Proposition d'une méthode de développement d'ontologie pour un système expert en sécurité

From some time now, the idea of ontology based knowledge representation has emerged as a potential solution to resolve problems in computer security, particularly concerning anomaly and intrusion detection systems. Such a proposal was made in the work of Sadighian (2015). Our work had for initial goal to extend this proposal for it to be applied concretely in the industry of computer security. While accomplishing this work, we noticed that the ontologies proposed by Sadighian (2015)were hard to apply in the context of an expert system implementation. For that reason, we decided to develop new ontologies for that specific use. However, we had to conclude that there is no existing method to do so. We then tried to find a sequence of steps for a method that could give the possibility of implementing an expert system and we obtained ATOM (“Abstractions Translation Ontology Method”), a six steps method to answer that need: 1. Natural language definition of requests; 2. Requests translation in SPARQL 3. Raw data specification; 4. Intermediary steps creation 5. Translation rules elicitation; 6. Ontology improvements The use of this method produces three artefacts that give the possibility to implement an expert system: 1. An ontology; 2. A translation diagram; 3. A specifications document.

Résumé

ABSTRACT: From some time now, the idea of ontology based knowledge representation has emerged as a potential solution to resolve problems in computer security, particularly concerning anomaly and intrusion detection systems. Such a proposal was made in the work of Sadighian (2015). Our work had for initial goal to extend this proposal for it to be applied concretely in the industry of computer security. While accomplishing this work, we noticed that the ontologies proposed by Sadighian (2015)were hard to apply in the context of an expert system implementation. For that reason, we decided to develop new ontologies for that specific use. However, we had to conclude that there is no existing method to do so. We then tried to find a sequence of steps for a method that could give the possibility of implementing an expert system and we obtained ATOM (“Abstractions Translation Ontology Method”), a six steps method to answer that need: 1. Natural language definition of requests; 2. Requests translation in SPARQL 3. Raw data specification; 4. Intermediary steps creation 5. Translation rules elicitation; 6. Ontology improvements The use of this method produces three artefacts that give the possibility to implement an expert system: 1. An ontology; 2. A translation diagram; 3. A specifications document.