Jump to Navigation

Cyber Security Ontology

Goal | AutoOnto | SOB | SOX

Overall Research Goal

In order to support users (students and instructors) to search learning materials (learning objects), it is important to describe the learning objects in a meaningful way. The word-based description of the materials may capture the content of a learning object, but some times, the words occur in the text may differ from the search keywords that users enter, even though they mean the same. In this case, the search results may miss learning objects. In addition, the word-based description of learning objects may not explicitly recognize the related learning objects, hence, the search results may not capture related learning objects due to the lack of the explicit specification of relationships existing among learning objects. In order to overcome this kind of issues, we propose to use the cyber security ontology that provides the model of cyber security domain concepts (i.e. classes) underlying different linguistic expressions (terms) and the explicit model of the relationships existing among concepts. This concept-based semantic model approach can help semantic indexing of learning materials as well as semantic query re-writing to yield better search results. However, the knowledge engineering has been notoriously laborious and time consuming with mannual approaches. We address two challenges in developing the cyber security ontology:
  • First, how can we automate the ontology development process as much as possible.
  • Secondly, the ontology developed automatically should be verified by domain experts.
Our approach is to use a bootstrapping approach to automate the ontology development utilizing the existing core ontology model and the terms from the textbooks, and to refine the resulting ontology with the expert tool to validate and further develop the ontology.


The following are ongoing projects on security ontology development, security term searching and browsing based on the security ontology, and security ontology audit and verification tool to edit the ontology.
  1. AutoOnto: Bootstrapping Approach for Security Ontology Development
  2. SOB: Cyber Security Ontology Browser
  3. SOX: Cyber Security Ontology Expert Tool


  • Soon Chun
  • James Geller

AutoOnto: Bootstrapping Approach for Security Ontology Development

We developed a bootstrapping approach to semi-automatically develop a cyber security ontology based on an existing core security ontology. The approach extracts the index terms from cyber security textbooks and classifies the terms into the security ontology classes. The bootstrapping approach used term classification methods to find the appropriate classes in the ontology. See technical details in A Bootstrapping Approach for Developing Cyber Security Ontology Using Textbook Index Terms.

SOB: Cyber Security Ontology Browser

We have developed a Web application tool to navigate and browse the concepts in the cyber security ontology as well as to be able to search by concepts, called SOB (Security Ontology Browser). The tool allows user, especially students, to learn the cyber security related concepts and terms and related information, such as definitions and related concepts. Currently version presents the search results with the definition of the concepts and related concepts (e.g. superclass, subclass and instances.) Visit the site to view and search the security ontology . An earlier version of the security ontology is also shared in the Web Protege ontology community site. Visit the web protege site featuring the security ontology .

SOX: Cyber Security Ontology Expert Tool

In this module, we address the second phase of the ontology development. The domain experts should be able to browse, navigate the ontology structure and detect and correct the misaligned concepts, structures and relationships in the ontology. In addition, the unclassified terms/concepts are also entered and categorized into the concept hierarchy. The expert's validation tool should be easier to use and not overwhelming. To support this design principle, we use visual presentation as well as recommendation of appropriate concept classes for unclassified security terms. The SOX tool is available for individual security experts so that the individual ontology evolution is being tracked and compared. production version where all experts collaborate toward refining the ontology structure by term classification/re-classification and ontology restructuring, where needed. -->

Sponsored by

Main menu 2

Dr. Radut Consulting