CAPEC ontology

Authors

DOI:

https://doi.org/10.60063/gsu.fmi.110.63-83

Keywords:

attack patterns, CAPEC, cybersecurity, ontology, OWL

Abstract

CAPEC is an effort coordinated by MITRE Corporation. Its aim is attack pattern database structured in taxonomies. CAPEC is available as XML document from its project site. CAPEC structure and content are under permanent change and development. It is still not mature database but may be never will.

CAPEC, CWE, and CVE are databases devoted to attacks, weaknesses, and vulnerabilities. They refer each other forming a knowledge ecosystem in cybersecurity area.

Traditional approach for knowledge presentation as information does not work well with conceptualizations under dynamics of this ecosystem and particularly of CAPEC. In this paper an alternative approach to CAPEC knowledge presentation is proposed, as ontology. First, CAPEC structure and content are discussed and then ontology structure is introduced. CAPEC as ontology opens doors to ``open world'' concept that is more adequate to ecosystem dynamics.

Downloads

Published

2023-11-12

How to Cite

Dimitrov, V. (2023). CAPEC ontology. Ann. Sofia Univ. Fac. Math. And Inf., 110, 63–83. https://doi.org/10.60063/gsu.fmi.110.63-83