CAPEC ontology generator
DOI:
https://doi.org/10.60063/gsu.fmi.111.25-33Keywords:
attack patterns, CAPEC, cybersecurity, ontology, OWL, PythonAbstract
CAPEC is an effort coordinated by MITRE Corporation. Its aim is attack pattern database structured in taxonomies. CAPEC is available as XML document from its project site. CAPEC structure and content are under permanent change and development. It is still not mature database but may be never will.
CAPEC, CWE, and CVE are databases devoted to attacks, weaknesses, and vulnerabilities. They refer each other forming a knowledge ecosystem in cybersecurity area.
Traditional approach for knowledge presentation as information does not work well with conceptualizations under dynamics of this ecosystem and particularly of CAPEC. In this paper, an alternative approach to CAPEC knowledge presentation is proposed, as ontology. First, CAPEC structure and content are discussed and then ontology structure is introduced. CAPEC as ontology opens doors to ``open world'' concept that is more adequate to ecosystem dynamics.
CAPEC ontology is programmatically generated from CAPEC database.
CAPEC ontology generator in implemented in Python.