Title

Knowledge representation to support partially automated honeypot analysis based on Wireshark packet capture files

Document Type

Conference Proceeding

Publisher

Springer

School

ECU Security Research Institute

RAS ID

28743

Comments

Originally published as: Sikos, L. F. (2020). Knowledge representation to support partially automated honeypot analysis based on wireshark packet capture files. In: I. Czarnowski, R. Howlett, L. Jain (Eds.), Intelligent Decision Technologies 2019: Proceedings of the 11th KES International Conference on Intelligent Decision Technologies (KES-IDT 2019), Volume 1 (pp. 345-351). Singapore: Springer. Original publication available here

Abstract

The automation of packet analysis, even partially, is very much desired, because packet analysis is time-consuming and requires technical knowledge and skills. This paper presents the Packet Analysis Ontology (PAO), a novel OWL ontology that covers the terminology of packet analysis, including concepts and properties, as well as their restrictions, to be used for knowledge representation and automated reasoning in this field. This ontology defines protocols and ports required for capturing the semantics of network activities, many of which are not defined in any other ontology.

DOI

10.1007/978-981-13-8311-3_30

Share

 
COinS