect attacks against data in the context of web applications. This anomaly based IDS focuses on the modelling of the normal application profile using invariants. These invariants are discovered during a learning phase. Then, they are used to instrument the web application at source code level, so that a deviation from the normal profile can be detected at run-time. This paper illustrates on simple examples how the approach detects well-known categories of web attacks that involve a state violation of the application, such as SQL injections. Finally, an assessment phase is performed to evaluate the accuracy of the detection provided by the proposed approach.

Download Full-text

OntoCSA

International Journal of Agricultural and Environmental Information Systems ◽

10.4018/ijaeis.292476 ◽

2021 ◽

Vol 12 (4) ◽

pp. 1-20

Author(s):

Jean Vincent Fonou-Dombeu ◽

Nadia Naidoo ◽

Micara Ramnanan ◽

Rachan Gowda ◽

Sahil Ramkaran Lawton

Keyword(s):

Best Practices ◽

Description Logics ◽

Web Ontology Language ◽

Web Based ◽

Secondary Sources ◽

The Past ◽

Ontology Language ◽

Smart Agriculture ◽

Machine Readable ◽

Published Research

The modelling of agriculture with ontologies has been of interest to many authors in the past years. However, no research, currently, has focused on building a knowledge base ontology for the Climate Smart Agriculture (CSA) domain. This study attempts to fill this gap through the development of a Climate Smart Agriculture Ontology (OntoCSA). Information was gathered from secondary sources including websites, published research articles and reports as well as related ontologies, to formalize the OntoCSA ontology in Description Logics (DLs). The OntoCSA ontology was developed in Web Ontology Language (OWL) with Protégé. Furthermore, the OntoCSA ontology was successfully validated with the HermiT reasoner within Protégé. The resulting OntoCSA ontology is a machine-readable model of CSA that can be leveraged in web-based applications for the storage, open and automated access and sharing of CSA information/data, for research and dissemination of best practices

Download Full-text

An adaptive anomaly request detection framework based on dynamic web application profiles

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v10i5.pp5335-5346 ◽

2020 ◽

Vol 10 (5) ◽

pp. 5335

Author(s):

Cho Do Xuan ◽

Nam Nguyen ◽

Hoa Nguyen Dinh

Keyword(s):

Web Application ◽

Detection System ◽

Application Layer ◽

Detection Systems ◽

Web Attacks ◽

Analysis Technique ◽

Dynamic Web ◽

Attack Data ◽

Access Data ◽

Anomaly Detection System

Web application firewall is a highly effective application in protecting the application layer and database layer of websites from attack access. This paper proposes a new web application firewall deploying method based on Dynamic Web application profiling (DWAP) analysis technique. This is a method to deploy a firewall based on analyzing website access data. DWAP is improved to integrate deeply into the structure of the website to increase the compatibility of the anomaly detection system into each website, thereby improving the ability to detect abnormal requests. To improve the compatibility of the web application firewall with protected objects, the proposed system consists of two parts with the main tasks are: i) Detect abnormal access in web application (WA) access; ii) Semi-automatic update the attack data to the abnormal access detection system during WA access. This new method is applicable in real-time detection systems where updating of new attack data is essential since web attacks are increasingly complex and sophisticated.

Download Full-text