Rethinking Cybersecurity Ontology Classification and Evaluation: Towards a Credibility-Centered Framework
By: Antoine Leblanc , Jacques Robin , Nourhène Ben Rabah and more
Potential Business Impact:
Builds trust in computer security tools.
This paper analyzes the proliferation of cybersecurity ontologies, arguing that this surge cannot be explained solely by technical shortcomings related to quality, but also by a credibility deficit - a lack of trust, endorsement, and adoption by users. This conclusion is based on our first contribution, which is a state-of-the-art review and categorization of cybersecurity ontologies using the Framework for Ontologies Classification framework. To address this gap, we propose a revised framework for assessing credibility, introducing indicators such as institutional support, academic recognition, day-to-day practitioner validation, and industrial adoption. Based on these new credibility indicators, we construct a classification scheme designed to guide the selection of ontologies that are relevant to specific security needs. We then apply this framework to a concrete use case: the Franco-Luxembourgish research project ANCILE, which illustrates how a credibility-aware evaluation can reshape ontology selection for operational contexts.
Similar Papers
Structuring Security: A Survey of Cybersecurity Ontologies, Semantic Log Processing, and LLMs Application
Cryptography and Security
Helps computers find cyber threats faster.
A Systematic Approach to Estimate the Security Posture of a Cyber Infrastructure: A Technical Report
Cryptography and Security
Finds computer attack paths to protect important data.
Incorporating Taxonomies of Cyber Incidents Into Detection Networks for Improved Detection Performance
Methodology
Finds best ways to spot online bad guys.