Semantic Modeling Approach for Software Vulnerabilities Data Sources
作者: Sultan S. Alqahtani , Juergen Rilling
DOI: 10.1109/PST47121.2019.8949047
关键词:
摘要: Data sources describing software security vulnerabilities are commonly used by engineers not only increase the of systems but also enhance productivity and reduce maintenance costs. However, with constantly growing amount available vulnerability information this being spread across heterogeneous resources, developers struggling in taking full advantage these resources. The Semantic Web its supporting technology stack have been widely promoted to support modeling, reuse interoperability among data sources. In our research we present a enabled knowledge model which provides formal semi-automated approach for unifying As part modeling approach, take Formal Concept Analysis (FCA) identify related concepts them at various abstraction levels. We illustrate applicability flexibility through several usage examples that unified inference services provide new types analysis.
sci-hub.se 参考文章(18)
Xin Bai, XiangZhen Zhou, Development of Ontology-Based Information System Using Formal Concept Analysis and Association Rules CSISE (3). pp. 121- 126 ,(2011) , 10.1007/978-3-642-23753-9_20
Su Zhang, Doina Caragea, Xinming Ou, An Empirical Study on Using the National Vulnerability Database to Predict Software Vulnerabilities Lecture Notes in Computer Science. pp. 217- 231 ,(2011) , 10.1007/978-3-642-23088-2_15
Peter F. Patel-schneider, Deborah L. Mcguinness, Diego Calvanese, Franz Baader, Daniele Nardi, The description logic handbook: theory ,(2003)
Deborah L McGuinness, Frank Van Harmelen, None, OWL Web ontology language overview W3C Recommendation. ,(2004)
Thomas Zimmermann, Stephan Neuhaus, The beauty and the beast: vulnerabilities in red hat’s packages usenix annual technical conference. pp. 30- 30 ,(2009)
Viet Hung Nguyen, Fabio Massacci, Stephan Neuhaus, After-life vulnerabilities: a study on firefox evolution, its vulnerabilities, and fixes international conference on engineering secure software and systems. pp. 195- 208 ,(2011) , 10.5555/1946341.1946361
Deborah L. McGuinness, Natalya F. Noy, Ontology Development 101: A Guide to Creating Your First Ontology ,(2002)
Sergei O. Kuznetsov, On stability of a formal concept Annals of Mathematics and Artificial Intelligence. ,vol. 49, pp. 101- 115 ,(2007) , 10.1007/S10472-007-9053-6
Stephan Neuhaus, Thomas Zimmermann, Security Trend Analysis with CVE Topic Models international symposium on software reliability engineering. pp. 111- 120 ,(2010) , 10.1109/ISSRE.2010.53
Jyotirmaya Nanda, Timothy W. Simpson, Soundar R. T. Kumara, Steven B. Shooter, A Methodology for Product Family Ontology Development Using Formal Concept Analysis and Web Ontology Language Journal of Computing and Information Science in Engineering. ,vol. 6, pp. 103- 113 ,(2006) , 10.1115/1.2190237