An Ontology-Based Approach for Zero-Day Information Security Threat Management

被引：0

作者：

Odego, John Kennedy Otieno ^{[1
]}

Ogada, Kennedy Odhiambo ^{[1
]}

Kaburu, Dennis Mugambi ^{[1
]}

机构：

[1] Jomo Kenyatta University of Agriculture and Technology, Kenya

来源：

International Journal of Information Security and Privacy | 2025年 / 19卷 / 01期

关键词：

Information Security; Ontology; Threat Management; Zero-Day Security Threats;

D O I：

10.4018/IJISP.384606

中图分类号：

学科分类号：

摘要：

Zero Day security threats are diverse and manifest in many forms. Despite the growing number of zero day attacks, very little information about the kind of threat and how to defend against the threats is known by information security professionals. Signature based techniques and statistical based techniques have been seen to be less effective in handling Zero-day security threats (ZDST) since they require a new threat signature and threat profile to be learnt each time, meaning new signatures and profiles cannot be detected and behavior-based approaches have always resulted in many false positives in handling of zero-day security threats. The ZDST may result in disruptions of service, loss of data, loss of data integrity, corruption of data, systems malfunction, miscommunication, or other undesired effects on information systems. This research proposes an ontology-based approach for management of ZDST and evaluates its performance for use in detection and prevention of ZDST within the information security domain. © 2025 IGI Global. All rights reserved.

引用

共 78 条

[1]

Abaimov S., Understanding and classifying permanent denial-of-service attacks, Journal of Cybersecurity and Privacy, 4, 2, pp. 324-339, (2024)

[2]

Ablon L., Bogart A., Zero days, thousands of nights: The life and times of zero-day vulnerabilities and their exploits, (2017)

[3]

Abu-Salih B., Al-Tawil M., Khoury A., Al-Qudah D. A., Abu Zaid I., Alabdale M., Azar D., MAD-Onto: An ontology design for mobile app development, Frontiers in Artificial Intelligence, 8, (2025)

[4]

Ahmad R., Alsmadi I., Alhamdani W., Tawalbeh L., Zero-day attack detection: A systematic literature review, Artificial Intelligence Review, 56, 10, pp. 10733-10811, (2023)

[5]

Ahmadi S., Systematic literature review on cloud computing security: Threats and mitigation strategies, Journal of Information Security, 15, 2, pp. 148-167, (2024)

[6]

Alqahtani S., Eghan E. E., Rilling J., Tracing known security vulnerabilities in software repositories: A semantic web enabled modeling approach, Science of Computer Programming, 121, pp. 153-175, (2016)

[7]

Aslan O., Aktug S. S., Ozkan-Okay M., Yilmaz A. A., Akin E., A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions, Electronics (Basel), 12, 6, (2023)

[8]

Atlam H. F., Alassafi O. M., Alenezi A., Walters R. J., Wills G. B., XACML for building access control policies in internet of things, Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security, 1, pp. 253-260, (2018)

[9]

Azeezat A. A., Adebukola S. O., Adebayo A., Olushola O. B., A conceptual hybrid model of deep convolutional neural network (DCNN) and long short-term memory (LSTM) for masquerade attack detection, Information and communication technology and applications. ICTA 2020. Communications in Computer and Information Science, 1350, (2021)

[10]

Basit A., Zafar M., Liu X., Javed R. A., Jalil Z., Kifayat K., A comprehensive survey of AI-enabled phishing attacks detection techniques, (2021)

← 1 2 3 4 5 6 7 8 →