Knowledge representation to support partially automated honeypot analysis based on Wireshark packet capture files
Document Type
Conference Proceeding
Publisher
Springer
School
ECU Security Research Institute
RAS ID
28743
Abstract
The automation of packet analysis, even partially, is very much desired, because packet analysis is time-consuming and requires technical knowledge and skills. This paper presents the Packet Analysis Ontology (PAO), a novel OWL ontology that covers the terminology of packet analysis, including concepts and properties, as well as their restrictions, to be used for knowledge representation and automated reasoning in this field. This ontology defines protocols and ports required for capturing the semantics of network activities, many of which are not defined in any other ontology.
DOI
10.1007/978-981-13-8311-3_30
Access Rights
subscription content
Comments
Sikos, L. F. (2020). Knowledge representation to support partially automated honeypot analysis based on wireshark packet capture files. In: I. Czarnowski, R. Howlett, L. Jain (Eds.), Intelligent Decision Technologies 2019: Proceedings of the 11th KES International Conference on Intelligent Decision Technologies (KES-IDT 2019), Volume 1 (pp. 345-351). Singapore: Springer. https://doi.org/10.1007/978-981-13-8311-3_30